envkey/envkey-php

Keeps environment variables automatically in sync. Protects secrets with end-to-end encryption.

Maintainers

Details

github.com/envkey/envkey-php

Source

Issues

Installs: 94

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 2

Forks: 1

Open Issues: 1

2.4.4 2023-10-20 16:21 UTC

Requires (Dev)

MIT fe151c66d7fea7b6d087d9305880cdaeef348632

  • EnvKey <support.woop@envkey.com>

configurationsecurityencryptionenvdotenvconfiguration managementsecretsenvironment variablesend-to-end encryptionsecrets management

This package is not auto-updated.

Last update: 2024-11-01 22:56:55 UTC

README

Integrate EnvKey with your PHP projects to keep API keys, credentials, and other configuration securely and automatically in sync for developers and servers.

envkey-php integration example

This repo is mirrored in two locations:

Installation

$ composer require envkey/envkey-php

Usage

If you haven't already, download and install EnvKey from our website, then create a new org. Next, follow the ~1 minute integration quickstart to init an app with a .envkey file (for connecting development) or generate a server ENVKEY (for connecting a server).

At the entry point of your application, be sure you're including the composer autoloader.

require_once 'vendor/autoload.php'; // Include the Composer autoloader

Now all your EnvKey variables will be available with getenv('VARIABLE_NAME').

$stripe = new \Stripe\StripeClient(getenv('STRIPE_SECRET_KEY'));

Errors

The package will throw an error if an ENVKEY is missing or invalid.

Overriding Vars

This package will not overwrite existing environment variables or additional variables set in the .env file you loaded your ENVKEY from. This can be convenient for customizing environments that otherwise share the same configuration. You can also use branches or local overrides for this purpose.

PHP Request Model / Latency

Unlike other EnvKey language libraries that expect a long-running server process, this library is designed for PHP's short-lived per-request processes. Instead of loading config from an EnvKey host on every request, which would add 100-500ms of latency (depending on location and connection speed), this library caches your encrypted config in RAM in a background process and keeps it up to date. After the first load of EnvKey on a server, subsequent requests will load config from this cache, with effectively zero latency (less than 1 millisecond).

Working Offline

As mentioned in the previous section, this package caches your encrypted config in RAM. Your config will still be available (though possibly not up-to-date) if you lose your internet connection. When the connection is reestablished, the latest config will be loaded immediately.

envkey-source

Using a language-specific library like this one is the easiest and fastest method of integrating with EnvKey. That said, the envkey-source executable, which this library wraps, provides additional options and functionality when used directly from the command line. If you need additional flexibility and it works for your use case, consider using envkey-source directly.

x509 error / ca-certificates

On a stripped down OS like Alpine Linux, you may get an x509: certificate signed by unknown authority error when attempting to load your config. You can fix it by ensuring that the ca-certificates dependency is installed. On Alpine you'll want to run:

apk add --no-cache ca-certificates

Further Reading

For more on EnvKey in general:

Read the docs.

Read the integration quickstart.

Read the security and cryptography overview.

Need help? Have questions, feedback, or ideas?

Post an issue, start a discussion, or email us: support@envkey.com.