SecretMana - Manage your secrets with elixir / phoenix
Managing secrets in software projects has always been a challenge. Traditional methods, such as using .env files, can lead to synchronization issues and security risks. And even though I love to rant (not really) about Ruby on Rails their approach to implement credentials got me hooked - so I had to built the same for Elixir / Phoenix.
So I built SecretMana, an Elixir library designed to simplify and secure secret management within your codebase.
Why I Built SecretMana
I wanted a way to store secrets securely in my code while avoiding the hassle of maintaining separate .env files across different environments. SecretMana enables developers to encrypt and decrypt secrets directly within their codebase, making it easier to manage secrets consistently and securely.
Instead of relying on external secret management systems or plaintext files, SecretMana allows you to store encrypted secrets in your version control system. This means you only need to share a single decryption key with your team, significantly reducing security risks and improving collaboration.
How SecretMana Works
At its core, SecretMana leverages age, a modern encryption tool by FiloSottile. Using age, SecretMana ensures that your secrets remain secure and easy to manage without unnecessary complexity.
The library is designed to be flexible. Currently, only age is supported as a backend, but adding other backends should be straightforward to accommodate different project needs.
There are two ways to interact with SecretMana:
Using mix tasks to install the toolchain, generate keys and encrypt/decrypt files
Programmatically to access your secrets from within your application code.
This should cover both development and production requirements of your project. Mix tasks provide a simple way to manage secrets manually, while programmatic access is better suited for integrating secrets dynamically within your application.
Future Improvements
Since SecretMana is still in its early stages, there are several areas I plan to improve:
Implementing more comprehensive tests to ensure reliability.
Expanding documentation with detailed guides and examples.
Setting up CI/CD pipelines to streamline contributions and updates.
Get Involved
I’d love to hear feedback and ideas from the community! If you’re interested in trying out SecretMana or contributing to its development, check out the Elixir Forum thread for more details.
By integrating SecretMana into your Elixir projects, you can achieve a more secure, efficient, and hassle-free way to manage secrets. Give it a try, and let me know what you think!
