Integrate EnvKey with your Go projects to keep api keys, credentials, and other configuration securely and automatically in sync for developers and servers.
go get github.com/envkey/go-sdkFirst, generate an ENVKEY in the EnvKey App. Then set ENVKEY=..., either in a gitignored .env file in the root of your project (in development) or in an environment variable (on servers).
Then load your EnvKey configuration in main.go:
// main.go
import (
"os"
_ "github.com/envkey/go-sdk"
)
// assuming you have GITHUB_TOKEN set in EnvKey
token := os.Getenv("GITHUB_TOKEN") // this will stay in syncenvkeygo will not overwrite existing environment variables or additional variables set in a .env file. This can be convenient for customizing environments that otherwise share the same configuration. You can also use sub-environments in the EnvKey App for this purpose.
envkeygo caches your encrypted config in development so that you can still use it while offline. Your config will still be available (though possibly not up-to-date) the next time you lose your internet connection. If you do have a connection available, envkeygo will always load the latest config. Your cached encrypted config is stored in $HOME/.envkey/cache
For caching purposes, this package assumes you're in development mode if a .env file exists in the root of your project.
On a stripped down OS like Alpine Linux, you may get an x509: certificate signed by unknown authority error when envkeygo attempts to load your config. envkey-fetch (which envkeygo wraps) tries to handle this by including its own set of trusted CAs via gocertifi, but if you're getting this error anyway, you can fix it by ensuring that the ca-certificates dependency is installed. On Alpine you'll want to run:
apk add --no-cache ca-certificates
For more on EnvKey in general:
Read the docs.
Read the integration quickstart.
Read the security and cryptography overview.
Post an issue or email us: support@envkey.com.