CLI tool for more use-cases

chronark / envshare

Share Environnment Variables Securely

https://envshare.dev

MIT License

588 stars 62 forks source link

CLI tool for more use-cases #13

Open Mahmoudgalalz opened 1 year ago

Mahmoudgalalz commented 1 year ago

          I would like to create the CLI, I have a previous expreiance to build it, also consider the options

That I told you about that, api can response text As we could make it export the env and inject them to the system or we can leave this to the CLI,

This is would make a point for us cause there's no tool for that

Originally posted by @Mahmoudgalalz in https://github.com/chronark/envshare/issues/3#issuecomment-1384886296

chronark commented 1 year ago

Yes, I think building a cli is the next step after the API

chronark commented 1 year ago

I've had a great experience using oclif to build a CLI in the past

Probably I would split this up into different packages and manage it using turborepo

/apps/web // current nextjs app
/apps/cli
/packages/encryption

Or similar

I can take a better look tonight

Mahmoudgalalz commented 1 year ago

I would like to start with you, we should cosider the size of it and its performance, some CI/CD tools as pricing as pay as you go, so we should cosider that, let me know to collaborate in this together 🦀

chukwumaokere commented 1 year ago

So just brainstorming the CLI functionality here. One would probably use it something like this:

envshare share some-pre-encrypted-secret --reads=999 --ttl=7 --units=days and get a response like...

URL: https://envshare.dev/unseal#{id}
Id: {id}
Expires In: 7 days
Expires At: January 24, 2023 19:41:33 (UTC)
Reads: 999

and maybe can do

envshare unseal --id={id} And receive a response like

Secret: some-decrypted-secret
Remaining Reads: 998

Does that look sound right for the functionality or were you guys planning something else? 🤔

Mahmoudgalalz commented 1 year ago

for the cli tool, actually we need to export them directly to the system, and the developer should be able to share env file and the purpose of the cli tool, just to config a server, the seal and unseal will happen between a Developer and an Instance (server) envshare share --file ./src/.env --reads=10 --ttl=7 -d

.env

DATABASE_URL=postgres://dwdw-dswd.com
API_URL=https://api.com/api

the unseal, would be like envshare inject {id} if the variables, doesn't have export we should put it after each newLine, and then output

env that got injected

DATABASE_URL
API_URL

envshare get {id}

this one will output the regular output and he can do any thing later like grep then assign it to a variable etc.

chronark commented 1 year ago

There should be 2 groups right now I think

env share ...: upload pre-encrypted data with ttl and reads
env encrypt: generate key on the client, encrypt and upload the encrypted data + iv, then display the id and full link

@Mahmoudgalalz

I would like to start with you, we should cosider the size of it and its performance, some CI/CD tools as pricing as pay as > you go, so we should cosider that, let me know to collaborate in this together 🦀

Sounds good, what did you have in mind?

Also let's consider the use of piping entire .env files

$ cat .env | env encrypt --ttl=500` --reads=20

Key: ""
ID: ""
Url: ""
... etc

Also a --json flag would be very good to return the data in machine readable format for CI

Mahmoudgalalz commented 1 year ago

we will consider using go, as its good to distribute, also I will start building it, we will rely on the api, so the API should have the options

and anything else will be within the CLI

chronark commented 1 year ago

haha I was about to mention go with cobra for example I love using that

api is ready btw, check the readme for the api contract

Mahmoudgalalz commented 1 year ago

I will, and I will mention you when I setup everything and make the first req from the CLI