PHP code example of gawsoft / laravel-secrets

1. Go to this page and download the library: Download gawsoft/laravel-secrets library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php. 
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

gawsoft / laravel-secrets example snippets


return [
    'connections' => [
        'mysql' => [
            'driver' => 'mysql',
            'port' => env('DB_PORT', '3306'),
            'username' => laravel_secrets('/run/secrets/db/username', env('DB_USERNAME')),
            'password' => laravel_secrets('db/password', env('DB_PASSWORD')),
        ],
]




return [
    'strategy' => [
        # String with which secrets value will be replaced
        'redaction' => '[redacted]',
        # Default strategy to load secrets
        'handler' => \Gawsoft\LaravelSecrets\Secrets\Providers\ContainerStrategy::class,

        # Config for strategy
        'config' => [
            # Default path to your secrets
            # - when you run laravel_secrets('db/password') -> Will check path /run/secrets/db/password
            # - when you run laravel_secrets('/secrets/db/password') -> Ignore default path and check /secrets/db/password
            'path' => '/run/secrets/',
            # If you encrypt secret all encrypted string will start with this string.
            # This string cannot be empty!
            'encrypted_prefix' => 'encrypted:',
        ]
    ],
    // Remove from logs sensitive keys
    'logs' => [
        // When set empty whitelist array, all config values will be redacted.
        // When set min one value only this value will be redacted.
        'whitelist' => [
          //  'app.key',
          //  'mail.mailers.smtp.password',
          //  'database.connections.mysql.password'
        ],
        'blacklist' => [
            'app.name',
            'logging.level',
        ],
    ]
];


laravel_secrets('<PATH-TO-FILE>', '<DEFAULT-VALUE>');


#config/secrets.php
return [
    // Remove sensitive keys from logs 
    'logs' => [
        // When set empty whitelist array, all config values will be redacted.
        // When set min one value only this value will be redacted.
        'whitelist' => [
          //  'app.key',
          //  'mail.mailers', # Alle mailers secrets will be redacted
          //  'database.connections.mysql.password'
        ],
        // Do not redact values from blacklist. Those values will show in logs
        'blacklist' => [
            'app.name',
            'logging.level',
        ],
    ]
];




namespace MyCompany\MyPackage\LaravelSecrets\Secrets\Providers\MySecretProvider;

use Gawsoft\LaravelSecrets\Abstracts\SecretsProviderAbstract;
use Gawsoft\LaravelSecrets\Interfaces\SecretProviderInterface;


class ContainerStrategy extends SecretsProviderAbstract implements SecretProviderInterface
{
    function getSecret(string $name): string | null
    {
        // Get secret from your source
    }

}


return [
    'strategy' => [
        ...
        'handler' => \MyCompany\MyPackage\LaravelSecrets\Secrets\Providers\MySecretProvider::class,
        ...
    ]


php artisan vendor:publish --provider="Gawsoft\LaravelSecrets\LaravelSecretsServiceProvider"

sh
# Encrypt password by artisan command
echo "abc" > /tmp/password
cat /tmp/password | php artisan laravel-secrets:encrypt --stdin

# Decrypt password
echo "encrypted:eyJpdiI6InhQbEhUREJQa21mcW85M0tYSEhhOUE9PSIsInZhbHVlIjoiY2pXZ0lqUlY4YVoydDdyZzVHak9XUT09IiwibWFjIjoiMWFlZjA4MGIyN2Q2YmEwMzc4ZGNjNTYzYTgyOTNiMzFiOWM0OTVmZWFkNGYzZTFiNDAwM2Y1NzgyYWJlMDEwMCIsInRhZyI6IiJ9" > /tmp/encrypted
cat /tmp/encrypted | php artisan laravel-secrets:decrypt --stdin