envchain
envconsul
envchain | envconsul | |
---|---|---|
3 | 4 | |
1,139 | 1,993 | |
- | 0.2% | |
0.0 | 5.9 | |
almost 2 years ago | 3 months ago | |
C | Go | |
MIT License | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
envchain
-
How do you protect your secret keys in your local computer?
I use https://github.com/sorah/envchain. It stores your secrets in Keychain (macOS) or gnome-keyring.
-
Secretlint 6: masking API tokens in .bash_history and .zsh_history
Credentials are often stored as raw text in .config/ or ~/.aws. These can be found in 1Password Shell Plugins, op run, zenv, envchain, etc. to avoid storing raw tokens in files.
-
How to Handle Secrets on the Command Line
You have envchain to store secrets as ENV variables in your keyring and execute commands:
https://github.com/sorah/envchain
Not really something you would use for production web apps, I think envconsul covers that usecase:
https://github.com/hashicorp/envconsul
envconsul
- Ask HN: Developers/DevOps, how do you manage environment variables?
-
Can one use Vault to inject environment variables needed to setup on stack up rather than saving them in environment files with docker-compose?
Might not perfectly fit but I think that was one of the ideas behind - https://github.com/hashicorp/envconsul (which can use Vault as a source), and probably to a degree consul-template (though a quick skim of the documentation and I'm not sure if can use Vault as a source.)
-
How to Handle Secrets on the Command Line
You have envchain to store secrets as ENV variables in your keyring and execute commands:
https://github.com/sorah/envchain
Not really something you would use for production web apps, I think envconsul covers that usecase:
https://github.com/hashicorp/envconsul
-
To those who have set up some kind of automatic deployment of their services on pushes to a git repo, how do you manage environment variables/.env files?
Have you looked into Hashicorp's consul + envconsul? You can also encrypt data using their vault.
What are some alternatives?
Mosh - Mobile Shell
sops - Simple and flexible tool for managing secrets
gosec - Go security checker
zsh-secrets - Storing GPG encrypted environment variables
platform-compat - Roslyn analyzer that finds usages of APIs that will throw PlatformNotSupportedException on certain platforms.
s6-overlay - s6 overlay for containers (includes execline, s6-linux-utils & a custom init)
dotfiles - Home directory with an absurd amount of tweaks
selfhosted - docker compose + traefik + tailscale
secretlint - Pluggable linting tool to prevent committing credential.
ShellCheck - ShellCheck, a static analysis tool for shell scripts