🕵️ Undercover

⚠️ This project is now deprecated. Please take a look at https://github.com/a7ul/secrets.mjs

Store your environment variables and secrets in git safely.

This script is a single file pure nodejs script.

Quick use (no install)

npx zx https://raw.githubusercontent.com/a7ul/undercover/main/undercover.mjs help

Installation

You can use undercover by just copying it and commiting it in your repo.

curl https://raw.githubusercontent.com/a7ul/undercover/main/undercover.mjs > undercover.mjs
node ./undercover.mjs

or manually

curl https://raw.githubusercontent.com/a7ul/undercover/main/undercover.mjs > undercover.mjs
chmod a+x ./undercover.mjs
./undercover.mjs

It is recommended you commit undercover.mjs with your repo, so its easier to run whenever you want to decrypt or encrypt secrets.

Further updates can be pulled by just doing:

./undercover.mjs update

Features

Encrypt/Decrypt Env files

First class .env files support. Only the values are encrypted and keys are left in plain text. This makes it easy to see changes in the git when changing something in the encrypted file.

 ./undercover.mjs encrypt ./test.env

Encrypt/Decrypt entire files

Useful for things like service accounts, ssh keys or any other file that is sensitive.

 ./undercover.mjs encrypt ./secret.json

Diff against encrypted file

Displays the diff between the encrypted file and the decrypted file.

./undercover.mjs diff ./test.env.ecrypt

Requirements

• Node v14 and above

Development

• Run tests: NODE_ENV=test node ./tests/run.mjs

References

• https://github.com/motdotla/dotenv/blob/master/lib/main.js
• http://vancelucas.com/blog/stronger-encryption-and-decryption-in-node-js/
• https://github.com/google/zx
• https://www.sohamkamani.com/blog/javascript/making-a-node-js-test-runner/