Go Secrets

Open-source Go projects categorized as Secrets

Top 23 Go Secret Projects

  1. Vault

    A tool for secrets management, encryption as a service, and privileged access management

    Project mention: Goodbye ClickOps, Say Hi to Terraform | dev.to | 2025-05-16

    I’ve been running Nomad, Consul, and Vault (aka the full HashiStack) on an AWS EC2 instance for a while now. It worked.

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo
  3. trufflehog

    Find, verify, and analyze leaked credentials

    Project mention: Ask HN: What are you working on? (April 2025) | news.ycombinator.com | 2025-04-27

    Will monitor your progress

    Also be interesting to see what trufflehog finds (should be false positive)

    https://github.com/trufflesecurity/trufflehog

  4. Reloader

    A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!

  5. SecretScanner

    :unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

  6. chamber

    CLI for managing secrets

    Project mention: AWS Secrets Manager Agent | news.ycombinator.com | 2024-07-11

    This seems like quite a lot of setup and hassle for what could be handled some other way with less fuss, like chamber[0] or Doppler[1]. Heck, even the classic .env seems like a better choice in every way.

    What are the advantages to a configuration like this? Seems the HTTP interface with non-encrypted cache and separate agent situation isn’t something secure enough to satisfy most companies these days.

    [0] https://github.com/segmentio/chamber

    [1] https://www.doppler.com/

  7. talisman

    Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.

  8. git-hound

    GitHub recon tool leveraging Code Search API. Scans for exposed API keys across all of GitHub, not just known repos and orgs. Support for GitHub dorks.

  9. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  10. Whaler

    Program to reverse Docker images into Dockerfiles

  11. vault-secrets-operator

    Create Kubernetes secrets from Vault for a secure GitOps based workflow.

  12. Sup3rS3cretMes5age

    Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend

  13. medusa

    A cli tool for importing and exporting Hashicorp Vault secrets (by jonasvinther)

  14. rot

    Boring Cryptography Tooling for Humans

    Project mention: Ask HN: How do you share and sync .env files and secrets with your team | news.ycombinator.com | 2024-09-08

    I built Rot to solve this. It creates a git diff-able list of keyrings and secrets that you can inject via environment variables to sub commands, like `rot run mykeyring terraform apply`. You can use Shamir Secret Sharing to create "disaster recovery" access into the keyrings too.

    https://rotx.dev

  15. azure-key-vault-to-kubernetes

    Azure Key Vault to Kubernetes (akv2k8s for short) makes it simple and secure to use Azure Key Vault secrets, keys and certificates in Kubernetes.

  16. agebox

    Age based repository file encryption gitops tool

    Project mention: Do not use secrets in environment variables and | news.ycombinator.com | 2024-10-07

    I use `age` and `agebox` (https://github.com/slok/agebox) but same idea. I set up pre-commit and post-pull hooks to encrypt and decrypt all the env files I use in docker compose.

  17. ssmsh

    A shell for the EC2 Parameter Store

  18. secrets-store-csi-driver-provider-gcp

    Google Secret Manager provider for the Secret Store CSI Driver.

  19. esc

    Pulumi ESC is a centralized, secure service for environments, secrets, and configuration management, optimized for multi-cloud infrastructures and applications. (by pulumi)

  20. squealer

    Telling tales on you for leaking secrets!

  21. git-alerts

    Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files

    Project mention: Tool to detect and monitor GitHub org users' public repositories | news.ycombinator.com | 2024-12-26
  22. kube-secret-syncer

    A Kubernetes operator to sync secrets from AWS Secrets Manager

  23. secretgen-controller

    secretgen-controller provides CRDs to specify what secrets need to be on Kubernetes cluster (to be generated or not)

  24. trousseau

    Store and access your secrets the Kubernetes native way with any external KMS.

  25. vals-operator

    Kubernetes Operator to sync secrets between different secret backends and Kubernetes

  26. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Go Secrets discussion

Log in or Post with

Go Secrets related posts

  • Goodbye ClickOps, Say Hi to Terraform

    1 project | dev.to | 16 May 2025
  • OAuth2 for System-to-System Authentication: A Deep Dive into the Client Credentials Flow

    1 project | dev.to | 18 Feb 2025
  • Top DevSecOps Tools for 2025

    6 projects | dev.to | 9 Jan 2025
  • Tool to detect and monitor GitHub org users' public repositories

    1 project | news.ycombinator.com | 26 Dec 2024
  • Mastering Key Vaults - Securing Quella’s Sensitive Assets Like a Pro

    1 project | dev.to | 13 Dec 2024
  • Production-Ready Terraform Module for Seamless Disaster Recovery: Primary and Secondary Clusters with Zero Downtime

    2 projects | dev.to | 18 Nov 2024
  • Scrt: A command-line secret manager for developers

    1 project | news.ycombinator.com | 31 Oct 2024
  • A note from our sponsor - SaaSHub
    www.saashub.com | 18 May 2025
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Secret projects in Go? This list will help you:

# Project Stars
1 Vault 32,390
2 trufflehog 19,060
3 Reloader 8,514
4 SecretScanner 3,194
5 chamber 2,506
6 talisman 1,987
7 git-hound 1,295
8 Whaler 1,121
9 vault-secrets-operator 658
10 Sup3rS3cretMes5age 535
11 medusa 526
12 rot 504
13 azure-key-vault-to-kubernetes 451
14 agebox 300
15 ssmsh 298
16 secrets-store-csi-driver-provider-gcp 247
17 esc 245
18 squealer 232
19 git-alerts 218
20 kube-secret-syncer 197
21 secretgen-controller 186
22 trousseau 176
23 vals-operator 163

Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com

Did you know that Go is
the 4th most popular programming language
based on number of references?