Secrets Management

One of the core use cases for Varlock is to manage secrets.

Handling Secrets

varlock uses the term “sensitive” to describe any value that should not be committed to version control. This includes secrets, passwords, and other generally sensitive information.

For local development, varlock allows you to encrypt sensitive values in your .env.* files using varlock encrypt and then decrypt them using varlock load or varlock run.

This works exclusively for local development since it relies on your system’s keyring and biometric authentication to store and retrieve the encryption keys.

Coming soon

We’ll be adding support for cloud-based secret storage in the very near future.

Workflow

1. Install varlock including the desktop app
2. Add sensitive values to your .env.* file(s)
3. Encrypt them using varlock encrypt
4. Decrypt them using varlock load or varlock run

Next Steps

• Learn about security best practices
• Explore JavaScript ecosystem integration
• Check out other language support