a cli tool to manage and deploy configurations and secrets across multiple environments all stored inside your repository
Home Page: https://benammann.github.io/git-secrets
License: MIT License
description tbd
may be more secure than AES ?
old syntax
git-secrets set secret <secretKey> --value <plainValue>: INSECURE: Uses the value directly from the --value parameternew syntax
git-secrets set secret <secretKey> <secretValue>there should be a command to change the encryption secret on the fly
# changes the encryption secret for all contexts (if not explicitly set in a custom context, see example below)
git secrets set global-secret <newSecretName>
# changes the encryption secret for a specific context
git secrets set global-secret <newSecretName> -c <contextName>to discuss: automatically check for a new release every week when executing a command.
descriptions and wordings need to be finalized
due #13 the use of a docker container should be quite simple since we do not need to mount the global .git-secrets.yaml
would be a cool feature to personalize the rendered files by git config values
currently every context inherits from the default context. This should be customizeable using the following config entries
{
"context": {
"local": {
"root": true,
...
},
"prod": {
"parent": "local",
...
}
}
}# scan in staged files
git secrets scan
# scan in all files added to the git repository (auto excludes git ignores)
git secrets scan -a
# scan and print each scanned filepath
git secrets scan -vNote: when scanning there should be used all available / accessable contexts. If there is no access to context there should be a warning and it's secrets are skipped
add add some more documentation how it is done
In case you want to be the default context more expressive you should be able to add an alias name to every context
we need some more package managers to not force people to install brew on their machines.
New Syntax should be:
export SECRET_1=secretValue
export SECRET_2=secretValue2
gs decode <secretName> --secret globalSecretName=$(SECRET_1) --secret globalSecretName1=$(SECRET_2)i want to have custom render targets like
# render target env or k8s-secrets using default context
git secrets render env
git secrets render k8s-secrets
# render target k8s-secrets using prod context
git secrets render k8s-secrets -c prod
# add file to render
git secrets add file <fileIn> <fileOut> -t <myTargetName>config would look like this
{
// optionally allows to overwrite which context to use. should be overwriteable by -c <contextName>
"useContext": "prod",
"files": [...]
}
````The current commands like encode, decode, add-context, render (--add) are hard to remember and should be more generic:
# Encode a secret and add it to the config (interactive)
git-secrets set secret mySecretKey
# Encode a secret and add it to the config (via --value)
git-secrets set secret mySecretKey --value <plainValue>
# Set a config entry
git-secrets set config myConfigKey myConfigValue
# Set a encoder secret (interactive)
git-secrets set encoderSecret mySecretKey
# Set a encoder secret via --value
git-secrets set encoderSecret mySecretKey --value <plainValue>
# Get a encoder secret
git-secret get encoderSecret mySecretKey
# Get a secret and decode it
git-secrets get secret mySecretKey
# Get a config entry
git-secrets get config myConfigKey
# Add context
git-secrets add context myContextName
# Add a file to render
git-secrets add file <fileIn> <fileOut>
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.