Giters

bartvdbraak / keyweave

Fetches secrets from Azure Key Vault and weaves them into a convenient .env file

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

azureenvironment-variableskeyvaultrustsecretsvault

Keyweave

github crates.io docs.rs build status test status

Keyweave

Keyweave is an open-source tool crafted to seamlessly fetch secrets from Azure Key Vault and weave them into a convenient .env file. Developed in Rust, Keyweave stands out for its efficiency and user-friendly design, making it an ideal choice for managing your application's secrets.

Features

  • Fetch Secrets: Retrieve secrets securely from Azure Key Vault.
  • Filtering: Optionally filter the secrets to be retrieved by name.
  • Output Customization: Choose the name of the output file, defaulting to .env.
  • Azure Default Credentials: Utilizes Azure default credentials for authentication.

Prerequisites

Before diving into Keyweave, ensure you have the following prerequisites:

  • Logged into the right Azure tenant:

    az login --tenant "your-tenant-guid"

  • The identity you logged in with has Get and List Secret Permissions in the Access Policies of the Key Vault.

Installation

Cargo

Keyweave is built with Cargo, the Rust package manager. It can also be used to install from crates.io:

cargo install keyweave

Homebrew (MacOS, Linux)

For MacOS and Linux systems, installation is a breeze with Homebrew. Simply run:

brew tap bartvdbraak/keyweave
brew install keyweave

Manual Download

If you prefer manual installation or need binaries for different platforms (including an executable for Windows), visit the Releases page of this GitHub repository.

Invoke-WebRequest -Uri 'https://github.com/bartvdbraak/keyweave/releases/latest/download/keyweave.exe' -OutFile 'keyweave.exe'

Building from Source

To build Keyweave from source, follow these steps:

git clone https://github.com/bartvdbraak/keyweave.git
cd keyweave
cargo build --release

Once built, run Keyweave using Cargo:

cargo run -- --vault-name <VAULT_NAME> [--output <FILE>] [--filter <FILTER>]

Usage

With the binary on your PATH, run Keyweave as follows:

keyweave --vault-name <VAULT_NAME> [--output <FILE>] [--filter <FILTER>]
  • --vault-name <VAULT_NAME>: Sets the name of the Azure Key Vault.
  • --output <FILE>: (Optional) Sets the name of the output file (default: .env).
  • --filter <FILTER>: (Optional) Filters the secrets to be retrieved by name.

Example

keyweave --vault-name my-key-vault --output my-env-file.env --filter my-secret

Documentation

Additional documentation for this package can be found on docs.rs.

License

Keyweave is licensed under the GPLv3 License. See LICENSE for more details.

Contributing

We welcome contributions! Feel free to submit pull requests, report issues, or suggest new features. Your input helps make Keyweave even better.

About

Fetches secrets from Azure Key Vault and weaves them into a convenient .env file

azureenvironment-variableskeyvaultrustsecretsvault

License:GNU General Public License v3.0

Languages

Language:Rust 70.3%Language:Bicep 29.7%