read key-value pairs from a .kdbx file and set them as environment variables or return as dict
Read key-value pairs from .kdbx file and set them as environment variables or return as dict. .kdbx entries can store key-value attributes. This tool takes a path to entry and loads it's attributes.
pip install keepass-env
import keepass_env
db_filename = 'my_database.kdbx'
password = 'secure-af'
entry_path = ['group0', 'subgroup1', 'my_entry']
# load to os.environ
keepass_env.load_env(db_filename, entry_path, password=password)
# return as dict
keepass_env.env_values(db_filename, entry_path, password=password)
{'KEY_0': 'value-0', 'KEY_1': 'value-1'}
# write env
keepass_env.write_env(db_filename, entry_path, password=password, env={
'MY_KEY_0': 'my-value-0',
'MY_KEY_1': 'my-value-1',
})
This tool supports entry references. For example some entry have following key-value attributes:
KEY_0 value-0
KEY_1 ref@group5/entry42:API_TOKEN
Value for KEY_1 will be loaded from another entry with path ['group5', 'entry42'] and will be taken from its attribute API_TOKEN.
ref@, path separator / attribute separator :.ref@group5/entry42:__title__ref@group5/entry42:__username__ref@group5/entry42:__password__ref@group5/entry42:__url__This package comes with console script keepass-env (It will be accessible after pip installation).
keepass-env --db mydb.kdbx --password secure-af --entry-path group0/subgroup1/my_entry
KEY_0=value-0
KEY_1=value-1
# to print in shell format, use --format shell
keepass-env --db mydb.kdbx --password secure-af --entry-path group0/subgroup1/my_entry --format shell
export KEY_0=value-0
export KEY_1=value-1
# --format docker
keepass-env --db mydb.kdbx --password secure-af --entry-path group0/subgroup1/my_entry --format docker
-e KEY_0=value-0 -e KEY_1=value-1
# configuration via env variables are also available:
KEEPASS_DB=mydb.kdbx KEEPASS_PASSWORD=secure-af KEEPASS_ENTRY_PATH=group0/subgroup1/my_entry KEEPASS_FORMAT=shell
export KEY_0=value-0
export KEY_1=value-1
If you do not specify --password argument or KEEPASS_PASSWORD variable, you will be asked to enter a password in the command line.
Printing variables can be used to load them before running some command in the shell:
eval "$(keepass-env --db my.kdbx --password 1234 --entry-path main/project-x)" python main.py
Or you can put in Makefile like this:
.PHONY: run
run:
eval "$$(keepass-env --db my.kdbx --password 1234 --entry-path main/project-x)" python main.py
# another example:
.PHONY: run_fastapi_app
run_fastapi_app:
eval "$$(keepass-env --db my.kdbx --password 1234 --format shell --entry-path main/project-x)"; \
uvicorn server:app
FAQs
read key-value pairs from a .kdbx file and set them as environment variables or return as dict
We found that keepass-env demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.