seacrypt

package module
v0.0.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 10, 2022 License: MIT Imports: 7 Imported by: 0

README

Seacrypt

CLI and Library used to decrypt secrets with AWS KMS.

Commands

exec-env

Used in Nucleus build pipelines to decrypt secrets and mount them in the environment prior to launching the main process.

The keyfile must contain the plaintext contents of the KMS Key Id.

The secrets file must be a flat json file like so:

{
  "MY_KEY": "<base64 encoded encrypted secret>"
}
Usage

You must have a configured AWS config prior to running this command.

The following example decrypt keys and then prints out the environment

make build
./bin/seacrypt exec-env -k <path-to-keyfile> -f <path-to-secretsfile> "env"

Pass -d to remove the key from disk afterwards.

Installation

Homebrew

You can install seacrypt directly with homebrew

brew install nucleuscloud/tap/seacrypt

Source

Ensure you have go installed.

make
./bin/seacrypt

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecryptSecrets 

func DecryptSecrets(ctx context.Context, kmsClient *kms.Client, kmsKeyId string, cipherTextBase64 string) (string, error)

func GetKmsClient 

func GetKmsClient(ctx context.Context) (*kms.Client, error)

func ToScreamingSnake added in v0.0.4 

func ToScreamingSnake(s string) string

taken from: https://github.com/iancoleman/strcase/blob/a61ebb85b34d7b831590cd8fa7faafadc161a652/snake.go#L66 ToScreamingSnake converts a string to SCREAMING_SNAKE_CASE

Types

This section is empty.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.