Getting Started
Get from zero to your first secret push in under 5 minutes.
1. Initialize your project
cred init
This creates .cred/vault.enc in your project and stores the encryption key in your OS credential store.
2. Add a target
cred target set github
You’ll be prompted for a fine-grained PAT with Actions secrets permission.
3. Store a secret
cred secret set DATABASE_URL "postgres://user:pass@localhost/db"
4. Push to GitHub
Preview first:
cred push github --dry-run
Then push:
cred push github
Done! Your secret is now in GitHub Actions.
Working with Environments
Organize secrets by environment (dev, staging, prod):
# Create environments
cred env create staging
cred env create prod
# Set secrets in specific environments
cred secret set DATABASE_URL "postgres://prod..." --env prod
# Push prod secrets to GitHub
cred push github --env prod
See env command for more details.
Next steps:
- Commands Reference — all available commands
- Environments — organize secrets by environment
- Sources — generate credentials from APIs like Resend
- Security Model — how your secrets are protected