This is a submission for the Pulumi Deploy and Document Challenge: Shhh, It's a Secret!
Hey everyone! 👋
This is my submission for the Pulumi Deploy and Document Challenge, under the “Shhh, It’s a Secret!” prompt.
📦 Source Code: GitHub Repository
🛠️ Stack: Node.js, TypeScript, Pulumi ESC, GitHub API
💡 The Idea
As a developer, I interact with GitHub constantly — checking repositories, creating new ones, managing project metadata, and so on. So I built a simple but useful command-line interface (CLI) to streamline those interactions.
But I didn’t want just another CLI tool — I wanted it to be secure, modular, and real-time configurable. That’s where Pulumi ESC (Environments, Secrets, and Configuration) came in.
🔐 Why Pulumi ESC?
Pulumi ESC made it easy to keep things secure without compromising on flexibility.
Instead of relying on .env files or hardcoded values, this CLI securely pulls secrets like the GitHub token from ESC environments at runtime — meaning:
- No secrets are exposed in the codebase or shell
- Secrets can be centrally managed, rotated, and audited
- The CLI can be reused across projects and teams with minimal config
- I can update or revoke secrets remotely, with zero redeploys
In short: ESC provides centralized, secure, and scalable secret management — perfect for both solo devs and teams.
🧭 What the CLI does
Right now, this CLI provides an interactive GitHub experience straight from the terminal:
- 📦 List repositories
- 🔍 Get repo details
- 📊 View insights
- 📄 Create a new repo
- ✏️ Update repo name/description/visibility
- 🗑️ Delete a repo
All of these actions are authenticated via ESC-managed secrets — making it safer by design.
The app is cleanly organized with a simple controller-service-view structure to keep things maintainable and extendable.
🔭 What’s next?
This is still a lightweight tool, but I’m excited about extending it with:
- 🐛 Issue tracking from the CLI
- 🔀 Pull request insights and review commands
- 👥 Team/member management
- ⚙️ Workflows and Actions overview
- 📈 Integration with GitHub metrics or activity dashboards
Each of these features would benefit from Pulumi ESC as they scale — providing secure and consistent access to different environments and tokens.
🧠 Final Thoughts
This project is simple, but it gave me a great hands-on experience with Pulumi ESC and showed how valuable it can be in real-world tooling — especially for developers who want to build secure, scriptable workflows with minimal overhead.
Pulumi ESC is a powerful secret and configuration platform that bridges security and usability. Whether you’re a solo developer or part of a large engineering team, having centralized control over secrets — without ever storing them in code — is a huge win.
Thanks to Pulumi and DEV for creating this challenge! I'm excited to keep exploring what's possible. 🚀
