Skip to content

raddessi/salt-gnupg-rotate

Repository files navigation

CI documentation Checked with MyPy Python Versions Code style: ruff

salt-gnupg-rotate

Easily rotate gnupg encryption keys of fully or partially encrypted files. 🧂

About

This project was created to help with the rotation of secret keys on saltstack controllers. Like probably at least some of you I am bad at rotating encryption keys due to the effort and time required. This tool is meant to make that task quick and painless.

main-demo

Documentation

Documentation is hosted at raddessi.github.io/salt-gnupg-rotate/ and prebuilt zip files of the project documentation are available for download from the Releases page.

Features

  • It's fast! Rotate your keys in seconds
  • Encrypted blocks are updated in-place in your files, keeping surrounding context and current indentation
  • Trace level logging using --log-level trace will show you the decrypted block contents as well as the re-encrypted blocks for you to manually validate the changed before applying them
  • No changes to your data will be made unless the --write flag is given

Discussion

  • GitHub Discussions - Discussion forum hosted by GitHub; ideal for Q&A and other structured discussions

Installation

Please see the documentation for instructions on installation or upgrades.

Providing Feedback

The best platform for general feedback, assistance, and other discussion is our GitHub discussions. To report a bug or request a specific feature, please open a GitHub issue using the appropriate template.

If you are interested in contributing to the development of this project, please read our contributing guide in the documentation prior to beginning any work.