Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.devhelm.io/llms.txt

Use this file to discover all available pages before exploring further.

Manage vault secrets from the command line. Store credentials for authenticated monitor checks and use them in config-as-code with ${SECRET_NAME} syntax.

Commands

CommandDescription
devhelm secrets listList all secrets (names only, values are hidden)
devhelm secrets createCreate a new secret
devhelm secrets update <key>Update a secret’s value
devhelm secrets delete <key>Delete a secret
Secrets are identified by key (e.g., SLACK_WEBHOOK_URL). Secret values are write-only — you can set and delete them, but never read the plaintext value back.

secrets list

devhelm secrets list
Lists secret names and metadata. Values are never displayed.

secrets create

devhelm secrets create \
  --key SLACK_WEBHOOK_URL \
  --value "https://hooks.slack.com/services/T00/B00/xxx"
FlagTypeRequiredDescription
--keystringYesSecret name
--valuestringYesSecret value
Environment scoping for secrets is supported in the API and the YAML file format (see YAML reference), but the CLI secrets create command does not yet expose an --environment flag. To create environment-scoped secrets from a config-as-code workflow, define them in devhelm.yml and run devhelm deploy.

secrets update

Update an existing secret’s value: 
devhelm secrets update SLACK_WEBHOOK_URL \
  --value "https://hooks.slack.com/services/T00/B00/new"
FlagTypeRequiredDescription
--valuestringYesNew secret value

secrets delete

devhelm secrets delete SLACK_WEBHOOK_URL

Using secrets in config

Reference secrets in your devhelm.yml with ${...} syntax: 
alertChannels:
  - name: Slack Alerts
    config:
      channelType: slack
      webhookUrl: ${SLACK_WEBHOOK_URL}
Secrets are resolved at deploy time. The plaintext value is never stored in your config file.

Next steps

Environments

Create environments for secret scoping.

Monitoring as Code

Use secrets in your YAML config.