Documentation ¶
Overview ¶
Command secenv is used to run a command with previously-encrypted environment variables.
It functions the same as env, except it will decrypt a file using sops, extract values from that file, and inject them into the environment as key-value pairs. Any nested datastructures are marshaled as JSON.
Arguments can also be expanded using Go templates by passing -T.
Usage:
secenv [options] [envfiles] -- [cmd arg...] Execute a command with environment variables set from a SOPS-encrypted files. Arguments may be templated if the -T option is given. Options: -T Template arguments using Go templates. See secenv(1) for template information. -t=FMT Set the SOPS file format (only json and yaml are currently supported). Defaults to inferring from the file's extension. -i Drop the current process environment and only set variables found in envfiles. -n Do not set env vars for values found in the env file. This can be set alongside -T to only set values via CLI argument templating.
Click to show internal directories.
Click to hide internal directories.