tool
ENV to Base64
Encode environment variable values to base64 or decode base64 back to plaintext. Essential for Kubernetes secrets, Docker Compose, and CI/CD pipelines that require base64-encoded env values.
Input (.env)
Output (base64 values)
Output will appear here…CLI equivalents
Encode a value
echo -n "my-secret" | base64Decode a value
echo "bXktc2VjcmV0" | base64 --decodeWhy base64-encode environment variables?
Several platforms and tools require environment variable values to be base64-encoded:
- Kubernetes Secrets — all values in a
Secretmanifest must be base64-encoded. kubectl applies them as-is; your pod receives the decoded value. - GitHub Actions secrets — when a secret contains newlines (e.g., a PEM certificate or JSON service account key), base64-encoding collapses it to a single line that fits cleanly as an env var.
- Docker / Docker Compose — values with special characters (
$,#,=) can cause parsing issues. base64 eliminates all special characters. - CI/CD pipelines — JSON blobs, private keys, and certificates are commonly stored as base64 in CI variables and decoded at runtime.
Kubernetes secret example
Given DATABASE_URL=postgres://user:pass@host/db, the Kubernetes manifest looks like:
apiVersion: v1
kind: Secret
metadata:
name: app-secrets
type: Opaque
data:
DATABASE_URL: cG9zdGdyZXM6Ly91c2VyOnBhc3NAaG9zdC9kYg==Run kubectl get secret app-secrets -o jsonpath={'.data.DATABASE_URL'} | base64 --decode to verify the decoded value.
Decoding at runtime
In Node.js: Buffer.from(process.env.MY_VAR, 'base64').toString('utf8')
In Python: import base64; base64.b64decode(os.environ['MY_VAR']).decode()
In shell: echo "$MY_VAR" | base64 --decode
Related tools
- ENV Formatter — sort, align, and normalize .env files
- ENV Validator — check for syntax errors in .env files
- ENV Leak Checker — detect accidentally exposed secrets