secrethub
Manage secrets securely using SecretHub
TLDR
Print a secret to stdout
Generate a random value and store it as a new or updated secret
Store a value from the clipboard as a new or updated secret
Store a value supplied on stdin as a new or updated secret
Audit a repository or secret
SYNOPSIS
secrethub [global options]
PARAMETERS
--help
Show help for a command.
--version
Show the version of the SecretHub CLI.
init
Initialize SecretHub.
read
Read the value of a secret at the specified path.
write
Write a new value to the secret at the specified path.
mkdir
Create a directory at the specified path.
repo:create
Creates a repository within a namespace.
DESCRIPTION
The secrethub command-line interface (CLI) provides a secure and convenient way to manage and access secrets within your applications. It allows you to store sensitive data like API keys, passwords, and configuration settings in a centralized, encrypted vault, and then inject them into your applications at runtime without exposing them directly in your codebase or configuration files.
SecretHub uses end-to-end encryption to protect your secrets from unauthorized access. Only authorized users and applications can decrypt and use the secrets.
With SecretHub, you can improve your application's security posture, simplify secret management, and prevent accidental exposure of sensitive information.
CAVEATS
SecretHub requires an account and proper setup before it can be used. Network connectivity is necessary for accessing and managing secrets stored in the SecretHub vault.
SECRET PATH SYNTAX
Secret paths are hierarchical and resemble file system paths. They are used to organize and locate secrets within the SecretHub vault. For example, `org/my-app/database/password` represents a secret named `password` located within the `database` directory of the `my-app` repository in the `org` namespace.
AUTHENTICATION
SecretHub utilizes cryptographic keys for authentication.
Users generate a keypair, the public key is uploaded to SecretHub, and the private key is used to authenticate the user's commands. This allows for secure access to secrets.
INTEGRATION
The SecretHub CLI can be integrated into CI/CD pipelines, application startup scripts, and other automation workflows to automatically inject secrets into the environment at runtime.
HISTORY
SecretHub is a relatively new command-line tool developed to address the challenges of securely managing secrets in modern applications. It reflects the growing awareness of the importance of secret management in the DevOps and security communities. Its adoption is growing as more developers seek a secure and streamlined way to handle sensitive data.