Thanks to visit codestin.com
Credit goes to github.com

Skip to content
/ ww Public

A Doppler-like secret manager built on ScyllaDB, with a background daemon and a CLI for injecting environment variables into processes.

zurui.io

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Akzestia/ww

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
.github/workflows
.github/workflows
 
 
cql
cql
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

ww

Crates.io

ww is a Doppler‑like secret manager built on ScyllaDB. It runs a background daemon that talks to Scylla and exposes project secrets over a local Unix socket. The companion CLI can inject environment variables into commands, download them in multiple formats, or update individual keys.

✨ Features

  • 🔑 Store project secrets in ScyllaDB (map<text,text> column)
  • 📡 Local daemon with Unix socket protocol
  • 🛠 CLI with familiar commands: run, secrets, set-env, client
  • 🌐 Path‑to‑project bindings (~/.config/ww/config.toml)
  • 📄 Export secrets as .env, JSON, or YAML
  • 🔒 Socket permissions default to 0600

Important

This README does not cover database setup. Please follow the official ScyllaDB installation & Docker guide before running ww.

🚀 Quick Start

1. Start the daemon

ww serve --node 127.0.0.1:9042 --user cassandra --pass cassandra

2. Bind your repo to a project

cd /path/to/repo
ww client setup my_project

3. Set a secret

ww set-env --name API_KEY --val abc123

4. Run your app with secrets injected

ww node app.js

🔧 CLI Overview

USAGE:
    ww <COMMAND>

COMMANDS:
    serve       Start the daemon server
    run         Run a command with env vars injected
    secrets     Download or read secrets
    set-env     Upsert a single secret
    client      Manage global client config

Examples

  • Show current project resolution:

    ww client which

  • Download secrets to .env file:

    ww secrets download --format env --output .env

  • Fetch a single secret:

    ww secrets get --name API_KEY --plain

  • Run any command, injecting resolved project secrets:

    ww npm run dev

⚙️ Client Config

Location: ~/.config/ww/config.toml

default_project = "demo_project"

[[paths]]
dir = "/abs/path/to/repo"
project = "my_project"

Resolution order:

  1. --project flag (explicit)
  2. WW_PROJECT environment variable
  3. Path binding from config
  4. default_project

📡 Socket Protocol

The daemon speaks a simple line protocol over a Unix socket:

  • QUERY_PROJECTS:<project>\nKEY=VALUE\n...
  • ENSURE_PROJECT:<project>\nOK\n or ERROR:...
  • SET_ENV:<project>:<key>=<value>\nOK\n or ERROR:...

Socket path defaults to /tmp/ww.sock.

🔐 Security Notes

  • Socket is 0600 (owner read/write only)
  • Assumes local single‑user trust; no encryption/auth on socket
  • Use --plain only when piping into secure sinks

🛠 Development

Build

cargo build --release

Test

cargo test

Install locally

cargo install --path .

📜 License

Licensed under MIT.

About

A Doppler-like secret manager built on ScyllaDB, with a background daemon and a CLI for injecting environment variables into processes.

zurui.io

Topics

rust cli scylla secrets env scylladb

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

ww v1.0.0 Latest
Aug 22, 2025

Languages