Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/thebitrebels/git-tresor

En- and decrypt secret files with AES-256 to store them where they are needed - next to your source code.
https://github.com/thebitrebels/git-tresor

devops devsecops security-tools

Last synced: 3 months ago
JSON representation

En- and decrypt secret files with AES-256 to store them where they are needed - next to your source code.

Host: GitHub
URL: https://github.com/thebitrebels/git-tresor
Owner: thebitrebels
Created: 2022-04-06T19:02:23.000Z (almost 3 years ago)
Default Branch: master
Last Pushed: 2023-03-06T03:00:18.000Z (almost 2 years ago)
Last Synced: 2024-04-24T13:27:54.295Z (9 months ago)
Topics: devops, devsecops, security-tools
Language: JavaScript
Homepage:
Size: 494 KB
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 5
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-gamejam - git-tresor - Encrypt dev-secrets to store them securely next to your source code. (Development / Tools)

README

---

Encrypt and decrypt files to store them inside a git repository. `git-tresor` uses [AES-256](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) encryption. Every file or directory has it's own password. This enables you to commit encrypted files either in a separate git repository or inside the same repository where your secret files are needed (f.e. Android-Keystores or Signing-Certificates for Apple).

---

## Setup

`git-tresor` can be installed via `npm`. If you want to install it globally simply type the following command:

```
npm i -g git-tresor
```

For a local installation you run `npm i git-tresor --save-dev` from your npm-folder.

### Requirements

`git-tresor` runs on systems that support `npm`/`node`. If you have issues with your local environment let us know!

### Initialization

To initialize a new repository you should start by setting up git:

```
git init
```

Of course you do not need this step if the git repository is already initialized. After that you can go ahead and initialize `git-tresor` by running:

```
git-tresor init
```

It will guide you trough the process of initialization.

## Usage

Below you can see the currently available options.

```
Options

-e, --encrypt Flag to use encryption mode.
-d, --decrypt Flag to use decryption mode.
-f, --file string Path to the file that should be en- or decrypted.
-dir, --directory string Path to a directory that should be en- or decrypted.
-p, --password string Password that is used to en- or decrypt.
```

To de- or encrypt files you need to set the `-d` or `-e` flag. In both cases you need to specify a file and a password.

```
# Encryption
git-tresor -e -f secretFile.txt -p secretPassword

# Decryption
git-tresor -d -f secretFile.txt.enc -p secretPassword
```

If you want to de- or encrypt folders you need to set the `-dir` option instead of `-f`.

```
# Encryption
git-tresor -e -dir ./secretFolder -p secretPassword

# Decryption
git-tresor -d -dir ./secretFolder -p secretPassword
```

In all cases, you will be prompted to enter a password if you do not set `--password` (or `-p`).

## Sources & Further Readings

- [Brandonstilson - Let's encrypt with node](https://medium.com/@brandonstilson/lets-encrypt-files-with-node-85037bea8c0e) - Source and inspiration for core encryption code
- [git-secret](https://github.com/sobolevn/git-secret) - A bash-tool to store your private data inside a git repository.
- [fastlane-match](https://docs.fastlane.tools/actions/match/) - Easily sync your certificates and profiles across your team
- [pass](https://www.passwordstore.org/) - With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password.