forgejo/CONTRIBUTING/SECRETS.md

57 lines
1.8 KiB
Markdown
Raw Normal View History

[DOCS] CONTRIBUTING Refs: https://codeberg.org/forgejo/forgejo/issues/8 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/153 Refs: https://codeberg.org/forgejo/forgejo/issues/123 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/299 (cherry picked from commit 08dcef0c8cc9cdf5d786a925f18c1ec0cf3364da) [DOCS] CONTRIBUTING/RELEASE: https://forgejo.org/docs/admin Because the version is not displayed on the landing page of Forgejo, there cannot be a link to a versionned documentation. There must exist a link that points to the latest version on the website for the forgejo instance to display. Better but more complicated approaches could be to: * Embed the documentation in Forgejo * Allow the admin to not display the help * Allow the admin to display a versionned help or not (cherry picked from commit 83cc38923935dcc7edca22756d6fc10988a58540) (cherry picked from commit 5df52b8a4f6ebd184999a19dd10138a8e3980869) (cherry picked from commit 9a66b3d70b6e7d2a3ee146d3708d48d8f9bfe305) [DOCS] CONTRIBUTING/RELEASE: reminder to update FORGEJO_VERSION (cherry picked from commit 2a4d0bd164e55fc981d9437d8220a9c1e00ca59b) (cherry picked from commit d68576ba6762f4af2ed8133fe123fa84c136a90c) [DOCS] CONTRIBUTING: updates * Remove obsolete description of the well being & moderation team and replace them with a link to the moderation email. * Remove description of the governance process and replace with a link to the governance readme that did not exist at the time. * Add links to the Forgejo documentation (cherry picked from commit df749da27225ee13b5e00b689b397b24afebd044) (cherry picked from commit 4da39128c50e5e754f1404a5b79669a8218344be)
2022-12-17 13:06:28 +00:00
# Secrets
All Forgejo credentials are shared among the [secret keepers](https://codeberg.org/forgejo/meta/src/branch/readme/TEAMS.md#secrets-keeper) teams in a private repository with encrypted content.
## Get started
1. Make sure you have a GPG Key, or [create one](https://github.com/NicoHood/gpgit#12-key-generation)
2. Send someone else your public key and ask this person to add yourself as a recipient
```
# Commands for the other person
$ gpg --import public_key.asc
# The following command will open a prompt, with the available public keys.
# Choose the one you just added and all secrets will be re-encrypted with this new key.
$ gopass recipients add
```
3. [Install gopass](https://www.gopass.pw/#install)
> :warning: When installing on Ubuntu or Debian you can either download the deb package, install manually or build from source or use our APT repository ([github comment](https://github.com/gopasspw/gopass/issues/1849#issuecomment-802789285) with more information).
4. Clone this repo using `gopass` (the name and email are for `git config`)
```
$ gopass clone git@codeberg.org:forgejo/gopass.git
```
5. Check the consistency of the gopass storage
```
$ gopass fsck
```
## Get a secret
Show the whole secret file:
```
$ gopass show ovh.com/manager
```
Copy the password in the clipboard:
```
$ gopass show -c ovh.com/manager
```
Copy the `user` part of the secret in the clipboard:
```
$ gopass show -c ovh.com/manager user
```
## Insert or edit a secret
```
$ gopass edit ovh.com/manager
```
In the editor, insert the password on the first line.
You may then add lines with a `key: value` syntax (`user: username` for instance).
## Debugging and manual git operations
The following command will show the location and status of the git repo (all git commands are available).
```
$ gopass git status
```