relic 命令

常用示例

说明

relic is a CLI-first secret management layer that encrypts secrets on-device before transmitting them to the server. The server only stores ciphertext, ensuring zero-knowledge security. When running relic run, the CLI fetches encrypted secrets from the server, decrypts them locally using AES-256 and Argon2id, and injects them into the target process through a Rust-based runner that clears memory after use. No secrets are written to disk during injection. Relic supports team collaboration where each member's secrets are encrypted with their own keys. It also works in CI/CD pipelines using API keys set via the RELIC_API_KEY and RELIC_PASSWORD environment variables. The interactive TUI (invoked with bare relic) provides a visual interface for creating, editing, and organizing secrets across projects, environments, and folders. An MCP server mode enables integration with AI coding assistants.

参数

login

Authenticate with Relic via browser using device authorization flow.

logout

Clear stored authentication session, cached keys, and password.

init

Initialize Relic for the current project by selecting a project and writing a relic.toml config file.

projects

List all owned and shared projects with environments and folders in a tree view.

whoami

Show the currently authenticated user's name, email, and plan.

mcp

Start the Relic MCP server for AI assistant integration.

telemetry _status|enable|disable_

Manage anonymous usage data collection.

run -e _name_ -f _folder_ -s _scope_ -p _id_ -- _command..._

Run a command with decrypted secrets injected as environment variables.

-e, --environment _name_

Environment name to load secrets from (required).

-f, --folder _name_

Folder within the environment (optional).

-s, --scope _scope_

Scope filter: client, server, or shared (optional).

-p, --project _id_

Project ID. Defaults to relic.toml or RELIC_PROJECT_ID env var.

--version

Show version information.

--help

Show available commands and options.