{"id":28064374,"url":"https://github.com/ysmood/goe","last_synced_at":"2025-08-19T15:07:58.008Z","repository":{"id":155761655,"uuid":"632313509","full_name":"ysmood/goe","owner":"ysmood","description":"A simple lib to load, parse and share environment variables.","archived":false,"fork":false,"pushed_at":"2025-03-22T06:12:40.000Z","size":57,"stargazers_count":39,"open_issues_count":0,"forks_count":9,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-05-12T13:56:16.709Z","etag":null,"topics":["dotenv","environment-variables","public-key-encryption","secret-distribution","secret-management"],"latest_commit_sha":null,"homepage":"https://pkg.go.dev/github.com/ysmood/goe","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ysmood.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-04-25T06:43:50.000Z","updated_at":"2025-03-22T06:12:44.000Z","dependencies_parsed_at":"2023-12-07T07:29:33.367Z","dependency_job_id":"cc96945a-eba8-4e3e-8b62-2661c49580ea","html_url":"https://github.com/ysmood/goe","commit_stats":null,"previous_names":["ysmood/goe","ysmood/dotenv"],"tags_count":38,"template":false,"template_full_name":null,"purl":"pkg:github/ysmood/goe","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ysmood%2Fgoe","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ysmood%2Fgoe/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ysmood%2Fgoe/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ysmood%2Fgoe/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ysmood","download_url":"https://codeload.github.com/ysmood/goe/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ysmood%2Fgoe/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271173352,"owners_count":24711667,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-19T02:00:09.176Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dotenv","environment-variables","public-key-encryption","secret-distribution","secret-management"],"created_at":"2025-05-12T13:51:10.701Z","updated_at":"2025-08-19T15:07:57.953Z","avatar_url":"https://github.com/ysmood.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Overview\n\nIt provide some common helpers to load environment variables.\n\n- No struct tag magic, only composable functions, better IDE autocomplete.\n- `.env` file encryption and decryption.\n- Use default value as return type (with [go generics](https://go.dev/blog/intro-generics)).\n- Recursively search for the `.env` file, easier sub package unit testing.\n- Auto [expand](https://pkg.go.dev/os#Expand) the environment variables in the `.env` file.\n- Auto parse base64 encoded value.\n- Auto read file content if the value is a file path.\n- Customizable parser.\n- Composable functions, easy to extend.\n\nFor usage check the [example](example/basic.go).\n\nAbout the format of `.env`: [link](https://github.com/compose-spec/compose-go/tree/main/dotenv)\n\n## CLI tool\n\nGo to the [release page](https://github.com/ysmood/goe/releases) to download the CLI binary.\n\nUsage examples:\n\n```bash\n# By default it will use .env file in current working directory to start a new shell.\ngoe\n\n# Load file file/path/.env.dev as dotenv file.\ngoe file/path/.env.dev\n\n# If there are arguments after the dotenv, they will be executed without starting a new shell.\ngoe .env.dev node app.js\n```\n\n## Safely share .env file with team members\n\n`.env` file usually contains sensitive information, like database password, API key, etc.\nIt's not recommended to commit it to the version control system, but it's usually required to run the project.\n\nWe can use the [whisper](https://github.com/ysmood/whisper) tool to encrypt the `.env` file and commit it to the version control system.\nThen only selected team members can access it.\n\nFirst create a whisper batch config file `whisper.json` beside the `.env` file:\n\n```json\n{\n  \"files\": {\n    \".env\": [\"@alice\", \"@bob\"]\n  }\n}\n```\n\nHere `alice` and `bob` are the github user ids.\n\nThen run the command to encrypt the `.env` file:\n\n```bash\ngo run github.com/ysmood/whisper@latest -be whisper.json\n```\n\nThen you can safely commit generated `.env.wsp` file to the version control system.\n\nTo decrypt the `.env` file:\n\n```bash\ngo run github.com/ysmood/whisper@latest -bd whisper.json\n```\n\nIf you have several teams to manage, you might want to create a dedicated git repo like `https://github.com/your-org/vault` to hold all the `.env` files for different services.\nThen you can use command like this to decrypt the `web.env.wsp` file to your local:\n\n```bash\ngo run github.com/ysmood/whisper@latest -d https://github.com/your-org/vault/blob/main/web.env.wsp \u003e .env\n```\n\n### Decrypt .env int Github Actions\n\nGenerate a key pair for the CI:\n\n```bash\nwhisper -gen-key id_ci\n```\n\nIt will generate two files `id_ci` and `id_ci.pub`. When we encrypt `.env` we add the `id_ci.pub` as a recipient.\n\nAdd the `id_ci` to the [Github Action secret](https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions).\n\nAssume the Github secret name is `ID_CI`, then we can decrypt the file in the Github Action:\n\n```yaml\nname: Test\n\non: [push]\n\nenv:\n  WHISPER_DEFAULT_KEY: ${{ secrets.ID_CI }}\n\njobs:\n  test:\n    runs-on: ubuntu-latest\n\n    steps:\n      - uses: actions/setup-go@v4\n        with:\n          go-version: 1.21\n\n      - name: setup .env\n        run: go run github.com/ysmood/whisper@latest https://github.com/your-org/vault/blob/main/web.env.wsp \u003e .env\n\n      - name: test\n        run: go test ./...\n```\n\nUsually you will use whisper to encrypt the `id_ci` file to the team's vault repo.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fysmood%2Fgoe","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fysmood%2Fgoe","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fysmood%2Fgoe/lists"}