Skip to content

KeepSecret Management Made Simple

Collaborative, secure management of secrets across applications, environments, and teams.

Quick Example

bash
# Configure your project
keep init

# Add a vault
keep vault:add

# Set secrets
keep set DB_PASSWORD "super-secret" --env=production

# List secrets
keep list --env=staging

# Compare environments
keep diff --env=staging,production

# Export to .env
keep export --env=production --output=.env

# Use templates  
keep export --template=.env.template --env=production --output=.env

Interactive Shell

Launch the Keep shell for faster secret management with tab completion:

bash
# Start the interactive shell
keep shell

# In the shell, use shortcuts and tab completion
>>> env production         # Switch to production environment
>>> get DB_<TAB>            # Tab completes secret names
>>> set NEW_SECRET "value"  # Set secrets instantly
>>> diff staging production # Compare environments
>>> exit                    # Exit when done

Web UI

Launch a modern browser-based interface for visual secret management:

bash
# Start the web server
keep server

# The UI provides:
# - Visual diff matrix comparing environments
# - Drag-and-drop import with conflict resolution
# - Real-time search and filtering
# - Export in multiple formats with preview
# - Settings management for vaults and environments

Runtime Injection

Execute processes with secrets injected as environment variables - no files written to disk:

bash
# Laravel: inject secrets during config caching
keep run --vault=ssm --env=production -- php artisan config:cache

# Node.js: run build or start with injected secrets
keep run --vault=ssm --env=production -- npm run build
keep run --vault=ssm --env=production -- npm start

# Any command with secrets available as env vars
keep run --vault=ssm --env=production -- ./deploy.sh

Get started with our installation guide, explore the interactive shell, try the Web UI, or see all CLI commands.

Released under the MIT License.