Managing Secrets with the Devbox CLI
You can access your Jetify Secrets locally using Devbox. When you authenticate your Devbox CLI with Jetify Cloud, Devbox will automatically identify your project, and make your secrets available in your Devbox shell. Developers who are part of your Jetify Cloud team can also access your project’s secrets automatically, whenever they use devbox to start a shell, run a script, or launch a service
If you don't already have Devbox installed, see our Quickstart guide to get started.
Authenticating with Devbox
You can authenticate with Jetify Cloud by running devbox auth login. This will launch the browser authentication flow to sign into Jetify Cloud.
Once you complete the authentication flow and select a team, the Devbox CLI will configure itself to use the team you selected
Integrating a project with devbox secrets
To create a new project on Jetify Cloud, navigate to the root directory of your project and run devbox secrets init
/Users/puckworth/my-project❯ devbox secrets init
? Setup project in /Users/puckworth/my-project? Yes
Initializing project in org
? What’s the name of your new project? my-test-project
Created project my-test-project in org
Running devbox secrets init will create a new project in your current Jetify Cloud account and org, and configure your project to use Jetify Secrets. The project should also be visible if you navigate to the Jetify Dashboard.
Adding Secrets to your Project
Adding Secrets from the Command Line
You can set secrets using devbox secrets set:
envsec set FOO=BAR
[DONE] Set environment variable 'FOO' in environment: dev
By default, variables will be set on the dev environment. You can set secrets on other environments by passing the --environment flag:
devbox secrets set FOO=BAR --environment prod
Supported environments include dev, preview, and prod.
Adding Secrets from a File
You can bulk add secrets from a file by using devbox secrets import:
devbox secrets import .env.dev
[DONE] Uploaded 3 environment variable(s) from file '.env.dev' to environment: dev
The file should follow the .env format, with each line containing a single environment variable in the form:
VARIABLE_NAME=VARIABLE_VALUE
## Viewing your Project’s Secrets
You can view your project’s secrets by running `devbox secrets ls`:
```bash
Environment: dev
+-----------------+-------+
| NAME | VALUE |
+-----------------+-------+
| FOO | ***** |
| DEV_SERVER | ***** |
| PG_PASSWORD | ***** |
+-----------------+-------+
Environment: prod
+-----------------+-------+
| NAME | VALUE |
+-----------------+-------+
| FOO | ***** |
| PG_PASSWORD | ***** |
+-----------------+-------+
Environment: preview
+-----------------+-------+
| NAME | VALUE |
+-----------------+-------+
| FOO | ***** |
| PG_PASSWORD | ***** |
+-----------------+-------+
Accessing your Secrets from a Devbox Shell
Once your project is configured for Jetify Cloud, Devbox will automatically check whether the project exists in your Jetify Cloud account based on:
- Your current project’s Git repository
- The subfolder where your
devbox.jsonis located
If you have a matching project in your Jetify Cloud account, Devbox will automatically set your secrets as environment variables whenever you:
- Start a
devbox shell - Start services with
devbox services upordevbox services start - Run a script with
devbox run
Removing a Secret from your Project
You can remove a secret from your project by running devbox secrets rm:
devbox secrets rm FOO
[DONE] Deleted environment variable 'FOO' in environment: dev
Exporting Secrets to a File
You can export your secrets to a .env file using devbox secrets download:
devbox secrets download .env
[DONE] Downloaded environment variables to '.env' for environment: dev
You can download from a specific environment using the --environment flag: