Installation¶
This guide covers all the ways to install SecretZero and its optional dependencies.
System Requirements¶
- Python: 3.9, 3.10, 3.11, or 3.12
- Operating System: Linux, macOS, or Windows
- pip: Latest version recommended
Basic Installation¶
The simplest way to install SecretZero:
This installs the core functionality including:
- CLI commands
- Configuration parsing and validation
- Local file storage support
- Basic secret generators
Optional Dependencies¶
SecretZero uses optional dependencies for cloud providers and additional features. Install only what you need:
Cloud Providers¶
Includes:
- AWS Secrets Manager support
- SSM Parameter Store support
- IAM role authentication
- boto3 SDK
Includes:
- Azure Key Vault support
- Managed Identity authentication
- Azure SDK
Includes:
- Vault KV v2 support
- Token and AppRole authentication
- hvac client library
CI/CD Platforms¶
Includes:
- GitHub Actions secrets
- Repository, environment, and organization secrets
- PyGithub library
Includes:
- GitLab CI/CD variables
- Project and group variables
- python-gitlab library
Includes:
- Jenkins credentials
- String and username/password credentials
- python-jenkins library
Container Platforms¶
Includes:
- Kubernetes Secret support
- External Secrets Operator integration
- All secret types (TLS, Docker, SSH, etc.)
- Official Kubernetes Python client
API Server¶
Includes:
- FastAPI web framework
- Uvicorn ASGI server
- OpenAPI documentation
- REST API endpoints
Documentation Tools¶
Includes:
- MkDocs with Material theme
- Documentation generation tools
- API documentation plugins
Everything¶
Install all optional dependencies:
This includes all cloud providers, CI/CD platforms, Kubernetes support, API server, and documentation tools.
Development Installation¶
For contributing to SecretZero:
1. Clone the Repository¶
2. Create a Virtual Environment¶
3. Install in Development Mode¶
This installs:
- All optional dependencies
- Development tools (pytest, black, ruff, mypy)
- The package in editable mode
4. Verify Installation¶
Alternative Installation Methods¶
Using pipx¶
pipx installs Python applications in isolated environments:
Using Poetry¶
If you use Poetry for dependency management:
Using Docker¶
You can run SecretZero in a Docker container:
FROM python:3.11-slim
# Install SecretZero
RUN pip install secretzero[all]
# Copy your Secretfile
COPY Secretfile.yml /app/Secretfile.yml
WORKDIR /app
# Run SecretZero
CMD ["secretzero", "sync"]
Build and run:
Verifying Installation¶
After installation, verify everything is working:
1. Check Version¶
Expected output:
2. Check Available Commands¶
You should see all available commands:
- create - Create new Secretfile
- validate - Validate configuration
- sync - Generate and sync secrets
- show - Show secret status
- rotate - Rotate secrets
- policy - Check policies
- drift - Detect drift
- test - Test connectivity
3. Test Installation¶
Create a test Secretfile:
This creates a Secretfile.yml with example configuration.
Validate it:
If you see ✅ messages, everything is installed correctly!
Upgrading¶
To upgrade to the latest version:
To upgrade with all dependencies:
Uninstalling¶
To remove SecretZero:
This removes the package but leaves your configuration files intact.
Troubleshooting¶
Python Version Issues¶
If you get a Python version error:
# Check your Python version
python --version
# Use a specific Python version
python3.11 -m pip install secretzero
Permission Errors¶
If you get permission errors on Linux/macOS:
Or use a virtual environment (recommended):
Import Errors¶
If you get import errors after installation:
# Ensure you're using the correct Python/pip
which python
which pip
# Reinstall with verbose output
pip install -v secretzero
Cloud Provider Dependencies¶
If cloud provider commands fail:
# Check if optional dependencies are installed
pip show boto3 # AWS
pip show azure-identity # Azure
pip show hvac # Vault
# Install missing dependencies
pip install secretzero[aws,azure,vault]
Platform-Specific Notes¶
macOS¶
On macOS with Apple Silicon (M1/M2):
# Install Xcode Command Line Tools if needed
xcode-select --install
# Then install SecretZero
pip install secretzero
Windows¶
On Windows, you may need to install Visual C++ Build Tools for some dependencies:
- Download Visual C++ Build Tools
- Install with C++ development tools
- Then install SecretZero
Linux¶
On minimal Linux distributions, install Python development headers:
Next Steps¶
Now that SecretZero is installed:
- Quick Start → - Create your first secret in 5 minutes
- First Project → - Build a complete project
- Basic Concepts → - Understand the architecture
Getting Help¶
If you encounter installation issues:
- Check the Troubleshooting Guide
- Search GitHub Issues
- Ask in GitHub Discussions