Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Getting Started

Get from zero to your first secret push in under 5 minutes.

1. Initialize your project

cred init

This creates .cred/vault.enc in your project and stores the encryption key in your OS credential store.

2. Add a target

cred target set github

You’ll be prompted for a fine-grained PAT with Actions secrets permission.

3. Store a secret

cred secret set DATABASE_URL "postgres://user:pass@localhost/db"

4. Push to GitHub

Preview first:

cred push github --dry-run

Then push:

cred push github

Done! Your secret is now in GitHub Actions.


Working with Environments

Organize secrets by environment (dev, staging, prod):

# Create environments
cred env create staging
cred env create prod

# Set secrets in specific environments
cred secret set DATABASE_URL "postgres://prod..." --env prod

# Push prod secrets to GitHub
cred push github --env prod

See env command for more details.


Next steps: