Hands On
This section is a quick lab for those that prefer to put the hands on the actual thing rather than reading documentation. It will go through the different concepts described in the usage page.
In this lab, we will create a simple AWS store named organization_aws
.
While it won't represent a real-life situation, it will cover the basics so it can be adapted to a real usage.
First, create a .secenv.yaml
file with the following content:
stores:
organization_aws:
type: aws
# Here, fill with your own keys
region: eu-west-3
access_key_id: AZERJF9H3H1U29ED12H9
secret_access_key: I1920EIa912akzd0129AZd120ODAIJZ1029aoijz
secrets:
- secret: DATABASE_CREDENTIALS
store: organization_aws
keys:
- host
- user
- password
contexts:
default:
vars:
DB_HOST:
store: organization_aws
secret: DATABASE_CREDENTIALS
key: host
In the organization_aws
store, a key-value secret containing the credentials of a database is created.
Then, a default
context is created, and it contains a variable: DB_HOST
.
Now the configuration file exists, let's fill the secrets, ensure everything went well, then list and generate a context.
# Fill the secrets defined in the `secrets` block
$ secenv secrets fill
# Ensure everything went well
$ secenv secrets get organization_aws DATABASE_CREDENTIALS
{
"host": ...,
"user": ...,
"password": ...
}
# List the contexts
$ secenv contexts list
default
# And generate it (by default, it generates environment variables)
$ secenv contexts gen default
export DB_HOST=...
Now that you understand the basic usage of secenv
, let's dive a bit deeper in the different components of the configuration file.