Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/amagioss/slv

Securely store, share, and access secrets alongside the codebase.
https://github.com/amagioss/slv

cryptography encryption engineering-enablement local secrets secrets-manager secure secure-local-vault slv vault

Last synced: about 8 hours ago
JSON representation

Securely store, share, and access secrets alongside the codebase.

Host: GitHub
URL: https://github.com/amagioss/slv
Owner: amagioss
License: mit
Created: 2023-10-25T10:29:08.000Z (about 1 year ago)
Default Branch: main
Last Pushed: 2024-10-20T20:36:53.000Z (26 days ago)
Last Synced: 2024-10-21T01:07:06.300Z (25 days ago)
Topics: cryptography, encryption, engineering-enablement, local, secrets, secrets-manager, secure, secure-local-vault, slv, vault
Language: Go
Homepage: https://oss.amagi.com/slv/
Size: 707 KB
Stars: 32
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# SLV - Secure Local Vault
Securely store, share, and access secrets alongside the codebase.

SLV is designed based on the following **key principles**
- Anyone can add or update secrets, however will not be able to read them unless they have access to the vault
- An environment should have a single identity that will give access to all necessary secrets from any vault shared with it

## Installation
Download the latest SLV binary from the [releases](https://github.com/amagioss/slv/releases/latest) page and add it to your path.

### Homebrew
SLV can be installed with brew using the following command on macOS
```zsh
brew install amagioss/slv/slv
```

### Install Script

#### Install Latest Version
**With Shell (MacOs/Linux):**
```sh
curl -fsSL https://oss.amagi.com/slv/install.sh | sh
```
**With PowerShell (Windows):**
```powershell
irm https://oss.amagi.com/slv/install.ps1 | iex
```

#### Install Specific Version
**With Shell (MacOs/Linux):**
```sh
curl -fsSL https://oss.amagi.com/slv/install.sh | sh -s v0.1.7
```
**With PowerShell (Windows):**
```powershell
$v="0.1.7"; irm https://oss.amagi.com/slv/install.ps1 | iex
```

### Docker
You can also run SLV without installing using Docker:
```zsh
docker run -it --rm -v $PWD:/workspace ghcr.io/amagioss/slv:latest version
```

## Usage

#### Create a new profile
```sh
$ slv profile new -n amagi

Created profile: amagi
```

#### Create a new environment
```sh
$ slv env new service -n alice -e [email protected] --add

Public Key: SLV_EPK_AEAUKAAAAD6XTJCYBCIHYKDPPHQN3YNDEVBOFCOIVDMGESLJFH65KG3VULVBK
Name: alice
Email: [email protected]
Tags: []
------------------------------------------------------------
Env Definition: SLV_EDS_AF4JYNGKJ5FYMMA4YDY7P4R3JOLYPHWDJZWW57U35FBB26MSWV7MQYC3UIUUT5G6IOROHF7P44N5J7XGTWKXQAUBV3LJGUDSUKBA5ESSJL473NNP2KI2KZJRJKXFJ4OS3TDIMC6N3IWG2S6NT5Z5DVKVK3OB6ZL62NB23GMEAQNBGEAIDDXSYQQCEIMOP773BG7UYWB4H3MI64F5PD2OO4XJBXL6HT7XM3PIBRG57MCDVNBLPYZBPX25TSAQB7H4AYAAB777D2YDPOA

Secret Key: SLV_ESK_AEAEKAAATI5CXB7QMFSUGY4RUT6UTUSK7SGMIECTJKRTQBFY6BN5ZV5M5XGF6DWLV2RVCJJSMXH43DJ6A5TK7Y6L6PYEMCDGQRBX46GUQPUIYUQ
```

#### Create a vault
- To create a vault and share it with the environment `alice`, use the following command
```sh
$ slv vault new -v test.slv.yaml -s alice

Created vault: test.slv.yaml
```
- To create a K8s compatible vault, use the following command
```sh
$ slv vault new -v test.slv.yaml -s alice --k8s production

Created vault: test.slv.yaml
```

#### Add secrets to the vault
```sh
$ slv vault put -v test.slv.yaml -n db_password -s "super_secret_pwd"

Added secret: db_password to vault: test.slv.yaml
```

#### Get secrets from the vault
Set the environment variable `SLV_ENV_SECRET_KEY` to the secret key generated in the previous step
```sh
$ export SLV_ENV_SECRET_KEY=SLV_ESK_AEAEKAAATI5CXB7QMFSUGY4RUT6UTUSK7SGMIECTJKRTQBFY6BN5ZV5M5XGF6DWLV2RVCJJSMXH43DJ6A5TK7Y6L6PYEMCDGQRBX46GUQPUIYUQ
$ slv vault get -v test.slv.yaml -n db_password

super_secret_pwd
```

#### Share the vault with other environments
Ensure that the current environment has access to the vault in order to share it with other environments
```sh
$ slv vault share -v test.slv.yaml -s bob

Shared vault: test.slv.yaml
```
Once shared, the other environments can access the vault using their respective secret keys

## Integrations
Some of the integrations that SLV currently supports are:
- [Kubernetes](/docs/KUBERNETES.md)
- [GitHub Actions](https://github.com/amagioss/slv-action)