Manage Secrets and Files

Keystone can handle secrets and files. Secrets are key-value pairs meant to be used as environment variables. Files are things like certificates, configuration files (e.g.: wp-config.php), credential files, etc.

Add secrets and files#

You can add a secret, or file, to all environments with ks secret add and ks file add:

ks secret add API_KEY a-default-secret-value
ks file add ./a-secret-file.conf.js

For the API_KEY secret, it will prompt the secret value for dev, staging and prod environments, one after the other, using a-default-secret-value as default.
For the ./a-secret-file.conf.js, it will open your default editor (using $EDITOR) to set the file content for each enviroment, one after the other.

List secrets and managed files#

ks secret
ks file

Required secrets and files#

Required secrets and files cannot be set to empty values or removed. If you setup a CI integration, empty or missing secrets/files will cause your pipelines to fail.

Commands#

For an exhaustive list of commands regarding secrets and files, see:

• ks secret
• ks secret add
• ks secret set
• ks secret unset
• ks secret rm
• ks secret require
• ks secret optional
• ks file
• ks file add
• ks file rm
• ks file require
• ks file optional

Edit this page on GitHub