saf
@adikari/safebox
npm i @adikari/safebox
saf

@adikari/safebox

A Fast and Flexible secret manager built with love by adikari in Go

by subash adhikari

1.2.0 (see all)License:MITTypeScript:Not Found
npm i @adikari/safebox
Readme

📦 SafeBox

SafeBox is a command line tool for managing secrets for your application. Currently it supports AWS Parameter Store.

Installation

SafeBox is available for many Linux distros and Windows.

# Via brew (OSX)
$ brew install adikari/taps/safebox

# Via curl
$ curl -sSL https://raw.githubusercontent.com/adikari/safebox/main/scripts/install.sh | sh

# Via npm
$ npm install @adikari/safebox

# Via yarn
$ yarn add @adikari/safebox

To install it directly find the right version for your machine in releases page. Download and un-archive the files. Copy the safebox binary to the PATH or use it directly.

Usage

  1. Create a configuration file called safebox.yml.
service: my-service
provider: ssm

config:
  defaults:
    DB_NAME: "database name updated"
    API_ENDPOINT: "http://some-endpoint-{{ .stage }}.com"

  prod:
    DB_NAME: "production db name"

  shared:
    SHARED_VARIABLE: "some shared config"

secret:
  defaults:
    API_KEY: "key of the api endpoint"
    DB_SECRET: "database secret"

  shared:
    SHARED_KEY: "shared key"
  1. Use safebox CLI tool to deploy your configuration.
$ safebox deploy --stage <stage> --config path/to/safebox.yml --prompt missing

You can then run list command to view the pushed configurations.

The variables under

  1. defaults is deployed with path prefix of /<stage>/<service>
  2. shared is deployed with path prefix of /shared/

Config File

Following is the configuration file will all possible options:

service: my-service
provider: ssm                                 # Only supports ssm for now.

stacks:                                       # Outputs from cloudformation stacks that needs to be interpolated.
  - some-cloudformation-stack

config:
  defaults:                                   # Default parameters. Can be overwritten in different environments.
    DB_NAME: my-database
    DB_HOST: 3200
  production:                                 # If keys are deployed to production stage, its value will be overwritten by following
    DB_NAME: my-production-database
  shared:                                     # shared configuartions deployed under /shared/ path
    DB_TABLE: "table-{{.stage}}"

secret:
  defaults:
    DB_PASSWORD: "secret database password"   # Value in quote is deployed as description of the ssm parameter.

CLI

Following is all options available in safebox CLI.

A Fast and Flexible secret manager built with love by adikari in Go.

Usage:
  safebox [flags]
  safebox [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  deploy      Deploys all configurations specified in config file
  export      Exports all configuration to a file
  help        Help about any command
  import      Imports all configuration from a file
  list        Lists all the configs available

Flags:
  -c, --config string   path to safebox configuration file (default "safebox.yml")
  -h, --help            help for safebox
  -s, --stage string    stage to deploy to (default "dev")
  -v, --version         version for safebox

Use "safebox [command] --help" for more information about a command.

Using in scripts

#!/bin/bash

set -euo pipefail

echo "📦  deploying configs to ssm"
yarn safebox deploy --stage $STAGE # ensures all configs are deployed. throws error if ay configs are missings

configs=$(yarn safebox export --stage $STAGE)
CONFIG1=$(echo "$configs" | jq -r ".CONFIG1")
CONFIG2=$(echo "$configs" | jq -r '.CONFIG2')

echo $CONFIG1
echo $CONFIG2

Release

  1. Update version number npm/package.json.
  2. Merge the changes to main branch.
  3. Create a git tag that matches the same version number as npm package version.
  4. Push the tag to github. Tag must follow semversion and prefixed with v. Eg. v.1.2.3.
  5. Pushing the tag triggers github workflow that will automatically release new version.

License

Feel free to use the code, it's released using the MIT license.

Downloads/wk

33

GitHub Stars

2

LAST COMMIT

2mos ago

MAINTAINERS

1

CONTRIBUTORS

1

OPEN ISSUES

3

OPEN PRs

0
VersionTagPublished
1.2.0
latest
6d ago
No alternatives found
No tutorials found
Add a tutorial
No dependencies found

Rate & Review

100
No reviews found
Be the first to rate