gitkeys

package module

v0.1.26 Latest Latest Go to latest Published: Jul 15, 2023 License: BSD-3-Clause Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/paepckehh/gitkeys

Links

Open Source Insights

README ¶

OVERVIEW

paepcke.de/gitkeys log-store : paepcke.de/keys

git ssh keys logging , stupid simple, fast, local

perfect companion for age-encryption (have always up-to-date trusted keys)
easy to use & review (hash/checksum/protected) clear text database files
verify all [ssh-key] signed commits, tags, files - yourself, locally, offline
all files are add/append only: we never remove any entries from keys, keys.urls or keys.log
all key sets in the keyfile (and the keyfile itself) is protected by (chained) sha512 hash checksums (wip:signatures)
100 % pure go, 100 % pure stdlib only, no external dependencies

INSTALL

go install paepcke.de/gitkeys/cmd/gitkeys@latest

DOWNLOAD (prebuild)

github.com/paepckehh/gitkeys/releases

SHOWTIME

Do you have a store of local git (mirrors)?

GITSTORE="/usr/store/git" gitkeys fetch
[gitkeys] SSH Key Transparency Log  : Mode Check [CheckInteg] [AddLocal] [CleanRewrite]
[gitkeys] key file stats            : /usr/store/git/.keys => owner total : 1117
[gitkeys] url file stats            : /usr/store/git/.keys.urls => urls total : 1926
[gitkeys] scan local store for urls : /usr/store/git
[gitkeys] writing clean key file    : /usr/store/git/.keys
[gitkeys] writing clean url file    : /usr/store/git/.keys.urls

Do you have a list of git repo urls?

echo "https://github.com/klauspost" > /usr/store/git/.keys.urls
GITSTORE="/usr/store/git" gitkeys fetch
[...]

Do you have a existing keys file that you want to update?

GITSTORE="/usr/store/git" gitkeys fetch
[...]

Do you have a existing keys file that you want to integ check, verify, clean-rewrite only?

GITSTORE="/usr/store/git" gitkeys
[...]

Behind a (corp|security) proxy?

HTTPS_PROXY="proxy.bigCorp.local" SSL_CERT_FILE="/etc/ssl/bigCorpProxy.pem" GITSTORE="/usr/store/git" gitkeys fetch
 [...]

DOCS

pkg.go.dev/paepcke.de/gitkeys

CONTRIBUTION

Yes, Please! PRs Welcome!

Documentation ¶

Overview ¶

package gitkeys allows you to maintain a local-first git key tranparency log

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Repo ¶

type Repo struct {
	KeyFile  string
	GitStore string

	Verbose bool
	// contains filtered or unexported fields
}

Repo ...

func NewRepo ¶

func NewRepo() *Repo

NewRepo ...

func (*Repo) Check ¶

func (r *Repo) Check() error

Check reads and verifies (when exists) KeyFiles (keys and urls) and scans (when provided) the git repo (read-only) for urls.

func (*Repo) Fetch ¶

func (r *Repo) Fetch() error

Fetch performes the same actions as Update, but does an online keyfetch download/diff as well.

func (*Repo) Pinonly ¶

func (r *Repo) Pinonly() string

Pinonly re-calculates the Pin (checksum) of all keys within KeyFile. If checksum is valid, return a verified checksum-pin of KeyFile.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
gitkeys package main ...	package main ...

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL