// the find
orta/cocoapods-keys
A key value store for storing per-developer environment and application keys
A CocoaPods plugin that stores API keys in the macOS keychain rather than source code, then generates an obfuscated Objective-C class at `pod install` time so the keys are available at runtime without being checked into version control. Aimed at iOS/macOS teams who want to keep production secrets off developer machines and out of git history.
The keychain integration is the right storage primitive for per-developer secrets on macOS — much better than `.env` files that inevitably get committed. CI fallback to environment variables is handled automatically, which is the one thing most similar tools forget. The generated class approach means no runtime HTTP calls or secret managers needed for simple key access. The README is refreshingly honest about the security limits of obfuscation — it doesn't pretend this is real secrets management.
Obfuscation of the generated Objective-C is weak by the README's own admission — a debugger extracts the keys in minutes, so this mostly protects against accidental leaks, not motivated attackers. CocoaPods itself is losing ground to Swift Package Manager, and this plugin has no SPM equivalent, which means it's a dead end for any team migrating away. Last meaningful activity was 2022–2023; the project is explicitly in maintenance mode and the README points you to Arkana as the successor. macOS-only keychain backend means this doesn't work at all on Linux CI without the env var fallback.