Skip to content
Keysync periodically downloads secrets from Keywhiz
Go Shell
Branch: master
Clone or download
mcpherrinm Merge pull request #94 from square/mmc-remove-oldClients
Delete secrets when syncing a removed client
Latest commit b8fb1a8 Aug 19, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
cmd Move monitor/ to cmd/monitor Aug 17, 2019
fixtures Use os/user for handling uids/gids Aug 9, 2019
ownership Make keysync golangci-lint clean Aug 16, 2019
testing Merge pull request #94 from square/mmc-remove-oldClients Aug 18, 2019
.gitignore Ignore build artifacts and provide sample keysync config file Aug 24, 2018
.travis.yml Delete secrets when syncing a removed client Aug 17, 2019
BUG-BOUNTY.md Update bug bounty link Apr 11, 2018
CONTRIBUTING.md Housekeeping Jun 13, 2019
Dockerfile-test Delete secrets when syncing a removed client Aug 17, 2019
LICENSE.txt Commit boilerplate: License, contributing, bug bounty Oct 21, 2016
README.md Remove vendoring Aug 16, 2019
TODO Return appropriate type from secret.ModeValue() Feb 6, 2017
api.go Delete secrets when syncing a removed client Aug 17, 2019
api_test.go Delete secrets when syncing a removed client Aug 17, 2019
bundle.go Update Sirupsen/logrus path to match current name (sirupsen/logrus) Feb 27, 2019
bundle_test.go
client.go Require modern TLS. Aug 17, 2019
client_test.go Make keysync golangci-lint clean Aug 16, 2019
config.go Make keysync golangci-lint clean Aug 16, 2019
config_test.go More robust sync mechanism (#63) Sep 4, 2018
go.mod
go.sum Bump github.com/stretchr/testify from 1.3.0 to 1.4.0 Aug 16, 2019
keysync-sample-config.yaml Use os/user for handling uids/gids Aug 9, 2019
secret.go Make keysync golangci-lint clean Aug 16, 2019
secret_test.go Use os/user for handling uids/gids Aug 9, 2019
syncer.go Delete secrets when syncing a removed client Aug 17, 2019
syncer_test.go Delete secrets when syncing a removed client Aug 17, 2019
util_test.go Update Sirupsen/logrus path to match current name (sirupsen/logrus) Feb 27, 2019
write.go Make keysync golangci-lint clean Aug 16, 2019
write_test.go Make keysync golangci-lint clean Aug 16, 2019

README.md

Keysync

license build report

Keysync is a production-ready program for accessing secrets in Keywhiz.

It is a replacement for the now-deprecated FUSE-based keywhiz-fs.

Getting Started

Building

Keysync must be built with Go 1.11+. You can build keysync from source:

$ git clone https://github.com/square/keysync
$ cd keysync
$ go build github.com/square/keysync/cmd/keysync

This will generate a binary called ./keysync

Dependencies

Keysync uses Go modules to manage dependencies. If you've cloned the repo into GOPATH, you should export GO111MODULE=on before running any go commands. All deps should be automatically fetched when using go build and go test. Add go mod tidy before committing.

Testing

Entire test suite:

go test ./...

Short, unit tests only:

go test -short ./...

Running locally

Keysync requires access to Keywhiz to work properly. Assuming you run Keywhiz locally on default port (4444), you can start keysync with:

./keysync --config keysync-config.yaml
You can’t perform that action at this time.