https://github.com/eguven/secrets2env

Command-line tool for generating environment variables from AWS Secrets
https://github.com/eguven/secrets2env

aws aws-secret env environment environment-variables secret secrets-to-env

Last synced: about 1 month ago
JSON representation

Command-line tool for generating environment variables from AWS Secrets

• Host: GitHub
• URL: https://github.com/eguven/secrets2env
• Owner: eguven
• License: mit
• Created: 2018-04-25T11:53:28.000Z (about 7 years ago)
• Default Branch: master
• Last Pushed: 2021-08-28T10:00:34.000Z (almost 4 years ago)
• Last Synced: 2024-09-08T10:40:37.927Z (9 months ago)
• Topics: aws, aws-secret, env, environment, environment-variables, secret, secrets-to-env
• Language: Python
• Size: 10.7 KB
• Stars: 2
• Watchers: 2
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
[![Build Status](https://travis-ci.org/eguven/secrets2env.svg?branch=master)](https://travis-ci.org/eguven/secrets2env)

# secret2env

Command-line tool for generating sourcable environment variables from secrets in AWS Secrets Manager

using a YAML definition.

## Installation

```shell

$ pip install secrets2env

```

## Environment Definition

Below is an example environment definition. The values for environment variables will be generated

using `.format()` and keyword arguments.

```yaml

- secret: aws/secret-name

  name: ENV_SECRET

  value: "{key1-in-secret}"

- secret: production/postgresql

  name: PSQL_URI

  value: "postgresql://{username}:{password}@postgresql:5432/{dbname}"

```

## Usage

Path to a definition like the one can be provided as argument, otherwise it defaults to `./aws-secrets.yml`.

Running `secrets2env` will print a sourceable environment to STDOUT which can be `eval`d or redirected to an environment file.

```shell

# with path to definition file

$ secrets2env --definition path/to/definition.yml

# or using the default path (./aws-secrets.yml) with the definition above

$ secrets2env

```

It will result in the following output

```shell

# Autogenerated by 

export ENV_SECRET='some-secret'

export PSQL_URI='postgresql://pg-user:pg-pw@postgresql:5432/pgdb'

```

```shell

# you can eval directly

eval "`secrets2env`"

# or redirect to file

echo -e "\n`secrets2env`" >> env.sh

```

## Limitations / TODOs

* currently only supports `SecretString`

* currently only supports OsX and Linux

* no automated tests