Stack Overflow
Stack Overflow

Questions tagged [git-secret]

`git-secret` is a bash tool to store your private data inside a git repo. How’s that? Basically, it just encrypts, using gpg, the tracked files with the public keys of all the users that you trust.

19 questions
3
votes
1 answer

Importing backed up private key, gpg: [don't know]: partial length invalid for packet type 20

I've imported a private key that I've backed up on my Macbook, however, I get this message when I try to decrypt the files that were encrypted using the public key paired with my own private key. I'm not quite sure what the message means, I am not…
Nicolas Zheng
  • 31
  • 2
3
votes
0 answers

Where should I specify a pinentry program for GnuPG 2.0 and later?

I'm going to introduce git-crypt or git-secret to encrypt the credentials information described in a git repository. This needs GnuPG(GPG) to provide a way of encryption. I'v already installed the following program with…
BrainVader
  • 383
  • 1
  • 3
  • 7
3
votes
0 answers

Can't reveal secrets during continuous integration

Using git-secret, I've encrypted several API keys that I need for my application. Now, I'm trying to integrate with Travis CI to deploy, and I need Travis to be able to unencrypt these files and reveal them. To do this, I've created a new key pair,…
Darendal
  • 843
  • 9
  • 29
2
votes
3 answers

git-secret: gpg: [don't know]: partial length invalid for packet type 20 in the gitlab ci job

I have a trouble with git secret in the gitlab ci jobs. What I done: init, add users, add files, hide them using git secret create a job where I want to reveal files: git secret: stage: init before_script: - sh -c "echo 'deb…
Kairat Santashbekov
  • 41
  • 2
  • 8
2
votes
0 answers

I want to install git-secret on a windows machine

I found the command to install git-secret as 'chocolatey install git-secret' or 'scoop install git-secret' in a power shell. Both of the commands are giving errors as manifest not found. Is there any command with which I can install git-secret?…
Ishrath
  • 21
  • 1
2
votes
1 answer

Using git-secret with git pre-commit not working

When setting up pre-commit hook to call git secret hide in order to encrypt secret files on running commit to commit one or more changed files, the changed files are committed as expected but I am left with two new changed files which are not staged…
colinbes
  • 417
  • 6
  • 14
1
vote
0 answers

Best practises storing credentials/secrets across devices/teams

TL;DR An issue I've rarely seen addressed is storing of secrets/credentials across devices/teams. Context: There are countless questions and solutions storing credentials, API keys, secrets, etc for devices or backend servers using secure storage…
CybeX
  • 2,060
  • 3
  • 48
  • 115
1
vote
0 answers

git-secrets decryption in GitHub actions

Hello Github actions community :) I have a workflow in github actions that I don't quite understand why it is not working. I am currently using git-secrets to encrypt my credentials using git-secrets and I am trying to decrypt them in the github…
C.C
  • 49
  • 7
1
vote
0 answers

How Can I know if the created GPG key is with or without the passphrase ? Let's say the key was created using gpg --gen-key without entering passphras

Git Secret How Can I know if the created GPG key is with or without the passphrase ? I have tried comparing the keys, one created without entering the passphrase, and the other with the passphrase, couldn't see any difference.
Ashim Bhargav
  • 11
  • 1
1
vote
0 answers

configure ci_secrets for Jenkins ci

ci_secrets is (https://github.com/pmarlow/ci_secrets) is a repo secret scanning tool which can easily be integrated with Travis and Gitlab ci without a need for a persistent server. Configuring this into the Jenkins pipeline is a bit tricky though…
Sam
  • 11
  • 1
1
vote
1 answer

Adding RegEx to Git Secrets

I'm attempting to add some RegEx password patterns to git secrets using the --add switch. ^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[#$^+=!*()@%&]).{6,40}$ ^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[0-9]).{6,40}$ When I do just a base git secrets --scan…
Heats
  • 123
  • 1
  • 3
  • 10
1
vote
2 answers

What is a regular expression to identify the AWS basic auth value in the repository for git-secret?

I want to identify the AWS basic auth from the files in a repository. For this I want to add a pattern for git-secret to scan the value for basic auth value in the repository. I have tried with the below pattern: git secrets --add '^\bBasic…
Rapid
  • 111
  • 2
  • 13
0
votes
0 answers

Invalid preceding regular expression git secret

I am trying to use awslabs/git-secrets on windows. When I add regex like (?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@$%&*]).{8,} and try to scan it throws an fatal error Invalid preceding regular expression. After trying to understand cause of error I…
Noob
  • 1
0
votes
1 answer

git-secret-reveal failed on github actions

I'm trying to use Github Actions for CI. I've created some secrets in repository on GitHub and encrypt some files in sources with a git-secret tool. In the end, I wrote netx yml-script as action for github build: runs-on:…
Midas74
  • 13
  • 3
0
votes
1 answer

git-secret reveal causes changes to pubring.kbx file - Why?

I'm trying to understand the git-secret workflow. This was the scenario: Teammate added my gpg key via git-secret tell and re-encrypted the secret files + pushed them. I can reveal these files, reencrypt them via git-secret hide and see that after…
AFB
  • 1
  • 2
1
2