Listing secrets stored in CircleCI

Featured image for sharing metadata for article

If you've not seen, CircleCI yesterday announced that they had recently had a breach. As part of this, teams are recommended to rotate all of their secrets, but to do that, you need to easily find out what secrets are in place.

I've put together a Go CLI project on on GitLab.com that allows querying for all secrets in Contexts as well as per-Project secrets, in a Tab Separated Value (TSV) format that makes it handy to copy-paste into things like Google Sheets.

First, install it:

go install gitlab.com/tanna.dev/circleci-secret-list@HEAD

To list all contexts:

export CIRCLE_TOKEN=...
./circleci-secret-list -token $CIRCLE_TOKEN -slug gh/jamietanna

Or to list all projects, if you've created a repos.txt using i.e. this blog post:

export CIRCLE_TOKEN=...
./circleci-secret-list -token $CIRCLE_TOKEN -slug gh/jamietanna -repos repos.txt

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.

#blogumentation #circleci #go.

This post was filed under articles.

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.