@henrycunh/ev

ev

^{a tool for versioning, securing and easily sharing environment variables}

initializing • commands • using in your project

Features

• ⏱ Version control - allows for storing environment variables securely in git
• 🔑 Secure - uses a single secret to secure your variables
• 🧑‍💻 Easy sharing - sharing the secret means sharing your variables
• 🛠 Great DX - tools for easily managing variables

Getting started

Initializing

Install Node >= 14 and run:

npx ev

It will prompt you for a new secret key and create two new files:

• .ev/vars - where your environment variables are encrypted and safely stored,
• .ev/secret - your secret key, whose must not be version controlled

And add .ev/secret to .gitignore

You can install ev globally ^{(so you wont have to prepend npx)} by running,

npm install -g @henrycunh/ev

Commands

Adding new variables →

ev MY_KEY=VALUE OTHER_KEY=OTHER_VALUE

^{This will add the MY_KEY and OTHER_KEY variables, if the variables already exists, their value will be overrided}

Exporting variables into the environment →

ev | source
# you can alternatively use
eval $(ev)

^{This will export every variable into the environment}

You can test it by running

ev TEST=123 && ev | source && echo $TEST

^{This should print Added 1 variables. followed by 123.}

Removing variables →

ev rm MY_KEY OTHER_KEY

^{This will remove the MY_KEY and OTHER_KEY variables}

Listing variables →

ev ls

^{This will list all variables}

ev ls MY_KEY

^{This will list the MY_KEY variable}

Changing the secret key →

ev change-secret

^{This will prompt for the old key and the new one, if the old key is correct, it will re-encrypt the variables with the new one}

Setting the secret key →

In case you mistype your secret, you can just run this to type the secret again

ev set-secret

^{This will prompt for the secret}

Using different environments →

You can append the option --env ^{(or -e)} on any command to specify a different environment

ev -e staging MY_KEY=VALUE_IN_STAGING

^{The variables for each environment is stored in a different file}

Loading variables from a .env file →

ev load .env

^{All the variables on .env will be loaded into the default environment}

Setting a different secret for specific environments →

When using this tool, you may want to give access to staging/local environment variables but not to the production ones.

ev change-secret -e production

^{Changes the default secret on the production environment}

Using in your project

After initializing and setting a secret, you can just load from your previous .env file with the command ev load .env and run either ev | source or eval $(ev) to export the variables into the environment.

Passing a secret through a environment variable

In a CI environment, you want your secret to be passed through an environment variable set by your CI system. You can do this by setting the EV_SECRET variable

EV_SECRET=my-secret eval $(npx ev)

Javascript projects

You can add a pre script to your package.json file to load the variables into the environment before your development script runs. Here's an example:

{
  "scripts": {
    "predev": "eval $(ev)",
    "dev": "..."
  }
}

You can even create different scripts for different environments

{
  "scripts": {
    "predev:staging": "eval $(ev -e staging)",
    "dev:staging": "..."
  }
}