Summon provider for the OS X Keychain
Shell
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
LICENSE.txt
README.md
keychain.sh

README.md

Summon Provider for the OSX Keychain Service

OSX provides a keychain service to store secrets locally. It can be accessed through the security command line program.

This script provides a summon provider that fetches secrets from the OSX keychain. You can add secrets to the keychain like this:

security add-generic-password -s "summon" -a "the/secret/path" -w "the secret
value"

You can also do this through the Keychain Access utility. The "Keychain Item Name" field should be "summon", the "Account Name" should be the secret path, and the "Password" field should contain the secret value.

Notice that we are storing the secrets under the service "summon". You can fetch secrets from other services by setting the SUMMON_KEYCHAIN_SERVICE environment variable to the name of the service you want to use.

Installation

You will need to install summon to use this provider.

You can install by simply cloning the repo and creating a symlink in the /usr/libexec/summon directory.

You may need to run the following commands as a super user.

git clone git@github.com:conjurinc/summon-keychain-cli.git
cd summon-keychain-cli
mkdir -p /usr/libexec/summon
ln -s "$PWD/keychain.sh" /usr/libexec/summon/keychain.sh