\fBgit\-secret\fR\- bash tool to store private data inside a git repo\.
@ -45,23 +45,18 @@ Later you can decrypt files with the \fBgit secret reveal\fR command, or print t
.SS"Usage: Adding someone to a repository using git\-secret"
.
.IP"1."4
\fIGet their \fBgpg\fR public\-key\fR\.\fBYou won\'t need their secret key\.\fR They can export their public key for you using a command like:
\fIGet their \fBgpg\fR public\-key\fR\.\fBYou won\'t need their secret key\.\fR They can export their public key for you using a command like:\fBgpg \-\-armor \-\-export their@email\.com > public_key\.txt # \-\-armor here makes it ascii\fR
.
.IP""0
.
.P
\fBgpg \-\-armor \-\-export their@email\.com > public_key\.txt\fR\fB# armor here makes it ascii\fR
.
.IP"1."4
.IP"2."4
Import this key into your \fBgpg\fR keyring (in \fB~/\.gnupg\fR or similar) by running \fBgpg \-\-import public_key\.txt\fR
.
.IP"2." 4
.IP"3."4
Now add this person to your secrets repo by running \fBgit secret tell their@email\.id\fR (this will be the email address associated with their public key)
.
.IP"3." 4
.IP"4." 4
Now remove the other user\'s public key from your personal keyring with \fBgpg \-\-delete\-keys their@email\.id\fR
.
.IP"4." 4
.IP"5." 4
The newly added user cannot yet read the encrypted files\. Now, re\-encrypt the files using \fBgit secret reveal; git secret hide \-d\fR, and then commit and push the newly encrypted files\. (The \-d options deletes the unencrypted file after re\-encrypting it)\. Now the newly added user will be able to decrypt the files in the repo using \fBgit\-secret reveal\fR\.
joshr
2 years ago