Skip to content

Commit

Permalink
doc: add short demo video
Browse files Browse the repository at this point in the history
  • Loading branch information
PierreBeucher committed Aug 24, 2023
1 parent 6b7be61 commit c003193
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 14 deletions.
45 changes: 31 additions & 14 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,14 +1,23 @@
# Novops

Platform-agnostic secret manager for local development and CI.
![novops-features](docs/src/assets/novops-features.jpg)

Load secrets from their sources directly in memory. Avoid spreading secrets across CI tools and developers environments without needing to sync or encrypt them into yet-another place.
Novops is like `.env`, but on steroïd 💪

![novops-features](docs/src/assets/novops-features.jpg)
- Load secrets directly in memory from any source (AWS, GCloud, Azure...)
- Manage multiple environments
- Set plain variables, secrets, files and generate temporary credentials
- Stop spreading secrets across CI tools and dev environments

Use Novops to easily setup secrets and variables in your development environment or CI platform. Stop having developers setup their own `.env.prod`, `.bashrc` - Novops takes care of it and make sure everyone's on the same page.

![](docs/demo.gif)

---

- [Features](#features)
- [Getting Started](#getting-started)
- [🔐 Security](#-security)
- [Features](#features)
- [Example usage](#example-usage)
- [Shell](#shell)
- [🐳 Docker & Podman](#-docker--podman)
Expand All @@ -27,18 +36,9 @@ Load secrets from their sources directly in memory. Avoid spreading secrets acro
- [License](#license)
- [Acknowledgment](#acknowledgment)

## Features

- Securely load secrets and generate temporary credentials directly in memory as environment variables or temporary files
- Fetch secrets at their source. No more syncing secrets between local tool, CI/CD, and Cloud secret service
- Fetch secrets from anywhere: Hashicorp Vault, AWS, Google Cloud, Azure...
- Provide secrets directly to process, easing usage of IaC tools like Terraform, Pulumi, Ansible...
- Manage multi-environments setup
- Easy installation with fully static binary or Nix

## Getting Started

Consider a typical workflow: run build and deployment with **secrets from Hashicorp Vault** and **temporary AWS credentials**.
Let's deploy an application with **secret password and SSH key from Hashicorp Vault** and **temporary AWS credentials**.

Install static binary (or [use Nix](https://pierrebeucher.github.io/novops/install.html#nix)):

Expand Down Expand Up @@ -68,6 +68,14 @@ environments:
- name: DATABASE_USER
value: root

# Load files in memory (not written on disk)
files:
- variable: APP_SSH_KEY # Will point to generated file
content:
hvault_kv2:
path: app/dev
key: ssh_key

# Generate temporary AWS credentials for IAM Role
# Provide environment variables:
# - AWS_ACCESS_KEY_ID
Expand Down Expand Up @@ -106,6 +114,15 @@ Novops loads secrets in memory and does not write anything to disk. Secrets are

See [Novops Security Model](https://pierrebeucher.github.io/novops/security.html) for details

## Features

- Securely load secrets and generate temporary credentials directly in memory as environment variables or temporary files
- Fetch secrets at their source. No more syncing secrets between local tool, CI/CD, and Cloud secret service
- Fetch secrets from anywhere: Hashicorp Vault, AWS, Google Cloud, Azure...
- Provide secrets directly to process, easing usage of IaC tools like Terraform, Pulumi, Ansible...
- Manage multi-environments setup
- Easy installation with fully static binary or Nix

## Example usage

### Shell
Expand Down
Binary file added docs/demo.gif
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit c003193

Please sign in to comment.