A secure, zero-knowledge CLI tool to encrypt and synchronize repository-specific environment (.env) files to an AWS S3 bucket.
Secrets Manager performs all cryptographic operations locally on your machine. S3 is used purely as a secure storage engine for the encrypted ciphertext. No passwords or plaintext secrets ever leave your computer.
- Python 3: You must have Python 3 installed on your system.
- Note: The installation script will automatically check for and try to configure standard dependencies like Git and pipx for you.
If you just want to install and use the Secrets Manager CLI:
-
Run the cross-platform automated installer script:
python3 -c "$(curl -fsSL https://raw.githubusercontent.com/assignment-sets/secretMan/master/scripts/install.py)"(Alternatively, clone this repository and run
python3 scripts/install.py). -
The installer will:
- Setup standard dependencies (like
pipx). - Clone the tool repository into your global settings directory (
~/.secrets-manager/repo). - Register the CLI commands globally.
- Interactively prompt you for S3 keys and automatically create the global configuration file (
~/.secrets-manager/.env).
- Setup standard dependencies (like
Once installed, you can run S3 secrets sync commands (suenv, sfenv, sdenv) from any repository folder.
To cleanly remove Secrets Manager, global CLI registrations, and the S3 credentials configuration folder, run:
python3 -c "$(curl -fsSL https://raw.githubusercontent.com/assignment-sets/secretMan/master/scripts/uninstall.py)"(Alternatively, run python3 scripts/uninstall.py from a cloned directory)
If you are a developer looking to clone the project, run tests, or contribute:
-
Clone the repository:
git clone https://github.com/assignment-sets/secretMan.git cd secretMan -
Create your local S3 configuration file:
cp .env.example .env
(Fill out the S3 access credentials and bucket settings inside
.env). -
Install the package globally in editable mode:
pipx install --editable --force .
For more specialized details, please refer to:
- Architecture & System Overview: Conceptual guide covering folder structures, scope, and the configuration resolution hierarchy.
- CLI Reference Guide: Exhaustive manual for CLI commands, safety flags, and overwrite protection.
- Authentication & Encryption Deep-Dive: Mathematical and cryptographic details of the key derivation (PBKDF2), symmetric encryption (Fernet), and Mermaid sequence diagrams.