A lot of the work I produce as a 9-5 developer lives in private repositories. Given the unprecedented times we are all currently experiencing I wanted to take the opportunity to port some of my work into open source repositories.

Problem

When I'd create applications in python I'd create a config.json to store credentials and other sensitive assets needed by the application.

This posed 2 problems for me;

1. Credentials are spread across multiple config.json files
2. Generally, the config.json files are in plan-text

Solution

As a result I built shushi, minimalist secrets management in Python.

How does shushi address the above?

1. Credentials are stored in a single vault file
2. The vault file is encrypted using cryptography

Shushi comes complete with...

A CLI developed using click;

> shushi -p [password] get twitter name = twitter user = alexmacniven password = secret_password 

Access to the back-end functionality;

>>> import shushi >>> shushi.get([password], "twitter") VaultRecord(name="twitter", user="alexmacniven", password="secret_password") 

Unit tests written with pytest in mind;

> pytest ============================= test session starts ============================= platform win32 -- Python 3.8.2, pytest-5.4.1, py-1.8.1, pluggy-0.13.1 rootdir: ~\Code\shushi plugins: mock-2.0.0 collected 25 items tests\test_api.py .. [ 8%] tests\test_core.py .............. [ 64%] tests\test_crpyto.py ........ [ 96%] tests\test_record.py . [100%] ============================= 25 passed in 1.24s ============================== 

Contributions are welcomed using Github issues.

Psst this is my first dev.to post 🥳