umar-jimoh/laravel-secretsync

Sync secrets from secret managers into your Laravel app with ease.

Maintainers

Details

github.com/Umar-Jimoh/laravel-secretsync

Source

Issues

Installs: 3

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.0.1 2025-05-25 09:35 UTC

Requires

  • php: ^8.2

Requires (Dev)

MIT 6c37ebff2130dba0b1d6c0ff2b19b110c01b3c55

  • Umar Jimoh <umarjimoh.woop@hotmail.com>

phpconfigurationcacheencryptionlaravelproductionenvdeveloper-toolssecret-managersecretsync

This package is auto-updated.

Last update: 2025-05-25 09:38:06 UTC

README

SecretSync Logo

Introduction

This package allows you to easily sync secrets from secret managers into your Laravel app. Currently, only Infisical is supported.

Once installed you can do stuff like this:

php artisan secretsync

๐Ÿ“ฆ Installation

You can install the package via composer:

composer require umar-jimoh/laravel-secretsync

Publish Config:

php artisan vendor:publish --provider="UmarJimoh\SecretSync\SecretSyncServiceProvider" --tag=config

๐Ÿงช Usage

Before syncing secrets, ensure you've properly set up your secret manager (e.g., Infisical) and provided the necessary credentials or identifiers in your .env file.

SECRETSYNC_PROVIDER="infisical"
INFISICAL_API_ENDPOINT=
INFISICAL_TOKEN=
INFISICAL_ENV=
INFISICAL_WORK_ID=

๐Ÿ” APP_KEY Requirement

This package requires APP_KEY to be set in the .env file before the application boots.

It uses Laravelโ€™s encryption system to decrypt cached secrets. Without APP_KEY, the package will not work.

Ensure APP_KEY is set locally in .env:

APP_KEY=base64:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=

NOTE: Do not include or fetch APP_KEY from your secret manager. It must be defined only in the .env file to avoid conflicts and ensure proper Laravel encryption.

Once the package is installed, you can sync secrets by running:

php artisan secretsync

This command fetches and applies secrets from your configured provider into your Laravel application.

You can enable caching so that secrets are stored and retrieved locally instead of fetching them from the provider every time. To enable this, configure the following in your .env file:

SECRETSYNC_CACHE=true
SECRETSYNC_CACHE_TTL=300   # (in seconds)
SECRETSYNC_CACHE_DRIVER=   # (optional, defaults to Laravel's default cache driver)

Secrets are securely encrypted using Laravel's cache driver.

You may also define these values in config/secretsync.php.

If you encounter issues during sync, use the --debug flag for more detailed error messages:

php artisan secretsync --debug

Alternatively, enable debugging via .env:

SECRETSYNC_DEBUG=true

NOTE: In production if you run php artisan optimize make sure you run php artisan secretsync afterward to ensure secrets are properly synced.

๐Ÿค Contributing

Feel free to open issues or pull requests to improve the package. I welcome contributions that help make this package better!

๐Ÿ“ง Contact

If you have any questions, feel free to reach out to me at umarjimoh@hotmail.com or via Twitter.

๐Ÿ”— License

This package is open-source software licensed under the . MIT License.