kanti/secrets

There is no license information available for the latest version (1.0.0) of this package.

Allows to commit encrypted Secrets

Maintainers

Details

github.com/Kanti/secrets

Source

Issues

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

1.0.0 2025-02-12 05:46 UTC

Requires

Requires (Dev)

Unknown License 2fb7cef74ba3bc0396297cc6a0b0b01616a75a12

  • Matthias Vogel <git.woop@kanti.de>

This package is auto-updated.

Last update: 2025-02-12 12:49:59 UTC

README

This is a little library to allow to commit any Secret without exposing it to the public.
the secrets will be encrypted inside the code.

!!! the secrets will be stored as plaintext in a ksk-cache.json file on disk. (for performance reasons)

Installation

composer require kanti/secrets

Usage

in code

to encrypt a secret you can use the Secrets::convert() method.

use Kanti\Secrets\Secrets;

# prerequisite: you need to have a .env file with a KSK_KEY set and It must be loaded in your code
$databasePassword = Secrets::convert('topSecretPassword');
# after first run of this code the code will have change to:
$databasePassword = Secrets::decrypt('7boUYdo8crSe1DsMDZbqG67vcvLxIOhEys1-9Rz-KUfzwX2k5ei5DhC2Wjt1qUzHK2N_pwqsrVO2VSEa');
use Kanti\Secrets\Secrets;
# you can define the location of the ksk-cache.json file like this:
Secrets::setCacheFile('/path/to/ksk-cache.json');

generate a secret

# this will generate a new secret and store it in the .env file (if not already present)
./vendor/bin/ksk

# Outputs something like this:
Key already set in /app/.env file
KSK_KEY=ksk-yI1YRuVxsp1jJH7KcU3t2tignYmI2O_PLKqy2flBHzs1XBXudSLwf-lhryOV-qA4Rv0YchDb2jk
╔════════════════════ ═══ ══ ═  ═
║ Found usage:
║ File: /app/sync.php:25
║ value: "t34vctngh3840vngtc803m5b8t0gm2b4m29x4,nr94n,"
║ // load dotenv
║
║ dd([
║     'password2' => Secrets::decrypt('7boUYdo8crSe1DsMDZbqG67vcvLxIOhEys1-9Rz-KUfzwX2k5ei5DhC2Wjt1qUzHK2N_pwqsrVO2VSEa'), <--- "t34vctngh3840vngtc803m5b8t0gm2b4m29x4,nr94n,"'top' => Secrets::decrypt('JSeg-Q6xMKJ52UUsLNQY766zNqThMeVRx4pmp03jIgD3wzbnoer-CA'),
║     'password' => Secrets::decrypt('d0Fcuh2UcsMJe-j7ELUGKaq9NfflO_RH'),
║ ]);
╚════════════════════ ═══ ══ ═  ═
╔════════════════════ ═══ ══ ═  ═
║ Found usage:
║ File: /app/sync.php:26
║ value: "top secret fake password"
║
║ dd([
║     'password2' => Secrets::decrypt('7boUYdo8crSe1DsMDZbqG67vcvLxIOhEys1-9Rz-KUfzwX2k5ei5DhC2Wjt1qUzHK2N_pwqsrVO2VSEa'),
║     'top' => Secrets::decrypt('JSeg-Q6xMKJ52UUsLNQY766zNqThMeVRx4pmp03jIgD3wzbnoer-CA'), <--- "top secret fake password"'password' => Secrets::decrypt('d0Fcuh2UcsMJe-j7ELUGKaq9NfflO_RH'),
║ ]);
║
╚════════════════════ ═══ ══ ═  ═
╔════════════════════ ═══ ══ ═  ═
║ Found usage:
║ File: /app/sync.php:27
║ value: "password"
║ dd([
║     'password2' => Secrets::decrypt('7boUYdo8crSe1DsMDZbqG67vcvLxIOhEys1-9Rz-KUfzwX2k5ei5DhC2Wjt1qUzHK2N_pwqsrVO2VSEa'),
║     'top' => Secrets::decrypt('JSeg-Q6xMKJ52UUsLNQY766zNqThMeVRx4pmp03jIgD3wzbnoer-CA'),
║     'password' => Secrets::decrypt('d0Fcuh2UcsMJe-j7ELUGKaq9NfflO_RH'), <--- "password"
║ ]);
║
║ new SyncCommand(new Config(), new ConsoleLogger($output));
╚════════════════════ ═══ ══ ═  ═

Linting

composer install
grumphp run

Author

made with ❤️ by Kanti (Matthias Vogel)