Sync CI/CD variables and secrets between platforms

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for saeedya from gravatar.com saeedya

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Requires: Python >=3.12
  • Provides-Extra: dev
Report project as malware

Project description

envcmp

Python License Tests Coverage CI

A lightweight CLI tool to sync CI/CD variables and secrets between platforms.

The problem

Your variables live in multiple places:

  • Terraform Cloud workspace
  • GitLab CI variables
  • GitHub Actions secrets
  • .env files

They should always be in sync — but no tool does this automatically.

Solution

# see what's different
envcmp diff --from gitlab:my-project --to terraform:my-workspace

# output
KEY          SOURCE      TARGET      STATUS
──────────────────────────────────────────────
DB_HOST      localhost   localhost   in sync
DB_PORT      5432        5432        in sync
API_KEY      ••••••••    (not set)   source only
STRIPE_KEY   (not set)   ••••••••    target only
DB_PASS      ••••••••    ••••••••    differs

Supported platforms

Platform Category Read Write Status
.env files Local available
GitLab CI Variables CI/CD available
Terraform Cloud IaC available
GitHub Actions CI/CD ⚠️ available
HashiCorp Vault Secret Store available
AWS Secrets Manager Secret Store 🔜 🔜 coming soon
Azure Key Vault Secret Store 🔜 🔜 coming soon
GCP Secret Manager Secret Store 🔜 🔜 coming soon
Pulumi ESC IaC 🔜 🔜 coming soon
Jenkins CI/CD 🔜 🔜 coming soon
CircleCI CI/CD 🔜 🔜 coming soon
Azure DevOps CI/CD 🔜 🔜 coming soon
Kubernetes Secrets Container 🔜 🔜 coming soon
Vercel Deploy 🔜 🔜 coming soon
Railway Deploy 🔜 🔜 coming soon
Fly.io Deploy 🔜 🔜 coming soon

Installation

pip install envcmp

Configuration

Copy .env.example to .env and fill in your credentials:

cp .env.example .env

GITLAB_URL=https://gitlab.com
GITLAB_TOKEN=glpat-...
GITLAB_PROJECT_ID=12345678

GITHUB_TOKEN=ghp_...
GITHUB_ORGANIZATION=my-org
GITHUB_REPOSITORY=my-repo

TERRAFORM_TOKEN=...
TERRAFORM_ORGANIZATION=my-org
TERRAFORM_WORKSPACE=my-workspace

Usage

# diff between two providers
envcmp diff --from gitlab:my-project --to terraform:my-workspace

# diff between two .env files
envcmp diff --from env:.env.production --to env:.env.staging

# push changes
envcmp push --from gitlab:my-project --to terraform:my-workspace

# dry run
envcmp push --from env:.env --to env:.env.staging --dry-run

# pull changes from target to source
envcmp pull --from env:.env.local --to gitlab:my-project

# dry run
envcmp pull --from env:.env.local --to gitlab:my-project --dry-run

Development

git clone https://github.com/saeedya/envcmp.git
cd envcmp
python -m venv .venv
source .venv/bin/activate
pip install -e ".[dev]"
pytest

Security

  • Secret values are never printed in plain text
  • All output uses masked values (••••••••)
  • Dependencies scanned with pip-audit and bandit

Contributing

Contributions are welcome! Here's how to get started:

  1. Fork the repository
  2. Create a branch: git checkout -b feat/your-feature
  3. Make your changes
  4. Run tests: pytest tests/unit/ tests/security/
  5. Run pre-commit: pre-commit run --all-files
  6. Commit: git commit -m "feat: your feature"
  7. Push and open a Pull Request

See docs/contributing.md for more details.

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for saeedya from gravatar.com saeedya

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT
  • Requires: Python >=3.12
  • Provides-Extra: dev

Release history Release notifications | RSS feed

0.2.0

This version

0.1.8

0.1.7

0.1.6

0.1.5

0.1.4

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

envcmp-0.1.8.tar.gz (20.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

envcmp-0.1.8-py3-none-any.whl (13.5 kB view details)

Uploaded Python 3

File details

Details for the file envcmp-0.1.8.tar.gz.

File metadata

  • Download URL: envcmp-0.1.8.tar.gz
  • Upload date:
  • Size: 20.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.13

File hashes

Hashes for envcmp-0.1.8.tar.gz
Algorithm Hash digest
SHA256 3831a46cd6693be21edd3d6ca1b97b8edf708fe670b5781f4b0a76c097eb3fec
MD5 eef0cc8f39285c86b88ebca4de7bd169
BLAKE2b-256 675431e3a801da3c0230c0295e2f5218ba9aba8aa2034bb4c06ba5d1c87ac376

See more details on using hashes here.

File details

Details for the file envcmp-0.1.8-py3-none-any.whl.

File metadata

  • Download URL: envcmp-0.1.8-py3-none-any.whl
  • Upload date:
  • Size: 13.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.13

File hashes

Hashes for envcmp-0.1.8-py3-none-any.whl
Algorithm Hash digest
SHA256 7665cbad7ed77f75cbfe8135415617ecbd27c8d9e57391f8d0ed6b576c346860
MD5 4ce12bdcbd20798edf06f42bec612ac8
BLAKE2b-256 8ea3be8518d1a0a8cd85273ef8d36de56be37152584d80b02a177cf0e29f038b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page