It is a git extension that allows you to store sensitive information in a secure manner based on gpg for encryption and decryption

Installation

brew install git-secret

Initialization

git secret init

initialize this git repository as a git secret repository

User management

git secret tell [user]

Specify the user whose GPG key will be used for encryption and decryption list the available user by running gpg --list-secret-keys

git secret whoknows

list the users have permissions

Encryption and decryption

git secret add [filename..]

Add files to be encrypted and protected you need to perform git secret hide to delete the unencrypted files and create encrypted files.

git secret reveal

Decrypt the encrypted files

git secret hide -d

Delete unencrypted files and create encrypted files.

git secret hide -m

Only encrypt files that have been modified

Maintenance

git secret killperson <emails>

Revoke access to the encrypted data for the specified users

Best Practices

• Always run git secret hide after adding new files to be encrypted.

• Use git secret reveal to decrypt files only when necessary.

• Regularly review the users who have access to the encrypted data using git secret whoknows.