Secret Injection

Rot makes injecting secrets into tools easy

Categories:

Feature

Users can inject secrets from Rot into their favorite tools like Ansible and OpenTofu/Terraform using Environment Variables:

$ rot -x unmask='["SECRET1", "SECRET2"]' run rot/ansible ansible-playbook playbook.yaml
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'

PLAY [127.0.0.1] ***************************************************************

TASK [Gathering Facts] *********************************************************
ok: [127.0.0.1]

TASK [Print values from Rot] ***************************************************
ok: [127.0.0.1] => {
    "msg": "secret1 secret2 ***"
}

PLAY RECAP *********************************************************************
127.0.0.1                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0