home ~ projects ~ socials

Store Rust Diesel Database Passwords In macOS Keychain Access

I don't like storing password in plain-text. That means no .env files. Instead I use password managers to store them and call them from there as needed. The diesel Rust crate provides a --database-url argument that serves this purpose. It's a little long to write so I make a little script file called migrate.bash with this it in:

diesel \
--database-url \
$(security find-generic-password -w -a alan -s password-name) \
migration \
run

Notes

  • The is the approach I use with macOS Keychain Access app. It's what the security command talks to. Similar command line tools exist for other password managers

  • The file needs to be made executable with:

    chmod u+x migrate.bash

  • The -a alan in the example is for my account on the mac. You might not need it. Or, if the account is different you'll have to change it explicitly
-- end of line --