Manage DevOps Secrets Safe CLI Contexts
Contexts are CLI-specific configurations that allow you to access multiple instances of DevOps Secrets Safe from a single client machine. CLI contexts exist only on the client side and only tell the CLI where to access the DevOps Secrets Safe instance. They do not interact with the instance in any way on their own.
- Create a context pointed at staging:
ssrun context create -n staging -a 164.223.32.59 -p 443 -s false -v v1
- Create a context pointed at production:
ssrun context create -n production -a 164.225.37.62 -p 443 -s true -v v1
- Set the staging context to active:
ssrun context set-current -n staging
- List all contexts:
ssrun context get
CURRENT NAME HOSTNAME/IP PORT API VERSION SSL CA * staging 164.223.32.59 443 v1 false production 164.225.37.62 443 v1 true
- Log on to the staging instance:
ssrun login -u my_staging_user -p my_staging_user_password
- Save secret from staging DevOps Secrets Safe instance to your file system:
ssrun secret get path/to/staging:secret -f mysecret
- Switch contexts so your CLI is pointed at the production DevOps Secrets Safe instance:
ssrun context set-current -n production
- Log in as a user from the production DevOps Secrets Safe instance:
ssrun login -u my_production_user -p my_production_user_password
- Create a new secret on the production instance, storing the value retrieved from the staging instance:
ssrun secret create path/to/production:secret -f mysecret
To learn more about DevOps Secrets Safe CLI contexts you can use the -h flag ($ ssrun context -h).
Environment Variable Overrides
Specific environment variables can override the current configured context.
If any of the environment variables below are defined, they override what is in the current context.
export SECRETSSAFE_HOST=(IP address or hostname of DevOps Secrets Safe instance)
export SECRETSSAFE_PORT=(port of DevOps Secrets Safe instance)
export SECRETSSAFE_VERIFY_CA=(bool indicating if ca should be verified)