Store Rust Diesel Database Passwords In macOS Keychain Access

May 2023

I don't like storing password in plain-text. That means no .env files. Instead I use password managers to store them and call them from there as needed. The diesel Rust crate provides a --database-url argument that serves this purpose. It's a little long to write so I make a little script file called migrate.bash with this it in:

migrate.bash

diesel \
--database-url \
$(security find-generic-password -w -a alan -s password-name) \
migration \
run

Notes

The is the approach I use with macOS Keychain Access app. It's what the security command talks to. Similar command line tools exist for other password managers
The file needs to be made executable with:

chmod u+x migrate.bash
The -a alan in the example is for my account on the mac. You might not need it. Or, if the account is different you'll have to change it explicitly

end of line