-
-
Notifications
You must be signed in to change notification settings - Fork 116
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
11 changed files
with
225 additions
and
0 deletions.
There are no files selected for viewing
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| --- | ||
| description: Get to know about what we are building | ||
| --- | ||
|
|
||
| # ❔ What is keyshade? | ||
|
|
||
| ## The problem | ||
|
|
||
| With the rise in security concerns, software products are being made with security as their top concern. One of the most implemented strategy is to move all the secrets that the application is using to some cloud provider, where the secrets are fetched in runtime. By doing this, applications can separate their code from their configurations, ensuring both privacy and customizability. | ||
|
|
||
| But, this comes with a cost of heavy human effort. Consider this scenario: Your application is using Google OAuth to sign in its users. Now, some day, you decided to use a new email account to log in users. At the very least, you have to make these changes: | ||
|
|
||
| * **Update your keys** in the runtime environment | ||
| * **Restart your servers** to pick up the change in configuration | ||
|
|
||
| Along with this, you are also required to store your **sensitive data** as plain text on servers, which you own indirectly!  | ||
|
|
||
| ## The solution | ||
|
|
||
| This is what led to the development of **keyshade**. keyshade is a secret-management tool that aims to make secret management a breeze, while keeping developer compatibility and integration as its top-most priority. | ||
|
|
||
| With keyshade integrated into your codebase, you don't need to worry about leaking your secrets, or micromanaging them! Here are a few points as to why keyshade would an opt-in solution for you: | ||
|
|
||
| * We use **Public Key Cryptography** at our very core. For every project that you make, you are allowed to specify a **private key** that stays in your custody forever (until you specify otherwise!). We then use a **public key** generated from your private key to encrypt and store your secrets. | ||
| * Your secrets are safe! We encrypt your data both **in transition** and **at rest**, making it mathematically impossible to sniff or tamper. | ||
| * Our SDKs are developed with **real-time** experience in mind. Feel like you need to change that API key of yours? We've got you covered! All you need to do is update it in keyshade, and leave the rest to the robots! | ||
| * **Collaborating** with others on a keyshade project is as secure as it gets! None of the collaborators will be able to see the value (not even the hashed up gibberish!) of any secret, but they will be easily able to add or update the values as and when they want to. Your private key stays safe with you! | ||
| * You are the person in command! We have put a lot of effort in developing a fine-tuned system, that allows you to micromanage the roles that you give to other users or even your own API keys. | ||
| * Lastly, we allow you to rotate your secrets periodically. This is an opt-in feature, should you want that JWT secret of yours to be regenerated so that bad folks don't breach your systems! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| # Table of contents | ||
|
|
||
| * [❔ What is keyshade?](README.md) | ||
|
|
||
| ## 🥰 CONTRIBUTING TO KEYSHADE | ||
|
|
||
| * [Summary](contributing-to-keyshade/summary.md) | ||
| * [Prerequisites](contributing-to-keyshade/prerequisites.md) | ||
| * [Environment Variables](contributing-to-keyshade/environment-variables.md) | ||
| * [Setting things up](contributing-to-keyshade/setting-things-up.md) | ||
| * [Running things locally](contributing-to-keyshade/running-things-locally/README.md) | ||
| * [Running the API](contributing-to-keyshade/running-things-locally/running-the-api.md) | ||
| * [Design of our code](contributing-to-keyshade/design-of-our-code/README.md) | ||
| * [API](contributing-to-keyshade/design-of-our-code/api.md) |
13 changes: 13 additions & 0 deletions
13
docs/contributing-to-keyshade/design-of-our-code/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| --- | ||
| description: Get to know about the core building blocks of our code | ||
| --- | ||
|
|
||
| # Design of our code | ||
|
|
||
| ## Brief | ||
|
|
||
| When it comes to developing for us, we follow very strict norms! From proper indentation to using design patterns, we do an extensive coverage. But this is really difficult for anyone to grab randomly. So we decided to compile how each of our modules undergo development and the structure they follow. | ||
|
|
||
| ## Compilation of designs | ||
|
|
||
| * [API](api.md) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| --- | ||
| description: Design of our API | ||
| --- | ||
|
|
||
| # API | ||
|
|
||
| This document covers how we have developed our API, the stacks, and things you should know before you get started with it! | ||
|
|
||
| ## Stack | ||
|
|
||
| Our API is developed using the following stack: | ||
|
|
||
| * **NestJS** as the base | ||
| * **Prisma** as the DDL and DML | ||
| * **Supabase** as the database and bucket storage | ||
| * **Resend** as the mail agent | ||
|
|
||
| ## Structure | ||
|
|
||
| As per the NestJS convention, our API base is totally modularized, with each module catering to a particular part of our project. The general module structure is as follows: | ||
|
|
||
| * **controller**: Stores the APIs that the clients will be interacting with. | ||
| * **service**: Holds the business logic | ||
| * **repository**: Holds the logic related to manipulating the database | ||
| * **misc**: Holds utility functions and classes localized to the particular module | ||
| * **dto**: Contains class objects for data intake from the clients | ||
|
|
||
| ### The `prisma` module | ||
|
|
||
| This module deserves special attention since it deals with the data layer. Apart from the usual files, we have two other: | ||
|
|
||
| * `schema.prisma`: This contains the data definition | ||
| * `migrations`: This folder stores the migrations generated by running the `pnpm run db:generate-migrations` command. These migrations are the state that the current prisma database is in.  |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| --- | ||
| description: Get to know the environment you are working with | ||
| --- | ||
|
|
||
| # Environment Variables | ||
|
|
||
| ## .env.example | ||
|
|
||
| Here's the description of the environment variables used in the project. You can find the values for these variables in \`.env.example\`. | ||
|
|
||
| * **DATABASE\_URL**: The URL of the PSQL database to connect to. This is used by the [Prisma Client](https://www.prisma.io/docs/orm/prisma-client) to connect to the database. | ||
| * **SUPABASE\_API\_URL**: The URL of the Supabase API. This is used by the [Supabase Client](https://supabase.io/docs/reference/javascript/supabase-client) to connect to the Supabase API. Make sure you create a Supabase project and get the API URL from the project settings. | ||
| * **SUPABASE\_ANON\_KEY**: The anonymous key of the Supabase project. This is used by the Supabase Client to connect to the Supabase API. Make sure you create a Supabase project and get the anonymous key from the project settings. | ||
| * **RESEND\_API\_KEY**: The API key for the [Resend API](https://resend-api.vercel.app/). The project uses Resend API to send out emails. | ||
| * **JWT\_SECRET**: The secret used to sign the JWT tokens. It is insignificant in the development environment. | ||
| * **FROM\_EMAIL**: The email address from which the emails will be sent. This is used by the Resend API to send out emails. | ||
| * **WEB\_FRONTEND\_URL, WORKSPACE\_FRONTEND\_URL**: The URLs of the web and workspace frontend respectively. These are used in the emails sometimes and in other spaces of the application too. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| # Prerequisites | ||
|
|
||
| Of course, to get started, you will need to have the required components in place. Gladly, there isn't much that needs to be done: | ||
|
|
||
| * Make sure you have Git installed and have an account in GitHub | ||
| * Have an account in Supabase along with a project | ||
| * Have an account in Resend |
16 changes: 16 additions & 0 deletions
16
docs/contributing-to-keyshade/running-things-locally/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| --- | ||
| description: Compiles a list of article to help running the services locally | ||
| --- | ||
|
|
||
| # Running things locally | ||
|
|
||
| This document (and the sub-series) guides you on how you can run and test each of the applications on your local device. There are two categories of projects: | ||
|
|
||
| * The main ones under the apps directory | ||
| * The examples of the SDKs | ||
|
|
||
| ## Run locally | ||
|
|
||
| You can pick up any of these topics from the following and start with it. | ||
|
|
||
| * [Running the API](running-the-api.md) |
43 changes: 43 additions & 0 deletions
43
docs/contributing-to-keyshade/running-things-locally/running-the-api.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| --- | ||
| description: Get to know how you can develop the API! | ||
| --- | ||
|
|
||
| # Running the API | ||
|
|
||
| The API resides in the `apps/api` directory. It is a NestJS project. To run the API locally, do the following: | ||
|
|
||
| * Generate the prisma types: | ||
|
|
||
| ```bash | ||
| pnpm run db:generate-types | ||
| ``` | ||
|
|
||
| * Deploy the migrations: | ||
|
|
||
| ```bash | ||
| pnpm run db:deploy-migrations | ||
| ``` | ||
|
|
||
| * Start the server in development mode: | ||
|
|
||
| ```bash | ||
| pnpm run dev:api | ||
| ``` | ||
|
|
||
| * Once you have made the changes and added tests (if any), make sure to test the code: | ||
|
|
||
| ```bash | ||
| pnpm run test:api | ||
| ``` | ||
|
|
||
| * Lint the code: | ||
|
|
||
| ```bash | ||
| pnpm run lint:api | ||
| ``` | ||
|
|
||
| * Run prettier: | ||
|
|
||
| ```bash | ||
| pnpm run prettier:fix:api | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| # Setting things up | ||
|
|
||
| ## Setting up the .env file | ||
|
|
||
| Make a copy of the `.env.example` file and rename it to `.env` | ||
|
|
||
| ```bash | ||
| cp .env.example .env | ||
| ``` | ||
|
|
||
| Fill in the values for the environment variables in the `.env` file. You can find the values for the variables in the [Environment Variables](environment-variables.md) section.  | ||
|
|
||
| ## Setting up `pnpm` | ||
|
|
||
| keyshade works with any version of **node (>=18)** and takes the liberty that you have it installed. The project uses `pnpm` as the package manager. To install `pnpm`, run the following command: | ||
|
|
||
| ```bash | ||
| npm install -g pnpm | ||
| ``` | ||
|
|
||
| {% hint style="info" %} | ||
| For Linux users, in case the above command fails with permission error, try running this: | ||
|
|
||
| ```bash | ||
| sudo npm install -g pnpm | ||
| ``` | ||
| {% endhint %} | ||
|
|
||
| ## Installing the dependencies | ||
|
|
||
| To install the dependencies, run the following command: | ||
|
|
||
| ```bash | ||
| pnpm install | ||
| ``` | ||
|
|
||
| ## Installing NX | ||
|
|
||
| The last step is to install NX. It is the monorepo management tool that we are using. Read more about it in [https://nx.dev](https://nx.dev). To install nx, you need to run the following command: | ||
|
|
||
| ```bash | ||
| pnpm i -g nx | ||
| ``` | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| --- | ||
| description: Be a part of the keyshade today! | ||
| --- | ||
|
|
||
| # Summary | ||
|
|
||
| We are an [open-source](https://github.com/keyshade-xyz/keyshade) organization. We solely rely upon the contributions made from the peer of developers out there, and we are really thankful towards them. Even the smallest of contributions (changing the name of a variable, fixing typos) are very much appreciated.  | ||
|
|
||
| This series of documents aim at setting up and developing keyshade in your device locally. Start anywhere you feel like! |