{"id":18842693,"url":"https://github.com/dotenv-org/dotenv-vault-ruby","last_synced_at":"2025-04-14T07:31:50.647Z","repository":{"id":62559678,"uuid":"536343857","full_name":"dotenv-org/dotenv-vault-ruby","owner":"dotenv-org","description":"Load environment variables from encrypted .env.vault files","archived":false,"fork":false,"pushed_at":"2023-07-28T19:38:54.000Z","size":81,"stargazers_count":4,"open_issues_count":1,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-05-29T22:14:34.279Z","etag":null,"topics":["configuration","dotenv","env","environment","environment-variables","ruby","secretops-platform"],"latest_commit_sha":null,"homepage":"https://www.dotenv.org/docs/languages/ruby","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dotenv-org.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-09-13T23:36:39.000Z","updated_at":"2023-10-11T16:26:24.000Z","dependencies_parsed_at":"2023-10-17T05:01:18.206Z","dependency_job_id":"3f2226b7-7502-4140-a4bf-c73591b21103","html_url":"https://github.com/dotenv-org/dotenv-vault-ruby","commit_stats":{"total_commits":78,"total_committers":1,"mean_commits":78.0,"dds":0.0,"last_synced_commit":"f0be73c3783d709d3b1dcce52be9cc90171ecf17"},"previous_names":[],"tags_count":16,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault-ruby","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault-ruby/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault-ruby/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dotenv-org%2Fdotenv-vault-ruby/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dotenv-org","download_url":"https://codeload.github.com/dotenv-org/dotenv-vault-ruby/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248839441,"owners_count":21169817,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["configuration","dotenv","env","environment","environment-variables","ruby","secretops-platform"],"created_at":"2024-11-08T02:55:28.996Z","updated_at":"2025-04-14T07:31:50.377Z","avatar_url":"https://github.com/dotenv-org.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# dotenv-vault [![Gem Version](https://badge.fury.io/rb/dotenv-vault.svg)](https://badge.fury.io/rb/dotenv-vault)\n\n\u003cimg src=\"https://raw.githubusercontent.com/motdotla/dotenv/master/dotenv.svg\" alt=\"dotenv-vault\" align=\"right\" width=\"200\" /\u003e\n\nExtends the proven \u0026 trusted foundation of [dotenv](https://github.com/bkeepers/dotenv), with `.env.vault` file support.\n\nThe extended standard lets you load encrypted secrets from your `.env.vault` file in production (and other) environments. Brought to you by the same people that pioneered [dotenv-nodejs](https://github.com/motdotla/dotenv).\n\n* [🌱 Install](#-install)\n* [🏗ī¸ Usage (.env)](#%EF%B8%8F-usage)\n* [🚀 Deploying (.env.vault) 🆕](#-deploying)\n* [🌴 Multiple Environments](#-manage-multiple-environments)\n* [❓ FAQ](#-faq)\n* [⏱ī¸ Changelog](./CHANGELOG.md)\n\n## 🌱 Install\n\n### Rails\n\nAdd this line to the top of your application's Gemfile:\n\n```ruby\ngem \"dotenv-vault-rails\", require: \"dotenv-vault/rails-now\"\n```\n\nAnd then execute:\n\n```shell\n$ bundle\n```\n\n### Sinatra or Plain ol' Ruby\n\nInstall the gem:\n\n```shell\n$ gem install dotenv-vault\n```\n\nAs early as possible in your application bootstrap process, load `.env`:\n\n```ruby\nrequire \"dotenv-vault/load\"\n\n# or\nrequire \"dotenv-vault\"\nDotenvVault.load\n```\n\n## 🏗ī¸ Usage\n\nDevelopment usage works just like [dotenv](https://github.com/bkeepers/dotenv).\n\nAdd your application configuration to your `.env` file in the root of your project:\n\n```shell\nS3_BUCKET=YOURS3BUCKET\nSECRET_KEY=YOURSECRETKEYGOESHERE\n```\n\nWhen your application loads, these variables will be available in `ENV`:\n\n```ruby\nconfig.fog_directory = ENV[\"S3_BUCKET\"]\n```\n\n## 🚀 Deploying\n\nEncrypt your `.env.vault` file.\n\n```bash\n$ npx dotenv-vault build\n```\n\nFetch your production `DOTENV_KEY`.\n\n```bash\n$ npx dotenv-vault keys production\n```\n\nSet `DOTENV_KEY` on your server.\n\n```bash\n# heroku example\nheroku config:set DOTENV_KEY=dotenv://:key_1234â€Ļ@dotenv.org/vault/.env.vault?environment=production\n```\n\nThat's it! On deploy, your `.env.vault` file will be decrypted and its secrets injected as environment variables – just in time.\n\n*ℹī¸ A note from [Mot](https://github.com/motdotla): Until recently, we did not have an opinion on how and where to store your secrets in production. We now strongly recommend generating a `.env.vault` file. It's the best way to prevent your secrets from being scattered across multiple servers and cloud providers – protecting you from breaches like the [CircleCI breach](https://techcrunch.com/2023/01/05/circleci-breach/). Also it unlocks interoperability WITHOUT native third-party integrations. Third-party integrations are [increasingly risky](https://coderpad.io/blog/development/heroku-github-breach/) to our industry. They may be the 'du jour' of today, but we imagine a better future.*\n\n\u003ca href=\"https://github.com/dotenv-org/dotenv-vault#dotenv-vault-\"\u003eLearn more at dotenv-vault: Deploying\u003c/a\u003e\n\n## 🌴 Manage Multiple Environments\n\nEdit your production environment variables.\n\n```bash\n$ npx dotenv-vault open production\n```\n\nRegenerate your `.env.vault` file.\n\n```bash\n$ npx dotenv-vault build\n```\n\n*ℹī¸ 🔐 Vault Managed vs đŸ’ģ Locally Managed: The above example, for brevity's sake, used the 🔐 Vault Managed solution to manage your `.env.vault` file. You can instead use the đŸ’ģ Locally Managed solution. [Read more here](https://github.com/dotenv-org/dotenv-vault#how-do-i-use--locally-managed-dotenv-vault). Our vision is that other platforms and orchestration tools adopt the `.env.vault` standard as they did the `.env` standard. We don't expect to be the only ones providing tooling to manage and generate `.env.vault` files.*\n\n\u003ca href=\"https://github.com/dotenv-org/dotenv-vault#-manage-multiple-environments\"\u003eLearn more at dotenv-vault: Manage Multiple Environments\u003c/a\u003e\n\n## ❓ FAQ\n\n#### What happens if `DOTENV_KEY` is not set?\n\nDotenv Vault gracefully falls back to [dotenv](https://github.com/bkeepers/dotenv) when `DOTENV_KEY` is not set. This is the default for development so that you can focus on editing your `.env` file and save the `build` command until you are ready to deploy those environment variables changes.\n\n#### Should I commit my `.env` file?\n\nNo. We **strongly** recommend against committing your `.env` file to version control. It should only include environment-specific values such as database passwords or API keys. Your production database should have a different password than your development database.\n\n#### Should I commit my `.env.vault` file?\n\nYes. It is safe and recommended to do so. It contains your encrypted envs, and your vault identifier.\n\n#### Can I share the `DOTENV_KEY`?\n\nNo. It is the key that unlocks your encrypted environment variables. Be very careful who you share this key with. Do not let it leak.\n\n## Contributing\n\n1. Fork it\n2. Create your feature branch (`git checkout -b my-new-feature`)\n3. Commit your changes (`git commit -am 'Added some feature'`)\n4. Push to the branch (`git push origin my-new-feature`)\n5. Create new Pull Request\n\n## Changelog\n\nSee [CHANGELOG.md](CHANGELOG.md)\n\n## Development\n\n1. Bump and tag version\n2. rake release\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotenv-org%2Fdotenv-vault-ruby","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdotenv-org%2Fdotenv-vault-ruby","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdotenv-org%2Fdotenv-vault-ruby/lists"}