|
|
|
|
|
|
by adityasaky
963 days ago
|
|
|
At present, gittuf's access control policies are centered around _write_ permissions rather than _read_. That said, we want to re-use some of the same policy semantics to build _read_ permissions too. So, you'd use the same mechanism in the policy to determine who can read an object, by their signing key to share the key used to encrypt the secret. We've looked at git-secret, git-crypt, etc. a little and we'd like to integrate with existing tools where possible rather than build anew. With the alpha release coming up soon, we ought to have more time to develop the read permissions side of gittuf. |
|
|