Skip to content

A NodeJS tool for discovering all your secrets on CircleCI

Notifications You must be signed in to change notification settings

iZettle/CircleCI-Env-Inspector

 
 

Repository files navigation

CircleCI-Env-Inspector

An interactive CLI tool for fetching all of your secrets from CircleCI.

Pre-requisites

  • Docker

To Run

  1. Clone this repo
  2. Run run.sh from the root of the repo
  3. Follow the prompts.
demo.mp4

Example Output

{
  "contexts": [
    {
      "name": "CONTEXT_NAME",
      "url": "https://app.circleci.com/settings/organization/<VCS>/<ORG>/contexts/<CONTEXT-ID>",
      "id": "xxx",
      "variables": [
        {
          "variable": "GITHUB_TOKEN",
          "context_id": "xxx",
          "created_at": "yyy"
        }
      ]
    }
  ],
  "projects": [
    {
      "name": "ORG/REPO",
      "url": "https://app.circleci.com/settings/project/<VCS>/<ORG>/<REPO>/environment-variables",
      "variables": [{ "name": "VAR", "value": "xxxx" }],
      "project_keys": [
        {
          "type": "deploy-key",
          "preferred": true,
          "created_at": "xxx",
          "public_key": "yyy",
          "fingerprint": "zzz"
        }
          ]
    }
  ]

}

F.A.Q.

Q: Will this tool return the values of my secrets?

A: No. This tool will only return the names of the secrets and as much information as can be provided by the CircleCI APIs. CircleCI does not return the values of secrets through their APIs. The information from this tool is for auditing and key rotation purposes.

About

A NodeJS tool for discovering all your secrets on CircleCI

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • TypeScript 86.1%
  • JavaScript 7.3%
  • Shell 5.5%
  • Dockerfile 1.1%