Quickstart
Start managing and syncing your secrets in 4 minutes.
Preprequisites
- Signup for an envsecrets account.
- Install the CLI.
Setup
Firstly, change directory to your project root.
cd my-project
Local Environment
In order to get comfortable, let’s first run through all commands in your local environment before we go to remote environment.
Run the following commands in correct order.
Set your secrets
envs set DB_PASSWORD=awesome
This will set your key-value pair locally without encrypting the values.
List your secrets
envs ls
This will list your locally saved key-value pairs and help you validate that your key-value pair indeed got set.
Get your secret
envs get DB_PASSWORD
This will get the value of key DB_PASSWORD
from locally saved key-value pairs.
Consume your secret
envs run -- [start-command-of-your-process]
This will fetch all the locally available values and inject them into your process. You can now access your secrets natively in your code.
Remote Environment
- To manage secrets in your remote/hosted environment, you can simply use the same aforementioned commands with
-e
or--env
. - For the purpose of this tutorial, we will use the pre-initialized/default
prod
environment that is created for your every envsecrets project.
Login
envs login
When prompted, enter your envsecrets account credentials i.e. email and password.
Initalize the project directory
envs init
This command will ask you to choose your organisation, project and one of it’s environments.
If you do not already have a project, you can create one directly from the CLI when prompted with the option.
Set your secrets
envs set DB_PASSWORD=awesome -e prod
This will create a new version of your secret in your remote prod
environment.
List your secrets
envs ls -e prod
This will list the key-value pairs in the latest secret version of your remote prod
environment and help you validate that your key-value pair indeed got set.
You can use the --version
flag to modify which version to list the secrets for.
If you want to export the values of all the keys and not just list the keys, use: envs export
Get your secret
envs get DB_PASSWORD -e prod
This will get the value for key DB_PASSWORD
in the latest secret version of your remote prod
environment.
You can use the --version
flag to modify which version to get the value from.
Consume your secret
envs run -e prod -- [start-command-of-your-process]
This will fetch the key-value pairs in the latest secret version of your remote prod
environment.
You can now access your secrets natively in your code.
You can use the --version
flag to modify which version to get the values from.
Connect an Integration
For the sake of this tutorial, let’s connect the Github Actions integration.
- Go to integrations catalog in your envsecrets dashboard and choose “Github Actions.”
- Complete the Oauth procedure that begins and grant access to all of your Github repositories to which you wish to sync your secrets.
- Go to the integrations dashboard in your envsecrets organisation and under “Github Actions” choose “Sync New Environment With Your Github Actions Account.”
- In the page that opens, select your envsecrets project, environment and your Github repository where you wish to push/sync your secrets.
- Complete and save the form.
Sync Your Secrets
Once your secrets are synced, it is recommended you go to your Github repository and validate the new values.
Similarly, you can choose any native integration from our catalog of available integrations to keep your secrets synchronized everywhere in real-time.