Features

• 🔒 Encrypts sensitive files before committing to Git
• 🔗 Seamless Git integration as a git secret subcommand
• ⚙️ Flexible global and per-repo configuration
• 🗝️ GPG backend (SSH planned)
• 👥 User management via GPG IDs
• 🌐 Cross-platform: Linux, macOS, Windows

Installation

1. Download a prebuilt binary:
   GitHub Releases
2. Or build from source:

   git clone https://github.com/OpScaleHub/git-secret.git
   cd git-secret
   go build -o git-secret .
   sudo mv git-secret /usr/local/bin/

3. Verify installation:

   git secret help

Requirements: Go 1.21+, Git, GPG (in PATH)

Usage

# Initialize in your repo
git secret init
# Add files to encrypt
git secret add secret.txt config.yaml
# Add a user by GPG key ID
git secret adduser KEYID
# Encrypt/decrypt
 git secret encrypt
 git secret decrypt
# Remove file from tracking
git secret rm secret.txt
# List users and files
git secret list
# Re-encrypt after user changes
git secret rekey

For all commands, run git secret help.

Configuration

Configure via Git (global or per-repo):

git config --local secret.backend gpg
git config --local secret.gpg_program /usr/bin/gpg
git config --local secret.secret_dir .gitsecret

See README for all options.

Documentation & Website

This site is published via GitHub Pages from the docs/ folder.
Main site: https://git-secret.opscale.ir

To update, push changes to docs/ in the main branch.