Keysync is a production-ready program for accessing secrets in Keywhiz.
It is a replacement for the now-deprecated FUSE-based keywhiz-fs.
Keysync must be built with Go 1.11+. You can build keysync from source:
$ git clone https://github.com/square/keysync $ cd keysync $ go build github.com/square/keysync/cmd/keysync
This will generate a binary called
Keysync uses Go modules to manage dependencies. If you've cloned the repo into
GOPATH, you should export
GO111MODULE=on before running any
go commands. All deps should be automatically fetched when using
go build and
go test. Add
go mod tidy before committing.
Entire test suite:
go test ./...
Short, unit tests only:
go test -short ./...
Keysync requires access to Keywhiz to work properly. Assuming you run Keywhiz locally on default port (4444), you can start keysync with:
./keysync --config keysync-config.yaml