# Usage psonoci (Beta)
The basic command looks like this:
psonoci [OPTIONS] <SUBCOMMAND> [FLAGS]
# General OPTIONS
OPTIONS can either be specified in the command or with environment variables and need to be set in all subcommands
(with the exception of help of course). All commands accept the following OPTIONS.
| Option | Description | Environment Variable | Required |
|---|---|---|---|
| --api-key-id | api key as uuid | PSONO_CI_API_KEY_ID | yes |
| --api-secret-key-hex | api secret key as 64 byte hex string | PSONO_CI_API_SECRET_KEY_HEX | yes |
| --server-url | Url of the Psono backend server | PSONO_CI_SERVER_URL | yes |
| --timeout | Connection timeout in seconds [default: 60] | PSONO_CI_TIMEOUT | no |
# General FLAGS
All commands accept the following FLAGS
| Option | Description |
|---|---|
| -h, --help | Prints help information |
| -V, --version | Prints version information |
# Overview Subcommands
psonoci accepts currently the following subcommands.
| Option | Description |
|---|---|
| help | Prints the help for a specific command. |
| env-vars get-or-create | Get or create the value of a key for a specific environment variables secret. |
| env-vars update-or-create | Update or create env var for a specific secret. |
| secret get | Retrieves a specific secret, identified by its ID. |
| secret set | Updates a specific secret, identified by its ID. |
| run | Spawns a process and pass secrets as environment variables. |
| config save | Saves a config to simplify other commands. |
# Example
psonoci help
psonoci secret get --help
# Subcommand help
Used to print the help for a specific command. It can also be passed in as a FLAG with --help
# Example
psonoci help
# Subcommand env-vars get-or-create
Works with secrets of the environment variables data type and is used to get the value of a specific key. The command will always return the first matching key. If the key does not exist it will generate a random string and update the secret accordingly.
# Arguments:
| Option | Description | Required |
|---|---|---|
| secret-id | The secret's uuid, e.g. 25070c66-8950-4264-9b39-11e6d83312e3 | yes |
| env-var-name | The key to search for | yes |
| --password-length <num_chars> | The length of the password if it needs to be generated, defaults to 21 | no |
# Example with environment variables
export PSONO_CI_API_KEY_ID=eaee77c6-169f-4873-9be3-f2613149baa9
export PSONO_CI_API_SECRET_KEY_HEX=c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917
export PSONO_CI_SERVER_URL=https://example.com/server
psonoci env-vars get-or-create eeede220-3e2d-4721-b900-535d9ae34c47 DBPASSWORD
# Example without environment variables
psonoci \
--api-key-id eaee77c6-169f-4873-9be3-f2613149baa9 \
--api-secret-key-hex c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917 \
--server-url https://example.com/server \
env-vars get-or-create eeede220-3e2d-4721-b900-535d9ae34c47 DBPASSWORD
# Subcommand env-vars update-or-create
Works with secrets of the environment variables data type and is used to update the value of a specific key. The command will always update the first matching key with the provided value. If the key does not exist it will create it. If no value was specified it will generate a random string.
# Arguments:
| Option | Description | Required |
|---|---|---|
| secret-id | The secret's uuid, e.g. 25070c66-8950-4264-9b39-11e6d83312e3 | yes |
| env-var-name | The key to search for | yes |
| env-var-value | The new value | no |
| --password-length <num_chars> | The length of the password if it needs to be generated, defaults to 21 | no |
# Example with environment variables
export PSONO_CI_API_KEY_ID=eaee77c6-169f-4873-9be3-f2613149baa9
export PSONO_CI_API_SECRET_KEY_HEX=c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917
export PSONO_CI_SERVER_URL=https://example.com/server
psonoci env-vars update-or-create eeede220-3e2d-4721-b900-535d9ae34c47 DBPASSWORD mySecretPassword
# Example without environment variables
psonoci \
--api-key-id eaee77c6-169f-4873-9be3-f2613149baa9 \
--api-secret-key-hex c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917 \
--server-url https://example.com/server \
env-vars update-or-create eeede220-3e2d-4721-b900-535d9ae34c47 DBPASSWORD mySecretPassword
# Subcommand secret get
Used to retrieve a specific secret, identified by its ID.
# Arguments:
| Option | Description |
|---|---|
| secret-id | The secret's uuid, e.g. 25070c66-8950-4264-9b39-11e6d83312e3 |
| secret-value | Which secret value to return (json returns all values in a json object). Possible values: json, notes, password, title, url, url_filter, username, gpg_key_email, gpg_key_name, gpg_key_private, gpg_key_public |
# Example with environment variables
export PSONO_CI_API_KEY_ID=eaee77c6-169f-4873-9be3-f2613149baa9
export PSONO_CI_API_SECRET_KEY_HEX=c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917
export PSONO_CI_SERVER_URL=https://example.com/server
psonoci secret get 25070c66-8950-4264-9b39-11e6d83312e3 json
# Example without environment variables
psonoci \
--api-key-id eaee77c6-169f-4873-9be3-f2613149baa9 \
--api-secret-key-hex c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917 \
--server-url https://example.com/server \
secret get 25070c66-8950-4264-9b39-11e6d83312e3 json
# Subcommand secret set
Used to update a specific secret, identified by its ID.
# Arguments:
| Option | Description |
|---|---|
| secret-id | The secret's uuid, e.g. 25070c66-8950-4264-9b39-11e6d83312e3 |
| secret-value | Which secret value-type to set ('json' not yet supported). Possible values: json, notes, password, title, url, url_filter, username, gpg_key_email, gpg_key_name, gpg_key_private, gpg_key_public, secret_type, env_vars |
| secret-new-value | The new value to set for type |
# Example with environment variables
export PSONO_CI_API_KEY_ID=eaee77c6-169f-4873-9be3-f2613149baa9
export PSONO_CI_API_SECRET_KEY_HEX=c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917
export PSONO_CI_SERVER_URL=https://example.com/server
psonoci secret set 25070c66-8950-4264-9b39-11e6d83312e3 password newPassword
# Example without environment variables
psonoci \
--api-key-id eaee77c6-169f-4873-9be3-f2613149baa9 \
--api-secret-key-hex c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917 \
--server-url https://example.com/server \
secret set 25070c66-8950-4264-9b39-11e6d83312e3 password newPassword
# Subcommand run
Spawns processes with environment variables from the api-keys secrets. For this to work you need create an environment variables secret
and then grant access to the api key for the environment variable secret.
# Arguments:
| Option | Description |
|---|---|
| command-values | The actual to run e.g. ./some_command --timeout=10 |
# Example with environment variables
export PSONO_CI_API_KEY_ID=eaee77c6-169f-4873-9be3-f2613149baa9
export PSONO_CI_API_SECRET_KEY_HEX=c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917
export PSONO_CI_SERVER_URL=https://example.com/server
psonoci run -- ./some_command
# Example without environment variables
psonoci \
--api-key-id eaee77c6-169f-4873-9be3-f2613149baa9 \
--api-secret-key-hex c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917 \
--server-url https://example.com/server \
run -- ./some_command
# Subcommand config save
psonoci can generate a single config file, containing the api key id, secret and server url and later be used to simplify commands.
# Arguments:
| Option | Description |
|---|---|
| path | Output path where to store the config e.g. /path/to/config.toml |
# Example without environment variables
psonoci \
--api-key-id eaee77c6-169f-4873-9be3-f2613149baa9 \
--api-secret-key-hex c8321d7a8e5b1f5ec3d969ecb5054c7548a1c709ddab2edae2ff7ff028538917 \
--server-url https://example.com/server \
config save /path/to/config.toml
This creates /path/to/config.toml and then can later be passed in as s single parameter
psonoci -c /path/to/config.toml secret get 25070c66-8950-4264-9b39-11e6d83312e3 json
or as an environment variable
export PSONO_CI_CONFIG_PATH="/path/to/config.toml"
psonoci secret get 25070c66-8950-4264-9b39-11e6d83312e3 json