sidekick_vault 1.2.0 copy "sidekick_vault: ^1.2.0" to clipboard
sidekick_vault: ^1.2.0 copied to clipboard

Published 8 months agoverified publisherphntm.xyzDart 3 compatible
SDKDartFlutter
PlatformLinuxmacOSWindows

Metadata

Reads project secrets stored encrypted on the local filesystem

More...

Sidekick Vault #

A place to store project secrets within a git repository, encrypted with GPG

Install the plugin #

Installing the vault is quite easy. Just run the following command in your project:

<<your_cli>> sidekick plugins install sidekick_vault
copied to clipboard

Manage vault with VaultCommand #

Add file to vault #

<cli-name> vault encrypt path/to/secret.csv
copied to clipboard
<cli-name> vault encrypt --passphrase="****" --vault-location="secret.txt.gpg" path/to/secret.txt
copied to clipboard

The passphrase is optional. It will be retrieved from the environment variables or asked via stdin.

The file will be saved at vault-location (optional) inside the vault directory. The filename (secret.txt) will be used as fallback.

Decrypt file in vault #

<cli-name> vault encrypt secret.csv.gpg
copied to clipboard
<cli-name> vault decrypt --passphrase="****" --output="write/to/decrypted.txt" secret.txt.gpg';
copied to clipboard

The passphrase is optional. It will be retrieved from the environment variables or asked via stdin.

output is optional. The decrypted file will be saved in the vault next to the encrypted one (without .gpg ending).

Change vault password #

<cli-name> vault change-password
copied to clipboard
<cli-name> vault change-password --old ***** --new *****
copied to clipboard

Use the old and new arguments to pass the old and new password. Without the arguments, you can enter the passwords via stdin.

Manually add/read items in vault via gpg #

Add file to vault #

gpg --symmetric --cipher-algo AES256 --batch --passphrase=$password <file>
copied to clipboard

Decrypt file from vault #

gpg --quiet --batch --yes --decrypt --passphrase=$password --output=<file> <file.gpg>
copied to clipboard

Read secrets in code #

Create a vault in your sidekick cli and read the password

import 'package:sidekick_core/sidekick_core.dart';
import 'package:sidekick_vault/sidekick_vault.dart';

void main() {
   final vault = SidekickVault(
      location: repository.root.directory('vault'),
      // environment variable where CIs can inject the vault password
      environmentVariableName: 'FLT_VAULT_PASSPHRASE',
   );

   final secret = vault.loadText('secret.txt');

   // Use secret on your CI to do magic things
}
copied to clipboard

Metadata

5
likes
150
points
1.98k
downloads

Publisher

verified publisherphntm.xyz

Weekly Downloads

2024.09.08 - 2025.03.23

Metadata

Reads project secrets stored encrypted on the local filesystem

Repository (GitHub)
View/report issues

Topics

#sidekick #cli #sidekick-plugin

Documentation

API reference

License

Apache-2.0 (license)

Dependencies

actions_toolkit_dart, dcli, sidekick_core

More

Packages that depend on sidekick_vault

Back