A lot of the work I produce as a 9-5 developer lives in private repositories. Given the unprecedented times we are all currently experiencing I wanted to take the opportunity to port some of my work into open source repositories.
When I'd create applications in python I'd create a
config.json to store credentials and other sensitive assets needed by the application.
This posed 2 problems for me;
- Credentials are spread across multiple
- Generally, the
config.jsonfiles are in plan-text
As a result I built shushi, minimalist secrets management in Python.
How does shushi address the above?
- Credentials are stored in a single
vaultfile is encrypted using cryptography
A CLI developed using click;
> shushi -p [password] get twitter name = twitter user = alexmacniven password = secret_password
Access to the back-end functionality;
>>> import shushi >>> shushi.get([password], "twitter") VaultRecord(name="twitter", user="alexmacniven", password="secret_password")
Unit tests written with pytest in mind;
> pytest ============================= test session starts ============================= platform win32 -- Python 3.8.2, pytest-5.4.1, py-1.8.1, pluggy-0.13.1 rootdir: ~\Code\shushi plugins: mock-2.0.0 collected 25 items tests\test_api.py .. [ 8%] tests\test_core.py .............. [ 64%] tests\test_crpyto.py ........ [ 96%] tests\test_record.py . [100%] ============================= 25 passed in 1.24s ==============================
Contributions are welcomed using Github issues.
Psst this is my first dev.to post 🥳