.jpg)
%20Abstract%20Background%20112024%20SOURCE%20Amazon.jpg)
![[The AI Show Episode 142]: ChatGPT’s New Image Generator, Studio Ghibli Craze and Backlash, Gemini 2.5, OpenAI Academy, 4o Updates, Vibe Marketing & xAI Acquires X](https://www.marketingaiinstitute.com/hubfs/ep%20142%20cover.png)
![From drop-out to software architect with Jason Lengstorf [Podcast #167]](https://cdn.hashnode.com/res/hashnode/image/upload/v1743796461357/f3d19cd7-e6f5-4d7c-8bfc-eb974bc8da68.png?#)
.png?#)
.jpg?#)
_Christophe_Coat_Alamy.jpg?#)
![Rapidus in Talks With Apple as It Accelerates Toward 2nm Chip Production [Report]](https://www.iclarified.com/images/news/96937/96937/96937-640.jpg)
How Autonoma AI Uses Occultus to Accelerate Development and Maintain Consistency
At Autonoma AI, we constantly look for ways to improve our development workflow and ensure that our engineering teams can move fast without compromising security. One of the biggest challenges in software development is managing secrets—API keys, database credentials, and other sensitive configurations—across multiple developers, environments, and machines. To solve this problem, we built and open-sourced Occultus, a lightweight NPM package that automates fetching secrets from Google Cloud Secret Manager and securely storing them in an .env file. This has significantly improved our development experience, reducing setup time and ensuring consistency across our team. The Problem: Managing Secrets in a Fast-Paced Development Environment Before using Occultus, sharing secrets among developers was a manual and error-prone process. Some common issues we faced included: Onboarding delays: New engineers had to manually request, retrieve, and configure secrets for different environments. Inconsistent environments: Different team members sometimes used outdated or incorrect secrets, leading to debugging headaches. Security risks: Storing secrets in plaintext or committing them accidentally was a constant concern. We needed a solution that: ✅ Fetches secrets securely from Google Cloud Secret Manager. ✅ Ensures all developers use the same, up-to-date secrets. ✅ Works seamlessly with existing development workflows. The Solution: Occultus With Occultus, we solved all these problems in one simple package. Now, developers only need to run: npm run fetch-secret This single command: Reads the configuration from package.json. Fetches the latest secret from Google Cloud Secret Manager. Stores it in an .env file. Skips unnecessary downloads if the secret hasn’t changed, reducing API calls and improving performance. Installation Since Occultus is meant for development environments, we recommend installing it as a dev dependency: npm install --save-dev @autonoma-ai/occultus How We Integrated Occultus Internally We standardized secret management across all our repositories by adding this snippet to each project's package.json: "occultus": { "projectId": "autonoma-ai", "secretName": "dev-env-secret", "envFile": ".env" } Explanation of Configuration Options projectId: The Google Cloud project where the secret is stored. secretName: The name of the secret in Google Cloud Secret Manager. envFile: The name of the environment variable file where the secret will be stored (e.g., .env). Now, every developer at Autonoma AI just runs npm run fetch-secret when setting up a project, ensuring they have the latest environment configuration with zero friction. Using Occultus Programmatically In addition to the CLI command, Occultus also provides a function that can be used anywhere in your codebase. Example Usage: import { saveSecretToEnv } from 'occultus'; (async () => { await saveSecretToEnv(); console.log('Secrets have been updated successfully!'); })(); This flexibility allows developers to dynamically fetch secrets whenever needed, making Occultus even more versatile. Advantages of Using Occultus 1️⃣ Accelerated Onboarding
At Autonoma AI, we constantly look for ways to improve our development workflow and ensure that our engineering teams can move fast without compromising security. One of the biggest challenges in software development is managing secrets—API keys, database credentials, and other sensitive configurations—across multiple developers, environments, and machines.
To solve this problem, we built and open-sourced Occultus, a lightweight NPM package that automates fetching secrets from Google Cloud Secret Manager and securely storing them in an .env file. This has significantly improved our development experience, reducing setup time and ensuring consistency across our team.
The Problem: Managing Secrets in a Fast-Paced Development Environment
Before using Occultus, sharing secrets among developers was a manual and error-prone process. Some common issues we faced included:
- Onboarding delays: New engineers had to manually request, retrieve, and configure secrets for different environments.
- Inconsistent environments: Different team members sometimes used outdated or incorrect secrets, leading to debugging headaches.
- Security risks: Storing secrets in plaintext or committing them accidentally was a constant concern.
We needed a solution that:
✅ Fetches secrets securely from Google Cloud Secret Manager.
✅ Ensures all developers use the same, up-to-date secrets.
✅ Works seamlessly with existing development workflows.
The Solution: Occultus
With Occultus, we solved all these problems in one simple package. Now, developers only need to run:
npm run fetch-secret
This single command:
- Reads the configuration from
package.json. - Fetches the latest secret from Google Cloud Secret Manager.
- Stores it in an
.envfile. - Skips unnecessary downloads if the secret hasn’t changed, reducing API calls and improving performance.
Installation
Since Occultus is meant for development environments, we recommend installing it as a dev dependency:
npm install --save-dev @autonoma-ai/occultus
How We Integrated Occultus Internally
We standardized secret management across all our repositories by adding this snippet to each project's package.json:
"occultus": {
"projectId": "autonoma-ai",
"secretName": "dev-env-secret",
"envFile": ".env"
}
Explanation of Configuration Options
-
projectId: The Google Cloud project where the secret is stored. -
secretName: The name of the secret in Google Cloud Secret Manager. -
envFile: The name of the environment variable file where the secret will be stored (e.g.,.env).
Now, every developer at Autonoma AI just runs npm run fetch-secret when setting up a project, ensuring they have the latest environment configuration with zero friction.
Using Occultus Programmatically
In addition to the CLI command, Occultus also provides a function that can be used anywhere in your codebase.
Example Usage:
import { saveSecretToEnv } from 'occultus';
(async () => {
await saveSecretToEnv();
console.log('Secrets have been updated successfully!');
})();
This flexibility allows developers to dynamically fetch secrets whenever needed, making Occultus even more versatile.
