ChimneyA Swift command line tool for managing application secrets.
Why we built it.
Most iOS apps need to access secrets, such as API keys, to setup third-party SDKs or communicate with backend APIs. The simplest approach is to include secrets in the source code or in the Info.plist file but that also exposes those values to anyone with read access to the source repository. It's best security practice to keep secrets out of source control.
How does it work?
Chimney stores secrets securely in the developer's keychain, not in the application source. Once installed, it can inject secrets as part of a standard Xcode build process and it doesn't require a third party dependency manager. It also works with continuous integration so you can keep your production secrets safe and completely out of developer's hands.
How do I use it?
Chimney is powered by a simple configuration file added to your project. Run
chimney setup locally, follow the interactive prompts, and then run
chimney generate. A source file is then generated which can be ignored by source control and contains the secrets for use anywhere in your app.
Check out the project on GitHub for more details!
We are Livefront.
Our team creates beautiful mobile apps for people in motion. We work every day with Fortune 500 companies and startups alike to build custom software for phones, tablets, mobile payment wallets, and wearables like watches and glasses. We care deeply about quality, and we love what we do.