https://github.com/dannyben/secret_hub
Manage GitHub secrets with support for bulk operations and organization secrets
https://github.com/dannyben/secret_hub
cli gem github-actions github-api github-secrets
Last synced: 7 months ago
JSON representation
Manage GitHub secrets with support for bulk operations and organization secrets
- Host: GitHub
- URL: https://github.com/dannyben/secret_hub
- Owner: DannyBen
- License: mit
- Created: 2020-02-14T19:10:48.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2024-02-26T09:06:37.000Z (over 1 year ago)
- Last Synced: 2024-05-01T14:12:11.180Z (over 1 year ago)
- Topics: cli, gem, github-actions, github-api, github-secrets
- Language: Ruby
- Homepage:
- Size: 82 KB
- Stars: 25
- Watchers: 4
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# SecretHub - GitHub Secrets CLI
[](https://badge.fury.io/rb/secret_hub)
[](https://github.com/DannyBen/secret_hub/actions?query=workflow%3ATest)
[](https://codeclimate.com/github/DannyBen/secret_hub/maintainability)
---
SecretHub lets you easily manage your GitHub secrets from the command line
with support for bulk operations and organization secrets.
---
## Installation
With Ruby:
```shell
$ gem install secret_hub
```
Or with Docker:
```shell
$ alias secrethub='docker run --rm -it -e GITHUB_ACCESS_TOKEN -v "$PWD:/app" dannyben/secrethub'
```
## Prerequisites
SecretHub is a wrapper around the [GitHub Secrets API][secrets-api]. To use
it, you need to set up your environment with a
[GitHub Access Token][access-key]:
```shell
$ export GITHUB_ACCESS_TOKEN=
```
Give your token the `repo` scope, and for organization secrets, the `admin:org` scope.
## Usage
SecretHub has three families of commands:
1. `secrethub repo` - manage repository secrets.
2. `secrethub org` - manage organization secrets.
3. `secrethub bulk` - manage multiple secrets in multiple repositories using a config file.
```shell
$ secrethub
GitHub Secret Manager
Commands:
repo Manage repository secrets
org Manage organization secrets
bulk Manage multiple secrets in multiple repositories
Run secrethub COMMAND --help for command specific help
$ secrethub repo
Usage:
secrethub repo list REPO
secrethub repo save REPO KEY [VALUE]
secrethub repo delete REPO KEY
secrethub repo (-h|--help)
$ secrethub org
Usage:
secrethub org list ORG
secrethub org save ORG KEY [VALUE]
secrethub org delete ORG KEY
secrethub org (-h|--help)
$ secrethub bulk
Usage:
secrethub bulk init [CONFIG]
secrethub bulk show [CONFIG --visible]
secrethub bulk list [CONFIG]
secrethub bulk save [CONFIG --clean --dry --only REPO]
secrethub bulk clean [CONFIG --dry]
secrethub bulk (-h|--help)
```
## Bulk operations
All the bulk operations use a simple YAML configuration file.
The configuration file includes a list of GitHub repositories, each with a
list of its secrets.
For example:
```yaml
# secrethub.yml
user/repo:
- SECRET
- PASSWORD
- SECRET_KEY
user/another-repo:
- SECRET
- SECRET_KEY
```
Each list of secrets can either be an array, or a hash.
### Using array syntax
All secrets must be defined as environment variables.
```yaml
user/repo:
- SECRET
- PASSWORD
```
### Using hash syntax
Each secret may define its value, or leave it blank. When a secret value is
blank, it will be loaded from the environment.
```yaml
user/another-repo:
SECRET:
PASSWORD: p4ssw0rd
```
### Using YAML anchors
SecretHub ignores any key that does not look like a repository (does not
include a slash `/`). Using this feature, you can define reusable YAML
anchors:
```yaml
docker: &docker
DOCKER_USER:
DOCKER_PASSWORD:
user/repo:
<<: *docker
SECRET:
PASSWORD: p4ssw0rd
```
Note that YAML anchors only work with the hash syntax.
## Contributing / Support
If you experience any issue, have a question or a suggestion, or if you wish
to contribute, feel free to [open an issue][issues].
---
[secrets-api]: https://developer.github.com/v3/actions/secrets/
[access-key]: https://github.com/settings/tokens
[issues]: https://github.com/DannyBen/secret_hub/issues