Skip to main content
Version: Next

Hands On

This section is a quick lab for those that prefer to put the hands on the actual thing rather than reading documentation. It will go through the different concepts described in the usage page.

In this lab, we will create a simple AWS store named organization_aws. While it won't represent a real-life situation, it will cover the basics so it can be adapted to a real usage.

First, create a .secenv.yaml file with the following content:

stores:
  organization_aws:
    type: aws
    # Here, fill with your own keys
    region: eu-west-3
    access_key_id: AZERJF9H3H1U29ED12H9
    secret_access_key: I1920EIa912akzd0129AZd120ODAIJZ1029aoijz

secrets:
  - secret: DATABASE_CREDENTIALS
    store: organization_aws
    keys:
      - host
      - user
      - password

contexts:
  default:
    vars:
      DB_HOST:
        store: organization_aws
        secret: DATABASE_CREDENTIALS
        key: host

In the organization_aws store, a key-value secret containing the credentials of a database is created.

Then, a default context is created, and it contains a variable: DB_HOST.

Now the configuration file exists, let's fill the secrets, ensure everything went well, then list and generate a context.

# Fill the secrets defined in the `secrets` block
$ secenv secrets

# Ensure everything went well
$ secenv organization_aws DATABASE_CREDENTIALS
{
  "host": ...,
  "user": ...,
  "password": ...
}

# List the contexts
$ secenv contexts
default

# And generate it (by default, it generates environment variables)
$ secenv context default
export DB_HOST=...

Now that you understand the basic usage of secenv, let's dive a bit deeper in the different components of the configuration file.