Merge pull request #59 from lvnilesh/patch-1

add bitwarden erb for mrsk envify

README.md

@@ -80,6 +80,8 @@ DB_PASSWORD=secret123
 
 ### Using a generated .env file
 
+#### 1password as a secret store
+
 If you're using a centralized secret store, like 1Password, you can create `.env.erb` as a template which looks up the secrets. Example of a .env.erb file:
 
 ```erb
@@ -95,6 +97,52 @@ This template can safely be checked into git. Then everyone deploying the app ca
 
 If you need separate env variables for different destinations, you can set them with `.env.destination.erb` for the template, which will generate `.env.staging` when run with `mrsk envify -d staging`.
 
+#### bitwarden as a secret store
+
+If you are using open source secret store like bitwarden, you can create `.env.erb` as a template which looks up the secrets. 
+
+You can store `SOME_SECRET` in a secure note in bitwarden vault. 
+
+```
+$ bw list items --search SOME_SECRET | jq
+? Master password: [hidden]
+
+[
+  {
+    "object": "item",
+    "id": "123123123-1232-4224-222f-234234234234",
+    "organizationId": null,
+    "folderId": null,
+    "type": 2,
+    "reprompt": 0,
+    "name": "SOME_SECRET",
+    "notes": "yyy",
+    "favorite": false,
+    "secureNote": {
+      "type": 0
+    },
+    "collectionIds": [],
+    "revisionDate": "2023-02-28T23:54:47.868Z",
+    "creationDate": "2022-11-07T03:16:05.828Z",
+    "deletedDate": null
+  }
+]
+```
+
+and extract the `id` of `SOME_SECRET` from the `json` above and use in the `erb` below.
+
+
+Example `.env.erb` file:
+
+```erb
+<% if (session_token=`bw unlock --raw`.strip) != "" %># Generated by mrsk envify
+SOME_SECRET=<%= `bw get notes 123123123-1232-4224-222f-234234234234 --session #{session_token}` %>
+<% else raise ArgumentError, "session_token token missing" end %>
+```
+
+Then everyone deploying the app can run `mrsk envify` and mrsk will generate `.env` 
+
+
 ### Using another registry than Docker Hub
 
 The default registry is Docker Hub, but you can change it using `registry/server`: