Question 1

How to use dotgpg without installing Ruby?

Accepted Answer

You can manually use GPG commands: export keys with 'gpg --armor --export', decrypt with 'gpg --decrypt', and edit with vim-gnupg. However, this loses dotgpg's convenience tools and requires syncing GPG keys manually.

Question 2

dotgpg vs ansible-vault for managing secrets?

Accepted Answer

dotgpg is git-centric and uses GPG for encryption, ideal for teams already using GPG. Ansible-vault is integrated with Ansible for automation and uses AES, better for infrastructure-as-code workflows but less suited for general version control.

Question 3

How to revoke access in dotgpg if someone leaves the team?

Accepted Answer

Use the 'dotgpg rm' command with their email address to remove their GPG key from the directory. This prevents future decryption, but they may still access locally cached encrypted files.

Question 4

Can I integrate dotgpg with CI/CD pipelines like Jenkins or GitHub Actions?

Accepted Answer

Yes, by running 'dotgpg cat' to decrypt secrets during deployment, but you must manage GPG keys on the CI server securely, which adds complexity and potential security risks.

Question 5

How does dotgpg handle merge conflicts in encrypted files with git?

Accepted Answer

With the configured merge driver, dotgpg decrypts files, merges the content, and re-encrypts, leaving conflict markers in the decrypted text. The file remains valid GPG, but conflicts must be resolved manually.

Question 6

Is dotgpg secure enough for production API keys?

Accepted Answer

Yes, it relies on GPG encryption which is industry-standard, but security depends on strong passphrases and proper key management. The README warns about risks if GPG keys are compromised.

dotgpg

What is dotgpg?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions