Infisical — Sync your .env securely in seconds.

Last update: Jan 4, 2023

Overview

Infisical

Infisical is a simple, end-to-end encrypted secrets manager for your .env files. It enables teams to securely sync and manage .env files in seconds.

What's New

Infisical combines simplicity with security. With git-like commands and end-to-end encryption, Infisical is easy to use and super secure — no one (not even us) can read your dearest secrets.

Usage

Head over to https://infisical.com/ to make an account and shared workspace for your team.

npx infisical login

Connect the folder containing your .env file to the workspace:

npx infisical connect [workspace id]

Push your .env file to the workspace:

npx infisical push [environment]

Pull the latest .env file from the workspace:

npx infisical pull [environment]

Note that the environment argument for the push/pull commands accepts 3 possible inputs: dev, staging, and prod

Voila!

How It Works

Infisical uses end-to-end encryption to securely store and share secrets. It uses secure remote password (SRP) to handle authentication and public-key cryptography for secret sharing and syncing; your secrets are symmetrically encrypted at rest by keys decryptable-only by intended parties in your team. Put simply, rest-assured we've put measures in place so that secrets remain your-eyes-only - all while making minimal user-experience trade-offs.

For a fuller discussion on how it works, head to our website: https://infisical.com/

Comments

Localize Web UI #39
Check Lists

[x] Setup localization module

[x] Move texts to json file

[x] Translate english into korean

[x] Resolve Conflict

[x] Language select in Login page and setting page

What changed and added?

package.json

next-translate for support multi languages.

Locale files in frontend/locales

All language files are located under frontend/locales/{language}.json. Language file is like this;

{ "namespace": { "key": "value", "nested-key": { "key": "nested-value" } } }

Texts in frontend/pages/ and frontend/components

import useTranslation from "next-translate/useTranslation"; ...... const { t } = useTranslation(""); ...... <div>{t("common:hello")}</div> ......

Define namespaces and locales in frontend/i18n.js

Defines the namespaces to use per page

docker-compose.dev.yml

https://github.com/gangjun06/infisical/blob/4c94ddd1b2635143ef93c941962c2bd29dfdd828/docker-compose.dev.yml#L52-53 To change language files without recreate full container with just restart, Added this lines.

Translate key convention?

I didn't make it clearly, but i followed some rules.

use - for space in key.

seperate namespace by page and section.

make keys simple as possible

ETC

For vscode, i18n-ally is very useful plugin for translated file. It can be able to preview value of the translate key.
opened by gangjun06 14
Backend test setup
Initial test configuration

Sample test (just the healthcheck endpoint for now)

Moved things from index.ts to separate parts for easier test setup

Initial coverage configuration

GH Action workflow

Modified Backend PR check to run test

New workflow to post comment/report of test result and coverage to PR (Note: this new workflow will not successfully run until merged into target main branch)

Sample:

Test result:

Coverage annotations:

Note: some files were automatically modified by prettier on commit (husky?).
opened by reginaldbondoc 7
Ordering when pushing and pulling is not kept

We have an issue in my team, when we add envs that depends on others, we need dependencies came after the source env, so sometime we reorder them, or even grouping them by microservice by adding comments (monorepo), but the order is absolutely not kept and same for comments. So each time we pull envs we have to reorder them and add comments.

To be honnest, commenting is not critical, but reordring each time the envs is really annoying.
🚀 feature request 🛠 work in progress

opened by abdalem 7
CLI raising error on email validation

HI. I have an issue about email validation when installing the new CLI. It raise an exception on my email that ending with .tech domain. The exception thrown is the following: >> this doesn't look like an email address
🐞 bug good first issue

opened by abdalem 7
.NET integration

Feature description

An integration with .NET's configuration tooling would be great to see.

Why would it be useful?

There's a lot of .NET projects out there that could benefit from this.

opened by gbro3n 6
Add comments to secrets

Feature description

In traditional .env files, it is possible to add comments that explain certain things about environment variables. It would be amazing if Infisical had something like 'comments/notes' that can be attached to every environment variable.

Why would it be useful?

Sometime people want to add reminders or explanations to certain environment variables.

Additional context

This would require both frontend and backend work
🚀 feature request

opened by mv-turtle 5
Infisical command not found when i try to deploy the application on vercel
Describe the bug

I connect the infisical to my project and run locally, but when I do the push in my nextJs project, I can't deploy because vercel say to me insifical command not found how can I deploy without this error?

To Reproduce

Steps to reproduce the behavior:

Add Infisical to the project following the documentation

Make the Git Push

See vercel fall in the caos because they dont know the command infisical

See error

Expected behavior

vercel use the infisical secrets env or use they own secrets env, or show me how to set up the infisical with vercel

Screenshots

Platform you are having the issue on:

MacOs BigSur, Vercel, NextJs
question
opened by DarlonHenrique 5
Support for monorepos

Feature description

We use Turborepo for our monorepo (a repository that has multiple packages and projects inside it). This means our web apps are inside subfolders, e.g. /apps/webapp/.

We need different environment variables for the different projects. So, we would like to have an Infisical project for each of those.

it would be great if the Infisical CLI could be run on the root folder of a monorepo and grab all the environment variables from the sub-projects and inject them.

Why would it be useful?

It would mean Infisical works with monorepos, made with tools like Turborepo and NX.
Go Lang

opened by matt-aitken 5
Add error notifications on saving secrets

Feature description

Right now, if you have duplicated secret names (or if a secret name starts with a number), you will not be able to save these secrets to the database. Users have a visual indication of an error (wrong secret names turn red). However, when they try to save, nothing happens. It would be ideal to show a notification saying "Your secrets weren't saved, please fix the conflicts first."

Why would it be useful?

This is especially useful if users have many secrets. They might not even know that they have some errors. However, they would see a notification as described above.
good first issue help wanted ✨ UX

opened by mv-turtle 5
UI bug with dots overflowing on the DashboardInputField
Bug Description

The dots that show up over a secret when it's not hovered, can sometimes go outside of the input field. I tried a bunch of options but couldn't get the desired result easily with our current setup. I think the whole structure of how we generate those dots could be rethought. It's currently very lengthy and suboptimal. This is the file that would have to be changed.

To Reproduce

Steps to reproduce the behavior:

Add a long key value

Decrease your browser size if needed

See error

Expected behavior

It should be the bahavior like "overflow-hidden" in tailwind

Screenshots
🐞 bug good first issue help wanted
opened by mv-turtle 5
Unable to pull variables in manual sync approach

Hey there,

I was following Infisical's doc and, at first, tried the auto sync approach in my NestJS project. Everything seemed to work fine (it asked for credentials and the project's ID), but the .env.infisical file content was just the project ID and no variables.

So then I tried the manual approach where I emptied the env file and executed npx infisical pull dev, and as a result, I got the following message: The "path" argument must be of type string. Received undefined. This time no info about credentials or project ID was asked (maybe because I informed it in the previous step?). Also, the env file remained empty.

opened by neyara 5
Dashboard hotfix - Abstract Dashboard into more reusable parts
Description

Abstract Dashboard into more reusable parts Fixes: #118

Changes & Features:

We pass the keypair list into an intermediary component that manages the keypair list (data) side effects. e.g filter.

Pass the helpers and handlers into a context, at the moment we are prop drilling.

Move the helper Fns into a separate file

Type of change

New feature (non-breaking change which adds functionality)
opened by LemmyMwaura 0
add ability to import/export secrets with comments
closes #74

few things to note:

it would be better if some functions are moved to separate files like getSecrets and checkOverrides

I used Menu as a dropdown menu from headless/ui, I think it would be better if it's extracted to a reusable component for future use

there is an issue with the dropdown menu, the menu doesn't close after a button is clicked. i'm investigating this issue at the moment

it would be better the onButtonPressed prop from Button component is optional so it can be used as a trigger like the case above
opened by mocherfaoui 0
[Snyk] Upgrade @stripe/stripe-js from 1.36.0 to 1.46.0
Snyk has created this PR to upgrade @stripe/stripe-js from 1.36.0 to 1.46.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 13 versions ahead of your current version.

The recommended version was released a month ago, on 2022-12-02.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs
opened by snyk-bot 0
ci: auto build and tag images

Currently all docker images are tagged with latest and overwritten on new builds. This is a bit problematic in production environments since it prevents version control.

I'd like to propose this build pipeline for the docker images.

The pipeline will be triggered automatically on a new tag and create images with the according tags. Pull requests to main will trigger the pipeline but only to test if the image still works. The image wont be pushed to dockerhub.

The docker image with tag latest will always be the latest tag on github. Builds triggered by workflow_dispatch will have the tag main.

opened by jon4hz 2
Helm updates
Hey, I was missing some configuration options while deploying infisical with helm.

The following features were added:

support for custom annotations

support for custom service type for the frontend

allow image image overrides

I also added some default helper templates and refactored the naming, labeling and selectors in a more "helmish" way. Your service currently uses selectors like app=backend which isn't very unique and could lead to troubles, e.g. if more than one infisical installation is running in the same namespace.
opened by jon4hz 2