The Secryn CLI can be used inside CI/CD pipelines to retrieve secrets during build and deployment steps.
A common pattern is to install the CLI, verify credentials, then pull environment values at runtime.
steps:
- name: Install secryn
run: curl -fsSL https://cli.secryn.io | bash
- name: Verify auth
env:
SECRYN_BASE_URL: ${{ secrets.SECRYN_BASE_URL }}
SECRYN_VAULT_ID: ${{ secrets.SECRYN_VAULT_ID }}
SECRYN_ACCESS_KEY: ${{ secrets.SECRYN_ACCESS_KEY }}
run: secryn auth test --json
- name: Pull env
env:
SECRYN_BASE_URL: ${{ secrets.SECRYN_BASE_URL }}
SECRYN_VAULT_ID: ${{ secrets.SECRYN_VAULT_ID }}
SECRYN_ACCESS_KEY: ${{ secrets.SECRYN_ACCESS_KEY }}
run: secryn env pull > .env
export SECRYN_BASE_URL=https://your-secryn-instance/api
export SECRYN_VAULT_ID=YOUR_VAULT_ID
export SECRYN_ACCESS_KEY=YOUR_ACCESS_KEY
secryn env pull > .env
This approach keeps secrets out of source control while making them available to your build process.