Environment variables - Githubissues

mumoshu / sopsed

Spawning and storage of secure environments powered by sops, inspired from vaulted. Out-of-box support for kubectl, kube-aws, helm, helmfile

9 stars 2 forks source link

Environment variables #1

Open mumoshu opened 6 years ago

mumoshu commented 6 years ago

Like vaulted shell and vaulted env respectively.

Would it be feasible if I introduce a .sopsed/<vault name>.yaml like:

env:
  FOO: bar

which is encrypted/decrypted by sops and consumed by sopsed run bash or sopsed env respectively?

mumoshu commented 6 years ago

vaulted does this very smartly :)

$ vaulted add foo

Vault: foo
Variables:
  [Empty]

AWS Key:
  [Empty]

SSH Keys:
  [Empty]

Environment:
  Duration: 1h

Edit vault: [a,s,v,d,?,q]: v

Variables:
  [Empty]

Edit environment variables: [a,D,?,b,q]: a

Name: FOO
Value: BAR

Variables:
  FOO: BAR

This is much better than pre-creating a yaml file containing envvars because then you have no chance to expose the envvars before encryption!

mumoshu commented 6 years ago

sopsed add -n myvault env FOO would be ncier as it doesn't force you to predefine plain-text envvars inside a yaml file input to this tool. Also see #5 for overall user experience of this tool involving this envvar management.