Skip to content
This repository was archived by the owner on Jul 17, 2024. It is now read-only.
/ microvault Public archive

Keep your secrets secret. Tool to manage secrets in your public and private repositories. 🔐 🔥

License

MIT license
11 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kboshold/microvault

BranchesTags

Repository files navigation

MicroVault Logo


GitHub version MIT License Dependabot active

Keep your secrets secret. Tool to manage secrets in your public and private repositories.
THIS PROJECT IS STILL UNDER DEVELOPMENT - DO NOT USE IT FOR PRODUCTION USE

State of development

Feature Done
microvault create ✔️
microvault get ✔️
microvault set ✔️
microvault generate ✔️
microvault list ✔️
microvault publish
microvault open
microvault close

Get started

Installation

# TO BE DEFINED
# curl https://raw.githubusercontent.com/kpalatzky/microvault/master/src/main/resources/scripts/install.sh | sh

Usage

# create a new vault with given password at the given location
miva --password=password --file=./micro.vault create

# open a session to continues edit the vault. The command substitution is required to set a environment variable
$(miva --password=password --file=./micro.vault open -e) # MICRO_VAULT_SESSION=<SESSION_DATA>

# add data to the vault
miva set db.user Admin
miva generate db.password

miva set docker.user MicroVault
miva set docker.email microvault@example.com
miva set docker.password MicroVault123

# get data from the vault
miva get docker.password

# list content of the vault
miva list

# publish all data as environment variables
$(miva publish environment) # export DOCKER_PASSWORD=<docker.password>

# close the vault again
$(miva close) # MICRO_VAULT_SESSION=

# Use variable as command
MIVA="miva --password=password --file=./micro.vault"
$MIVA get docker.password
$MIVA publish kubernetes --parameter name=my-secrets

# open vault in interative mode
$MIVA open --interative
> get docker.password
> set docker.password Docker123
> exit

Encryption Modes

Mode Encryption Key Length Public writable Public readable
symmetric AES/GCM/NoPadding 256
asymmetric RSA/ECB/OAEPWITHSHA-256ANDMGF1PADDING 4096 ✔️
plain - ✔️ ✔️

Vault file

{
  "version": "1",
  "encryption": {
    "mode": "asymmetric", // asymmetric | symmetric | plain
    "salt": "<SALT_ENCODED>",
    "readKey": "<READ_KEY_ENCRYPTED>", // for asymmetric decryption
    "writeKey": "<WRITE_KEY_ENCRYPTED>", // for asymmetric encryption
    "key": "<READ_WRITE_KEY_ENCRYPTED>" // for asymmetric decryption/encryption
  },
  "data": {
    "<KEY>": "<ENCRYPTED_VALUE>"
  }
}

Development

Native Build

./gradlew build -Dquarkus.package.type=native -Dquarkus.native.container-build=true -Dquarkus.banner.enabled=false -Dquarkus.log.console.enable=false

UberJar / FatJar

 ./gradlew build  -Dquarkus.package.type=uber-jar -Dquarkus.banner.enabled=false -Dquarkus.log.console.enable=false

About

Keep your secrets secret. Tool to manage secrets in your public and private repositories. 🔐 🔥

Topics

encryption credentials secret-management secrets credential-storage credential-manager secrets-management secrets-manager

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

11 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v0.0.1 Latest
Oct 13, 2022

Contributors 2

  •  
  •  

Languages