README
¶
secenv
Secenv is a small tool for running commands with environments and command-line (CLI) arguments read from SOPS-encrypted environment files. CLI arguments can be set from environment files via templating, described in secenv(1).
Installation
Currently, secenv must be installed from source. For that, you will need
Go v1.15 or later installed. Once installed, you can run go get go.spiff.io/secenv to install secenv. After that, it should be
available at $GOBIN/secenv (by default, this is ~/go/bin/secenv).
License
secenv is licensed under the GNU GPL version 3. The license text can be found under COPYING.
Documentation
¶
Overview ¶
Command secenv is used to run a command with previously-encrypted environment variables.
It functions the same as env, except it will decrypt a file using sops, extract values from that file, and inject them into the environment as key-value pairs. Any nested datastructures are marshaled as JSON.
Arguments can also be expanded using Go templates by passing -T.
Usage:
secenv [options] [envfiles] -- [cmd arg...] Execute a command with environment variables set from a SOPS-encrypted files. Arguments may be templated if the -T option is given. Options: -T Template arguments using Go templates. See secenv(1) for template information. -t=FMT Set the SOPS file format (only json and yaml are currently supported). Defaults to inferring from the file's extension. -i Drop the current process environment and only set variables found in envfiles. -n Do not set env vars for values found in the env file. This can be set alongside -T to only set values via CLI argument templating.
Source Files