wn/woodpecker-helper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
woodpecker-helper/decrypt-secrets.sh
Wolfgang Hottgenroth b6904e4ed2
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/tag/woodpecker Pipeline was successful
Details
add documented decrypt script
2025-01-29 17:24:28 +01:00

22 lines
788 B
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
#
# Set the environment variable GPG_PASSPHRASE
# Pipe the encrypted data and
# - redirect the output into the destination file or
# - directly eval the output, in this case make sure ONLY variable definitions are in the file
#
# The second option would be
# eval "`cat secrets.asc | ./decrypt-secrets.sh`"
#
# To create the encrypted file use
# gpg --symmetric --cipher-algo AES256 --armor --output secrets.asc secrets.txt
# where secrets.txt is the cleartext file and secrets.asc will be the encrypted file.
# Make sure to use a good passphrase, make sure to store the passphrase safely.
#
# Adding the encrypted file secrets.asc to a source code repository is secure.
#
gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output -
Reference in New Issue View Git Blame Copy Permalink