infisical secrets - Infisical

infisical secrets

Description

This command enables you to perform CRUD (create, read, update, delete) operations on secrets within your Infisical project. With it, you can view, create, update, and delete secrets in your environment.

Sub-commands

infisical secrets

Use this command to print out all of the secrets in your project

$ infisical secrets

Environment variables

INFISICAL_TOKEN

Used to fetch secrets via a machine identity apposed to logged in credentials. Simply, export this variable in the terminal before running this command.

# Example
export INFISICAL_TOKEN=$(infisical login --method=universal-auth --client-id=<identity-client-id> --client-secret=<identity-client-secret> --silent --plain) # --plain flag will output only the token, so it can be fed to an environment variable. --silent will disable any update messages.

Alternatively, you may use service tokens.

Please note, however, that service tokens are being deprecated in favor of machine identities. They will be removed in the future in accordance with the deprecation notice and timeline stated here.

# Example
export INFISICAL_TOKEN=<service-token>

INFISICAL_DISABLE_UPDATE_CHECK

Used to disable the check for new CLI versions. This can improve the time it takes to run this command. Recommended for production environments.

To use, simply export this variable in the terminal before running this command.

# Example
export INFISICAL_DISABLE_UPDATE_CHECK=true

Flags

--expand

--projectId

--env

--path

infisical secrets get

This command allows you selectively print the requested secrets by name

$ infisical secrets get <secret-name-a> <secret-name-b> ...

# Example
$ infisical secrets get DOMAIN

Flags

--env

--raw-value

infisical secrets set

This command allows you to set or update secrets in your environment. If the secret key provided already exists, its value will be updated with the new value. If the secret key does not exist, a new secret will be created using both the key and value provided.

$ infisical secrets set <key1=value1> <key2=value2>...

## Example
$ infisical secrets set STRIPE_API_KEY=sjdgwkeudyjwe DOMAIN=example.com HASH=jebhfbwe

Flags

--env

--path

Used to select the project folder in which the secrets will be set. This is useful when creating new secrets under a particular path.

# Example
infisical secrets set DOMAIN=example.com --path="common/backend"

--type

infisical secrets delete

This command allows you to delete secrets by their name(s).

$ infisical secrets delete <keyName1> <keyName2>...

## Example
$ infisical secrets delete STRIPE_API_KEY DOMAIN HASH

Flags

--env

--path

infisical secrets folders

This command allows you to fetch, create and delete folders from within a path from a given project.

$ infisical secrets folders

sub commands

get

Used to fetch all folders within a path in a given project

infisical secrets folders get --path=/some/path/to/folder

Flags

--path

--token

create

Used to create a folder by name within a path.

infisical secrets folders create --path=/some/path/to/folder --name=folder-name

Flags

--path

--name

delete

Used to delete a folder by name within a path.

infisical secrets folders delete --path=/some/path/to/folder --name=folder-name

Flags

--path

--name

infisical secrets generate-example-env

This command allows you to generate an example .env file from your secrets and with their associated comments and tags. This is useful when you would like to let others who work on the project but do not use Infisical become aware of the required environment variables and their intended values.

To place default values in your example .env file, you can simply include the syntax DEFAULT:<value> within your secret’s comment in Infisical. This will result in the specified value being extracted and utilized as the default.

$ infisical secrets generate-example-env

## Example
$ infisical secrets generate-example-env > .example-env

Flags

--env

Command line

​Description

​Sub-commands

Description

Sub-commands