forgejo/CONTRIBUTING/SECRETS.md

57 lines
1.8 KiB
Markdown
Raw Normal View History

[DOCS] CONTRIBUTING Refs: https://codeberg.org/forgejo/forgejo/issues/8 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/153 Refs: https://codeberg.org/forgejo/forgejo/issues/123 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/299 (cherry picked from commit 08dcef0c8cc9cdf5d786a925f18c1ec0cf3364da) [DOCS] CONTRIBUTING/RELEASE: https://forgejo.org/docs/admin Because the version is not displayed on the landing page of Forgejo, there cannot be a link to a versionned documentation. There must exist a link that points to the latest version on the website for the forgejo instance to display. Better but more complicated approaches could be to: * Embed the documentation in Forgejo * Allow the admin to not display the help * Allow the admin to display a versionned help or not (cherry picked from commit 83cc38923935dcc7edca22756d6fc10988a58540) (cherry picked from commit 5df52b8a4f6ebd184999a19dd10138a8e3980869) (cherry picked from commit 9a66b3d70b6e7d2a3ee146d3708d48d8f9bfe305) [DOCS] CONTRIBUTING/RELEASE: reminder to update FORGEJO_VERSION (cherry picked from commit 2a4d0bd164e55fc981d9437d8220a9c1e00ca59b) (cherry picked from commit 6577fad1c95abaab823dd5f1289ce12ddd275ba1) (cherry picked from commit d5b78a53fe63a9dd556cd59fc9c9c2e7c9867016) (cherry picked from commit ddc09375ca991eb57c23ff5a3cfe94559eaa14ac) (cherry picked from commit 06015101a131849a4239be763ddb9582f50356a8) (cherry picked from commit 9c7208b3f6ed419aa0c5b8667bd8d5510ad52206) (cherry picked from commit 6b8e6878c9d0609844637672b33a97878e13ba13)
2022-12-17 13:06:28 +00:00
# Secrets
All Forgejo credentials are shared among the [secret keepers](https://codeberg.org/forgejo/meta/src/branch/readme/TEAMS.md#secrets-keeper) teams in a private repository with encrypted content.
## Get started
1. Make sure you have a GPG Key, or [create one](https://github.com/NicoHood/gpgit#12-key-generation)
2. Send someone else your public key and ask this person to add yourself as a recipient
```
# Commands for the other person
$ gpg --import public_key.asc
# The following command will open a prompt, with the available public keys.
# Choose the one you just added and all secrets will be re-encrypted with this new key.
$ gopass recipients add
```
3. [Install gopass](https://www.gopass.pw/#install)
> :warning: When installing on Ubuntu or Debian you can either download the deb package, install manually or build from source or use our APT repository ([github comment](https://github.com/gopasspw/gopass/issues/1849#issuecomment-802789285) with more information).
4. Clone this repo using `gopass` (the name and email are for `git config`)
```
$ gopass clone git@codeberg.org:forgejo/gopass.git
```
5. Check the consistency of the gopass storage
```
$ gopass fsck
```
## Get a secret
Show the whole secret file:
```
$ gopass show ovh.com/manager
```
Copy the password in the clipboard:
```
$ gopass show -c ovh.com/manager
```
Copy the `user` part of the secret in the clipboard:
```
$ gopass show -c ovh.com/manager user
```
## Insert or edit a secret
```
$ gopass edit ovh.com/manager
```
In the editor, insert the password on the first line.
You may then add lines with a `key: value` syntax (`user: username` for instance).
## Debugging and manual git operations
The following command will show the location and status of the git repo (all git commands are available).
```
$ gopass git status
```