Shushi - Minimalist Secrets Management in Python

A lot of the work I produce as a 9-5 developer lives in private repositories. Given the unprecedented times we are all currently experiencing I wanted to take the opportunity to port some of my work into open source repositories.

---

Problem

When I'd create applications in python I'd create a config.json to store credentials and other sensitive assets needed by the application.

This posed 2 problems for me;

1. Credentials are spread across multiple config.json files
2. Generally, the config.json files are in plan-text

Solution

As a result I built shushi, minimalist secrets management in Python.

How does shushi address the above?

1. Credentials are stored in a single vault file
2. The vault file is encrypted using cryptography

Shushi comes complete with...

A CLI developed using click;

> shushi -p [password] get twitter
name = twitter
user = alexmacniven
password = secret_password

Access to the back-end functionality;

>>> import shushi
>>> shushi.get([password], "twitter")
VaultRecord(name="twitter", user="alexmacniven", password="secret_password")

Unit tests written with pytest in mind;

> pytest
============================= test session starts =============================
platform win32 -- Python 3.8.2, pytest-5.4.1, py-1.8.1, pluggy-0.13.1
rootdir: ~\Code\shushi
plugins: mock-2.0.0
collected 25 items

tests\test_api.py ..                                                     [  8%]
tests\test_core.py ..............                                        [ 64%]
tests\test_crpyto.py ........                                            [ 96%]
tests\test_record.py .                                                   [100%]

============================= 25 passed in 1.24s ==============================

Contributions are welcomed using Github issues.

Psst this is my first dev.to post 🥳