• This repository has been archived on 16/Feb/2023
  • Stars
    star
    131
  • Rank 275,867 (Top 6 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created almost 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A secrets management platform that every engineer can use with minimal code changes.

1Password SecretHub has joined 1Password! Find out more on the SecretHub blog. 🎉


SecretHub


Get Started View Docs


SecretHub CLI

GoDoc CircleCI Go Report Card Version Discord

The SecretHub CLI provides the command-line interface to interact with the SecretHub API.

SecretHub is a secrets management tool that works for every engineer. Securely provision passwords and keys throughout your entire stack with just a few lines of code.

Usage

Below you can find a selection of some of the most-used SecretHub commands. Run secrethub --help or the CLI reference docs for a complete list of all commands.

Reading and writing secrets

$ secrethub read <path/to/secret>
Print a secret to stdout.

$ secrethub generate <path/to/secret>
Generate a random value and store it as a new version of a secret

$ secrethub write <path/to/secret>
Ask for a value to store as a secret.

$ echo "mysecret" | secrethub write <path/to/secret>
Store a piped value as a secret.

$ secrethub write -i <filename> <path/to/secret>
Store the contents of a file as a secret.

Provisioning your applications with secrets

$ export MYSECRET=secrethub://path/to/secret
$ secrethub run -- <executable/script>
Automatically load secrets into environment variables and provide them to the wrapped executable or script.

$ echo "mysecret: {{path/to/secret}}" | secrethub inject
Read a configuration template from stdin and automatically inject secrets into it.

Access control

$ secrethub service init <namespace>/<repo> --permission <dir>:<read/write/admin>
Create a service account for the given repository and automatically grant read, write or admin permission on the given directory.

$ secrethub acl set <path/to/directory> <account-name> <read/write/admin>
Grant an account read, write or admin permission on a directory.

$ secrethub repo revoke <namespace>/<repo> <account-name>
Revoke an account's access to a repository.

Integrations

SecretHub integrates with all the tools you already know and love.

Check out the Integrations page to find out how SecretHub works with your tools.

Getting help

Come chat with us on Discord or email us at [email protected]

Development

Pull requests from the community are welcome. If you'd like to contribute, please checkout the contributing guidelines.

Build

To build from source, having Golang installed is required. To build the binary in the current directory, run:

make build

Install

To install the binary in the GOBIN directory, run:

make install

Test

Run all tests:

make test

Run tests for one package:

go test ./internals/secrethub

Run a single test:

go test ./internals/secrethub -run TestWriteCommand_Run