Skip to content
This repository has been archived by the owner on Nov 22, 2023. It is now read-only.
/ keysync Public archive

Keysync periodically downloads secrets from Keywhiz

License

Notifications You must be signed in to change notification settings

square/keysync

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Deprecated

As of 9/18/23 this project is now deprecated and no longer maintained; we recommend using HashiCorp Vault as a more robust and actively supported alternative.

Keysync

license report

Keysync is a production-ready program for accessing secrets in Keywhiz.

It is a replacement for the now-deprecated FUSE-based keywhiz-fs.

Getting Started

Building

Keysync must be built with Go 1.11+. You can build keysync from source:

$ git clone https://github.com/square/keysync
$ cd keysync
$ go build github.com/square/keysync/cmd/keysync

This will generate a binary called ./keysync

Dependencies

Keysync uses Go modules to manage dependencies. If you've cloned the repo into GOPATH, you should export GO111MODULE=on before running any go commands. All deps should be automatically fetched when using go build and go test. Add go mod tidy before committing.

Testing

Entire test suite:

go test ./...

Short, unit tests only:

go test -short ./...

Running locally

Keysync requires access to Keywhiz to work properly. Assuming you run Keywhiz locally on default port (4444), you can start keysync with:

./keysync --config keysync-config.yaml