Easily rotate gnupg encryption keys of fully or partially encrypted files. 🧂
This project was created to help with the rotation of secret keys on saltstack controllers. Like probably at least some of you I am bad at rotating encryption keys due to the effort and time required. This tool is meant to make that task quick and painless.
Documentation is hosted at raddessi.github.io/salt-gnupg-rotate/ and prebuilt zip files of the project documentation are available for download from the Releases page.
- It's fast! Rotate your keys in seconds
- Encrypted blocks are updated in-place in your files, keeping surrounding context and current indentation
- Trace level logging using
--log-level trace
will show you the decrypted block contents as well as the re-encrypted blocks for you to manually validate the changed before applying them - No changes to your data will be made unless the
--write
flag is given
- GitHub Discussions - Discussion forum hosted by GitHub; ideal for Q&A and other structured discussions
Please see the documentation for instructions on installation or upgrades.
The best platform for general feedback, assistance, and other discussion is our GitHub discussions. To report a bug or request a specific feature, please open a GitHub issue using the appropriate template.
If you are interested in contributing to the development of this project, please read our contributing guide in the documentation prior to beginning any work.