{"id":44652521,"url":"https://github.com/allisson/secrets","last_synced_at":"2026-03-03T03:17:46.908Z","repository":{"id":338490239,"uuid":"1145470404","full_name":"allisson/secrets","owner":"allisson","description":"A lightweight secrets manager with envelope encryption, transit encryption, API auth, and audit logs.","archived":false,"fork":false,"pushed_at":"2026-02-14T19:40:46.000Z","size":589,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-15T03:39:41.779Z","etag":null,"topics":["aes-gcm","chacha20-poly1305","encryption","secrets-engine","transit-engine"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/allisson.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/contributing.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-01-29T20:51:13.000Z","updated_at":"2026-02-14T19:40:18.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/allisson/secrets","commit_stats":null,"previous_names":["allisson/secrets"],"tags_count":2,"template":false,"template_full_name":"allisson/go-project-template","purl":"pkg:github/allisson/secrets","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allisson%2Fsecrets","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allisson%2Fsecrets/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allisson%2Fsecrets/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allisson%2Fsecrets/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/allisson","download_url":"https://codeload.github.com/allisson/secrets/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/allisson%2Fsecrets/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29623548,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-19T13:04:20.082Z","status":"ssl_error","status_checked_at":"2026-02-19T13:03:33.775Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes-gcm","chacha20-poly1305","encryption","secrets-engine","transit-engine"],"created_at":"2026-02-14T21:11:17.949Z","updated_at":"2026-03-03T03:17:46.902Z","avatar_url":"https://github.com/allisson.png","language":"Go","funding_links":[],"categories":["others"],"sub_categories":[],"readme":"# 🔐 Secrets\n\nA lightweight secrets manager with envelope encryption, transit encryption, API auth, and audit logs.\n\n[![CI](https://github.com/allisson/secrets/workflows/CI/badge.svg)](https://github.com/allisson/secrets/actions)\n[![Go Report Card](https://goreportcard.com/badge/github.com/allisson/secrets)](https://goreportcard.com/report/github.com/allisson/secrets)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n\nSecrets is inspired by **HashiCorp Vault** ❤️, but it is intentionally **much simpler** and was **not designed to compete with Vault**.\n\n\u003e [!WARNING]\n\u003e While in versions `v0.x.y`, this project is not yet recommended for production deployment and the API is not yet stable and is subject to many changes. It will only be recommended for production when it reaches version `v1.0.0`.\n\n## ✨ Features\n\n- **Authentication \u0026 Authorization:** Token-based auth with Argon2id password hashing and capability-based path-matching policies.\n- **KMS Integration:** Native support for Google Cloud KMS, AWS KMS, Azure Key Vault, and HashiCorp Vault.\n- **Dual Database Support:** Compatible with PostgreSQL 12+ and MySQL 8.0+ out of the box.\n- **Observability:** OpenTelemetry metrics with Prometheus-compatible endpoints.\n\n## 📦 Main Engines\n\n### [Secret Engine](docs/engines/secrets.md)\n\nProvides versioned, encrypted storage for your application secrets using envelope encryption. Keep passwords and API keys secure at rest.\n\n### [Transit Engine](docs/engines/transit.md)\n\nOffers Encryption as a Service (EaaS). Encrypt and decrypt data on the fly without storing the payload in the Secrets database.\n\n### [Tokenization Engine](docs/engines/tokenization.md)\n\nFormat-preserving token generation for sensitive values (e.g., credit cards) with deterministic options and lifecycle management.\n\n### [Audit Logs](docs/observability/audit-logs.md)\n\nTamper-resistant cryptographic audit logs capture capability checks and access attempts for monitoring and compliance.\n\n## 🚀 Quick Start\n\nChoose your preferred deployment method to get started:\n\n1. 🐳 **Run with Docker image (recommended)**: [Docker Guide](docs/getting-started/docker.md)\n2. 💻 **Run locally for development**: [Local Development Guide](docs/getting-started/local-development.md)\n3. 📦 **Run with pre-compiled binary**: [Binary Guide](docs/getting-started/binary.md)\n\n## 📚 Documentation\n\nSee our detailed guides in the `docs/` directory:\n\n- [API Authentication](docs/auth/authentication.md)\n- [Client Management](docs/auth/clients.md)\n- [Policies Cookbook](docs/auth/policies.md)\n- [CLI Commands](docs/cli-commands.md)\n\n## 📄 License\n\nMIT. See `LICENSE`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fallisson%2Fsecrets","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fallisson%2Fsecrets","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fallisson%2Fsecrets/lists"}