Here at Bonito Tech, we use git-crypt for secret storage. It is an open-source encryption tool for git repositories. It leverages GPG (GNU Privacy Guard) to securely store sensitive data in the repository. With git-crypt, developers can store private keys, passwords, and other confidential information in their repository without compromising security.
Git-crypt was originally written for Linux and UNIX systems with Windows added later on. While it’s a very useful and convenient tool, setting it up for Windows can be a bit tricky, especially it may spit out an error Error: no GPG secret key available to unlock this repository.
despite having the key. Here’s how I had mine set-up.
Installing git-crypt
Git-crypt requires GPG to function (it is not bundled with the git-crypt installer). For Windows, Gpg4win works fine, be sure to launch Kleopatra after installation to setup the keys.
Git-crypt can be installed using the installer from the GitHub release page https://github.com/AGWA/git-crypt/releases but in my case, I use scoop to install it since I already use scoop to install and manage my CLI tools.
Configuring Git
Git needs to be configured such that the gpg.program
config variable points to the proper gpg.exe
executable. While this is unnecessary for Linux and Mac, there may be cases on Windows where Git cannot find the executable and produces the error when git crypt unlock
is invoked:
Error: no GPG secret key available to unlock this repository.
To unlock with a shared symmetric key instead, specify the path to the symmetric key as an argument to 'git-crypt unlock'.
This is despite having the correct key.
To configure, simply invoke the following in PowerShell:
git config --global gpg.program (gcm "gpg").Source
The same effect can be produced by manually finding the absolute path of gpg.exe
and setting that as the value for git config --global gpg.program
With the proper steps outlined above, git-crypt can be set up on Windows without any issues. It is a great tool for securely storing confidential details and can be a great addition to your git workflow.
Want more tech tips and guides? Check out Bonito Tech’s blog! With over 12 years of industry experience, we have plenty of ideas and stories to help you excel in your tech journey. From software development to consulting for businesses of all sizes, we’ve got you covered. Browse our blog today and take your tech skills to the next level!