Secrets

Secrets are used to manage sensitive data such as API keys, tokens, or credentials. They are injected as environment variables into your application's processes, but unlike the [env] section in your deckrun.toml file, they are stored securely and not checked into version control.

Listing Secrets

To list all the secrets for an application, use the list command:

deck secrets list

Setting Secrets

To set a secret, use the set command. You can set the value in three different ways:

Interactive prompt

If you don't provide a value, Deckrun will prompt you to enter it securely:

deck secrets set MY_SECRET

From a flag

You can provide the secret value directly using the --value flag. This is useful for scripting or when using environment variables:

deck secrets set MY_SECRET --value "$SECRET_VALUE"

From a file

You can also set the secret's value from the contents of a file:

deck secrets set MY_SECRET < myfile.txt

Unsetting Secrets

To unset one or more secrets, use the unset command, followed by the names of the secrets you want to remove:

deck secrets unset SECRET1 SECRET2

To avoid the interactive confirmation prompt, you can use the -y or --yes flag:

deck secrets unset SECRET1 SECRET2 --yes