How Autonoma AI Uses Occultus to Accelerate Development and Maintain Consistency

Introduction

At Autonoma AI, we constantly look for ways to improve our development workflow and ensure that our engineering teams can move fast without compromising security. One of the biggest challenges in software development is managing secrets—API keys, database credentials, and other sensitive configurations—across multiple developers, environments, and machines.

To solve this problem, we built and open-sourced Occultus, a lightweight NPM package that automates fetching secrets from Google Cloud Secret Manager and securely storing them in an .env file. This has significantly improved our development experience, reducing setup time and ensuring consistency across our team.

The Problem: Managing Secrets in a Fast-Paced Development Environment

Before using Occultus, sharing secrets among developers was a manual and error-prone process. Some common issues we faced included:

• Onboarding delays: New engineers had to manually request, retrieve, and configure secrets for different environments.
• Inconsistent environments: Different team members sometimes used outdated or incorrect secrets, leading to debugging headaches.
• Security risks: Storing secrets in plaintext or committing them accidentally was a constant concern.

We needed a solution that:

✅ Fetches secrets securely from Google Cloud Secret Manager.

✅ Ensures all developers use the same, up-to-date secrets.

✅ Works seamlessly with existing development workflows.

The Solution: Occultus

With Occultus, we solved all these problems in one simple package. Now, developers only need to run:

This single command:

1. Reads the configuration from package.json.
2. Fetches the latest secret from Google Cloud Secret Manager.
3. Stores it in an .env file.
4. Skips unnecessary downloads if the secret hasn’t changed, reducing API calls and improving performance.

Installation

Since Occultus is meant for development environments, we recommend installing it as a dev dependency:

How We Integrated Occultus Internally

We standardized secret management across all our repositories by adding this snippet to each project's package.json:

"occultus": {
    "projectId": "autonoma-ai",
    "secretName": "dev-env-secret",
    "envFile": ".env"
}

Explanation of Configuration Options

• projectId: The Google Cloud project where the secret is stored.
• secretName: The name of the secret in Google Cloud Secret Manager.
• envFile: The name of the environment variable file where the secret will be stored (e.g., .env).

Now, every developer at Autonoma AI just runs npm run fetch-secret when setting up a project, ensuring they have the latest environment configuration with zero friction.

Using Occultus Programmatically

In addition to the CLI command, Occultus also provides a function that can be used anywhere in your codebase.

Example Usage:

import { saveSecretToEnv } from 'occultus';
 
(async () => {
    await saveSecretToEnv();
    console.log('Secrets have been updated successfully!');
})();

This flexibility allows developers to dynamically fetch secrets whenever needed, making Occultus even more versatile.

Advantages of Using Occultus

1️⃣ Accelerated Onboarding 🚀

New team members can start coding immediately without manually retrieving secrets. The entire environment is set up in seconds.

2️⃣ Consistency Across Machines 🔄

Whether a developer is using a Mac, Linux, or Windows machine, they will always have the correct secrets configured, preventing “works on my machine” issues.

3️⃣ Security & Compliance 🔐

By fetching secrets dynamically, we avoid committing them to version control, reducing security risks and ensuring compliance with best practices.

4️⃣ Automated Updates 🔄

If a secret changes in Google Cloud Secret Manager, developers receive the update automatically the next time they run the command.

Open-Sourcing Occultus

We believe in developer productivity and secure best practices, so we decided to make Occultus open-source. We hope other teams facing similar challenges can benefit from it.

You can check out the repository here: GitHub Repo

Feel free to try it out and contribute! 🚀 Let us know how it helps.

About Autonoma AI

At Autonoma AI, we are revolutionizing UI testing by enabling everyone to create tests without writing code. Our platform allows users to describe test scenarios in natural language, making test creation as simple as showing us what to do.

Key Features

• No-Code Test Creation: Write tests without code by interacting with our intuitive interface or using natural language commands.
• Multi-Platform Support: Automatically test across Web, iOS, and Android platforms, covering various versions, models, and screen sizes.
• CI/CD Integration: Seamlessly integrate with your CI/CD pipeline to ensure every release is thoroughly tested without manual effort.
• Zero Maintenance: Our AI automatically fixes broken tests, reducing maintenance and keeping your testing flow uninterrupted.
• Visual Testing: Go beyond manual checks with our visual testing capabilities to catch all UI-related bugs.
• Fully Managed Testing: We handle everything—from test execution to analysis—so you can focus on building, not debugging.
• By leveraging Autonoma AI, leading companies have saved time and resources, improved product quality, and accelerated their development processes.

For more information, visit our website: getautonoma.com