SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Go Secret Projects
-
I’ve been running Nomad, Consul, and Vault (aka the full HashiStack) on an AWS EC2 instance for a while now. It worked.
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
Will monitor your progress
Also be interesting to see what trufflehog finds (should be false positive)
https://github.com/trufflesecurity/trufflehog
-
Reloader
A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!
-
SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
-
This seems like quite a lot of setup and hassle for what could be handled some other way with less fuss, like chamber[0] or Doppler[1]. Heck, even the classic .env seems like a better choice in every way.
What are the advantages to a configuration like this? Seems the HTTP interface with non-encrypted cache and separate agent situation isn’t something secure enough to satisfy most companies these days.
[0] https://github.com/segmentio/chamber
[1] https://www.doppler.com/
-
talisman
Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
-
git-hound
GitHub recon tool leveraging Code Search API. Scans for exposed API keys across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
Sup3rS3cretMes5age
Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend
-
-
Project mention: Ask HN: How do you share and sync .env files and secrets with your team | news.ycombinator.com | 2024-09-08
I built Rot to solve this. It creates a git diff-able list of keyrings and secrets that you can inject via environment variables to sub commands, like `rot run mykeyring terraform apply`. You can use Shamir Secret Sharing to create "disaster recovery" access into the keyrings too.
https://rotx.dev
-
azure-key-vault-to-kubernetes
Azure Key Vault to Kubernetes (akv2k8s for short) makes it simple and secure to use Azure Key Vault secrets, keys and certificates in Kubernetes.
-
Project mention: Do not use secrets in environment variables and | news.ycombinator.com | 2024-10-07
I use `age` and `agebox` (https://github.com/slok/agebox) but same idea. I set up pre-commit and post-pull hooks to encrypt and decrypt all the env files I use in docker compose.
-
-
secrets-store-csi-driver-provider-gcp
Google Secret Manager provider for the Secret Store CSI Driver.
-
esc
Pulumi ESC is a centralized, secure service for environments, secrets, and configuration management, optimized for multi-cloud infrastructures and applications. (by pulumi)
-
-
git-alerts
Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
Project mention: Tool to detect and monitor GitHub org users' public repositories | news.ycombinator.com | 2024-12-26 -
-
secretgen-controller
secretgen-controller provides CRDs to specify what secrets need to be on Kubernetes cluster (to be generated or not)
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Go Secrets discussion
Go Secrets related posts
-
Goodbye ClickOps, Say Hi to Terraform
-
OAuth2 for System-to-System Authentication: A Deep Dive into the Client Credentials Flow
-
Top DevSecOps Tools for 2025
-
Tool to detect and monitor GitHub org users' public repositories
-
Mastering Key Vaults - Securing Quella’s Sensitive Assets Like a Pro
-
Production-Ready Terraform Module for Seamless Disaster Recovery: Primary and Secondary Clusters with Zero Downtime
-
Scrt: A command-line secret manager for developers
-
A note from our sponsor - SaaSHub
www.saashub.com | 18 May 2025
Index
What are some of the best open-source Secret projects in Go? This list will help you:
# | Project | Stars |
---|---|---|
1 | Vault | 32,390 |
2 | trufflehog | 19,060 |
3 | Reloader | 8,514 |
4 | SecretScanner | 3,194 |
5 | chamber | 2,506 |
6 | talisman | 1,987 |
7 | git-hound | 1,295 |
8 | Whaler | 1,121 |
9 | vault-secrets-operator | 658 |
10 | Sup3rS3cretMes5age | 535 |
11 | medusa | 526 |
12 | rot | 504 |
13 | azure-key-vault-to-kubernetes | 451 |
14 | agebox | 300 |
15 | ssmsh | 298 |
16 | secrets-store-csi-driver-provider-gcp | 247 |
17 | esc | 245 |
18 | squealer | 232 |
19 | git-alerts | 218 |
20 | kube-secret-syncer | 197 |
21 | secretgen-controller | 186 |
22 | trousseau | 176 |
23 | vals-operator | 163 |