Pass Provider
The Pass provider stores secrets using the Unix password manager pass (password-store). Secrets are GPG-encrypted for secure local development.
Installation
Section titled “Installation”# Debian/Ubuntu$ sudo apt-get install pass
# Fedora$ sudo dnf install pass
# Arch$ sudo pacman -S pass
# macOS$ brew install passConfiguration
Section titled “Configuration”[project]name = "myapp"
[[providers]]type = "pass"uri = "pass://"# Initialize password store (first time only)$ pass init <gpg-key-id>
# Set a secret$ secretspec set DATABASE_URLEnter value for DATABASE_URL: postgresql://localhost/mydb
# Run with secrets$ secretspec run -- npm startStorage Format
Section titled “Storage Format”Secrets are stored with a hierarchical path structure:
secretspec/{project}/{profile}/{key}
For example, with project “myapp” and profile “default”:
$ pass show secretspec/myapp/default/DATABASE_URLpostgresql://localhost/mydb