Home Original page

GitHub - copyleftdev/corey: Fast, zero-dependency CLI for managing GitHub credentials, secrets, and variables — built in Zig for cloud development environments

COREY

CI Release License Zig Status: Early Beta Platform

Controlled Objects for Repository EntrY

Early Beta — APIs and commands may change. Feedback and contributions welcome.

A fast, opinionated CLI for managing GitHub credentials, secrets, and variables — built for cloud development environments where automation comes first.

Written in Zig. Zero runtime dependencies. Sub-50ms operations.

Install

zig build -Doptimize=ReleaseFast
# -> zig-out/bin/corey

Requires Zig 0.14+.

Commands

Credential Management

# Show status of all credential sources (gh CLI, git config, SSH agent)
corey status
corey status --json

# Pull credentials from GitHub CLI into secure storage
corey pull --source=gh
corey pull --source=gh --dry-run

# Push credentials to git credential helper
corey push --target=git-credential

# Bidirectional sync with conflict resolution
corey sync
corey sync --strategy=source-wins

Secrets

# List all repository secrets
corey secrets list
corey secrets list --env=production --json

# Create or update a secret
corey secrets set DB_PASSWORD --value=hunter2
echo 'hunter2' | corey secrets set DB_PASSWORD

# Delete with confirmation (or skip with --force)
corey secrets delete DB_PASSWORD
corey secrets delete DB_PASSWORD --force

# Preview any operation
corey secrets set API_KEY --value=abc --dry-run

Variables

# List all repository variables (names and values)
corey vars list
corey vars list --env=staging --json

# Get a single variable's value
corey vars get API_URL

# Set using NAME=VALUE syntax
corey vars set API_URL=https://api.example.com
corey vars set NODE_ENV --value=production

# Delete with confirmation
corey vars delete OLD_VAR
corey vars delete OLD_VAR --force

Env File Operations

# Import .env file as GitHub secrets
corey env import .env --target=secrets
corey env import .env.production --target=secrets --env=production

# Import .env file as GitHub variables
corey env import .env --target=vars

# Export GitHub variables to .env format (stdout)
corey env export --source=vars
corey env export --source=vars > .env.remote

# Diff local .env against remote
corey env diff .env --against=secrets
corey env diff .env --against=vars --json

# Sync with conflict resolution
corey env sync .env --target=vars
corey env sync .env --target=vars --strategy=local-wins
corey env sync .env --target=secrets --strategy=remote-wins

# Preview everything
corey env import .env --target=secrets --dry-run
corey env sync .env --target=vars --dry-run

Utilities

# Explain any error code
corey explain E001

# Generate shell completions
corey completions bash >> ~/.bashrc
corey completions zsh >> ~/.zshrc
corey completions fish > ~/.config/fish/completions/corey.fish

Global Flags

Flag Effect
--json Machine-parseable JSON output
--dry-run Preview without applying changes
--force Skip confirmation prompts
--color=<auto|always|never> Control color output
--repo=owner/repo Override auto-detected repository
--env=<name> Scope to a GitHub environment

Exit Codes

Code Meaning
0 Success
1 User error (bad input, unknown command)
2 System error (network, permissions)

Use corey explain <code> for detailed diagnostics on any error (E001-E007).

Architecture

src/
  main.zig             Entry point
  cli.zig              Argument parsing and dispatch
  env.zig              .env file parser and serializer
  diff.zig             Diff engine for local vs remote comparison
  output.zig           Human and JSON output formatting
  errors.zig           Structured error codes (E001-E007)
  color.zig            ANSI color support
  tty.zig              Terminal detection
  prompt.zig           Interactive confirmation prompts
  progress.zig         Progress indicators
  credential.zig       Credential types
  crypto.zig           Encryption primitives
  cmd/
    status.zig         corey status
    pull.zig           corey pull
    push.zig           corey push
    sync.zig           corey sync
    secrets.zig        corey secrets
    vars.zig           corey vars
    env_cmd.zig        corey env
    explain.zig        corey explain
    completions.zig    corey completions
  gh/
    client.zig         GitHub CLI wrapper (list/set/delete secrets and variables)
    types.zig          SecretEntry, VariableEntry, Scope, ClientError
    repo.zig           Auto-detect owner/repo from git remote
  sources/             Credential discovery (gh CLI, git config, SSH agent)
  storage/             Secure storage backends (OS keychain, encrypted file)
  sync/                Credential sync engine and conflict resolution
  targets/             Credential targets (git credential helper)

Development

zig build              # Debug build
zig build test         # Run full test suite
zig fmt src/           # Format
zig fmt --check src/   # Check formatting (CI)

License

MIT