forgejo/CONTRIBUTING/SECRETS.md
Loïc Dachary f442ca6f40
[DOCS] CONTRIBUTING
Refs: https://codeberg.org/forgejo/forgejo/issues/8
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/153
Refs: https://codeberg.org/forgejo/forgejo/issues/123
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/299
(cherry picked from commit 08dcef0c8c)

[DOCS] CONTRIBUTING/RELEASE: https://forgejo.org/docs/admin

Because the version is not displayed on the landing page of Forgejo,
there cannot be a link to a versionned documentation. There must exist
a link that points to the latest version on the website for the
forgejo instance to display.

Better but more complicated approaches could be to:

* Embed the documentation in Forgejo
* Allow the admin to not display the help
* Allow the admin to display a versionned help or not

(cherry picked from commit 83cc389239)
(cherry picked from commit 5df52b8a4f)
(cherry picked from commit 9a66b3d70b)

[DOCS] CONTRIBUTING/RELEASE: reminder to update FORGEJO_VERSION

(cherry picked from commit 2a4d0bd164)
(cherry picked from commit d68576ba67)

[DOCS] CONTRIBUTING: updates

* Remove obsolete description of the well being & moderation team and
  replace them with a link to the moderation email.

* Remove description of the governance process and replace with a link
  to the governance readme that did not exist at the time.

* Add links to the Forgejo documentation

(cherry picked from commit df749da272)
(cherry picked from commit 4da39128c5)
2023-04-03 10:34:05 +02:00

1.8 KiB

Secrets

All Forgejo credentials are shared among the secret keepers teams in a private repository with encrypted content.

Get started

  1. Make sure you have a GPG Key, or create one
  2. Send someone else your public key and ask this person to add yourself as a recipient
# Commands for the other person
$ gpg --import public_key.asc
# The following command will open a prompt, with the available public keys. 
# Choose the one you just added and all secrets will be re-encrypted with this new key.
$ gopass recipients add
  1. Install gopass

⚠️ When installing on Ubuntu or Debian you can either download the deb package, install manually or build from source or use our APT repository (github comment with more information).

  1. Clone this repo using gopass (the name and email are for git config)
$ gopass clone git@codeberg.org:forgejo/gopass.git
  1. Check the consistency of the gopass storage
$ gopass fsck

Get a secret

Show the whole secret file:

$ gopass show ovh.com/manager

Copy the password in the clipboard:

$ gopass show -c ovh.com/manager

Copy the user part of the secret in the clipboard:

$ gopass show -c ovh.com/manager user

Insert or edit a secret

$ gopass edit ovh.com/manager

In the editor, insert the password on the first line. You may then add lines with a key: value syntax (user: username for instance).

Debugging and manual git operations

The following command will show the location and status of the git repo (all git commands are available).

$ gopass git status