secrets.yml Examples Gallery
Explore working examples of secrets.yml configurations for different scenarios.
Basic Example
secrets.yml
-----------------
database:
url: "postgres://${DB_HOST}"
username: "${DB_USER}"
password: "${DB_PASS}"
stripe:
api_key: "${STRIPE_API_KEY}"
Store values in .env or inject at runtime:
.env
-----------------
DB_HOST=mydatabase.mydb.com
DB_USER=dbadmin
DB_PASS=!strongpass123
STRIPE_API_KEY=sk_test_yourkeyhere
Multi-Environment Example
secrets.yml
-----------------
${SECRETS_ENV}:
database:
url: ${DB_URL_${SECRETS_ENV}}
s3:
endpoint: ${S3_ENDPOINT_${SECRETS_ENV}}
access_key: ${AWS_ACCESS_KEY_${SECRETS_ENV}}
secret_key: ${AWS_SECRET_KEY_${SECRETS_ENV}}
.env
-----------------
DB_URL_dev=sqlite://dev.db
DB_URL_prod=postgres://user@prod.db
S3_ENDPOINT_dev=http://localstack:4566
S3_ENDPOINT_prod=https://s3.amazonaws.com
AWS_ACCESS_KEY_dev=fake_access_key_dev
AWS_ACCESS_KEY_prod=PROD_ACCESS_KEY
AWS_SECRET_KEY_dev=fake_secret_key_dev
AWS_SECRET_KEY_prod=PROD_SECRET_KEY
Tool Integration Example
# Integration with Docker & Kubernetes secrets
secrets.yml
-----------------
database:
host: ${DATABASE_SERVICE_HOST}
port: ${DATABASE_SERVICE_PORT}
username: ${DATABASE_USER}
password: ${DATABASE_PASSWORD_B64}
Inject secrets via Kubernetes:
apiVersion: v1
kind: Pod
metadata:
name: app-pod
spec:
containers:
- name: app
image: myapp
env:
- name: DATABASE_SERVICE_HOST
valueFrom:
secretKeyRef:
name: db-secret
key: host
- name: DATABASE_PASSWORD_B64
valueFrom:
secretKeyRef:
name: db-secret
key: password