WingNews logo WingNews
top | item 43844048

(no title)

devenjarvis | 10 months ago

The 1pass CLI is great! However if you aren’t using 1password as your secrets vault, I’m building an open source, vault-agnostic alternative called RunSecret (https://github.com/runsecret/rsec)

discuss

order

mdaniel|10 months ago

You may want to do your own Show HN about it, so folks don't have to be "MCP curious" to find out that it exists

That said, given https://github.com/runsecret/rsec#aws-secrets-manager presumably in order to keep AWS credentials off disk one would then have to have this?

    "vantage-mcp-server": {
      "command": "/opt/homebrew/bin/aws-vault",
      "args": [
      "exec", "--region=us-east-1", "my-awesome-profile",
      "--", "/opt/homebrew/bin/rsec", "run",
      "--", "/opt/homebrew/bin/vantage-mcp-server"
      ],
      "env": {"VANTAGE_BEARER_TOKEN":  "rsec://012345678912/sm.aws/VantageBearerToken?region=us-east-1"}
    }
in contrast to the op binary that is just one level of indirection, since they already handshake with the desktop app for $(op login) purposes

devenjarvis|10 months ago

This is great feedback, thank you!

I agree RunSecret adds a level of indirection at this stage that op doesn’t (if you are using 1pass). This is something I plan to polish up once more vaults are supported. You’ve given me some ideas on how to do that here.

And thanks for the advice on doing a Show HN, planning to do so once a few more rough edges are smoothed out.