Docs |
CLI |
Node SDK |
Python SDK
Golang SDK |
Helm Chart |
Kubernetes Operator |
Terraform Provider
Open source platform for fast-moving engineering teams to secure and deploy application secrets β from development to production.
PhaseConsole.mp4
| Features | |
|---|---|
| π | Phase Console: Dashboard for seamlessly creating, managing, rotating secrets, and environment variables |
| β¨οΈ | CLI: Import existing secrets from .env files, and securely inject them in your application at runtime or create virtual shells with secrets |
| π€« | Secret management: Manage secrets across environments, view secret diffs, track version history, and restore secret values with a single click |
| π | Role-based Access Control: Fine-grained, role-based, and cryptographic access control, per application, per environment. |
| π | Secret sync: Automatically sync secrets to GitHub, Cloudflare Pages, Vercel, GitLab CI, Railway, AWS Secrets Manager, etc. |
 |
Kubernetes: Automatically sync secrets to your Kubernetes Cluster and reload deployments via the Phase Secrets Operator |
 |
Terraform: Manage secrets in your HashiCorp Terraform Iac workflows. |
| βοΈ | Secret referencing & overrides: Create personal secrets without affecting others on the team. Reference secret values across apps and environments |
| π | REST API: Access and manage secrets programmatically with any http client |
| π¦ | SDKs: SDKs for integrating Phase with various programming languages and frameworks |
| π₯‘ | Self Hosting: Run Phase on your own infrastructure |
| π | Audit Logs: Complete visibility into every change and access event |
Ξ» phase --help
Securely manage application secrets and environment variables with Phase.
/$$
| $$
/$$$$$$ | $$$$$$$ /$$$$$$ /$$$$$$$ /$$$$$$
/$$__ $$| $$__ $$ |____ $$ /$$_____/ /$$__ $$
| $$ \ $$| $$ \ $$ /$$$$$$$| $$$$$$ | $$$$$$$$
| $$ | $$| $$ | $$ /$$__ $$ \____ $$| $$_____/
| $$$$$$$/| $$ | $$| $$$$$$$ /$$$$$$$/| $$$$$$$
| $$____/ |__/ |__/ \_______/|_______/ \_______/
| $$
|__/
options:
-h, --help show this help message and exit
--version, -v
show program's version number and exit
Commands:
auth π» Authenticate with Phase
init π Link your project with your Phase app
run π Run and inject secrets to your app
shell π Launch a sub-shell with secrets as environment variables (BETA)
secrets ποΈ Manage your secrets
secrets list π List all the secrets
secrets get π Get a specific secret by key
secrets create π³ Create a new secret
secrets update π Update an existing secret
secrets delete ποΈ Delete a secret
secrets import π© Import secrets from a .env file
secrets export π₯‘ Export secrets in a dotenv format
users π₯ Manage users and accounts
users whoami π See details of the current user
users switch πͺ Switch between Phase users, orgs and hosts
users logout π Logout from phase-cli
users keyring π Display information about the Phase keyring
docs π Open the Phase CLI Docs in your browser
console π₯οΈ Open the Phase Console in your browser
update π Update the Phase CLI to the latest versionCheck out the Quickstart Guides
The quickest and most reliable way to get started is by signing up on the Phase Console.
| Deploy Phase Console on your infrastructure | |
|---|---|
 |
Docker Compose |
|
Kubernetes (Helm chart) |
 |
AWS |
 |
AWS EKS (Helm chart) |
 |
Google Cloud Platform |
 |
Azure |
 |
DigitalOcean |
| π₯‘ | Self-hosting Phase |
More coming soon!
Phase operates on an open-core model, similar to that of GitLab.
This repo is available under the MIT expat license, with the exception of the ee directory which will contain Pro or Enterprise features requiring a Phase license.
For more information on how Phase encryption works, please see the Security Docs
Please do not file GitHub issues or post on our public forum for security vulnerabilities, as they are public!
For more information see: SECURITY.md
We love contributions. See CONTRIBUTING.md
You can join our Slack if you have any questions!