Expand description
Secret Resolution for cuenv
Provides a unified interface for resolving secrets from various providers (environment variables, command execution, 1Password, Vault, etc.) with support for cache key fingerprinting and salt rotation.
§Batch Resolution
For resolving multiple secrets efficiently, use the batch resolution API:
ⓘ
use cuenv_secrets::{BatchSecrets, SecretResolver, SecretSpec};
// Resolve multiple secrets concurrently
let secrets = resolver.resolve_batch(&specs).await?;
// Use secrets during task execution
for name in secrets.names() {
if let Some(secret) = secrets.get(name) {
std::env::set_var(name, secret.expose());
}
}
// Secrets are zeroed when `secrets` goes out of scopeRe-exports§
pub use resolvers::EnvSecretResolver;pub use resolvers::ExecSecretResolver;
Modules§
- resolvers
- Secret resolver implementations
Structs§
- Batch
Config - Configuration for batch resolution.
- Batch
Resolver - Multi-provider batch resolver.
- Batch
Secrets - Batch of resolved secrets with per-batch lifetime.
- Resolved
Secrets - Resolved secrets ready for injection
- Salt
Config - Salt configuration for secret fingerprinting with rotation support
- Secret
Registry - Registry for secret resolvers
- Secret
Spec - Configuration for a secret to resolve
- Secure
Secret - A resolved secret value with automatic memory zeroing on drop.
Enums§
- Secret
Error - Error types for secret resolution
Traits§
- Secret
Resolver - Trait for resolving secrets from various providers.
Functions§
- compute_
secret_ fingerprint - Compute HMAC-SHA256 fingerprint for a secret
- resolve_
batch - Convenience function for single-provider batch resolution.