5 unstable releases
| new 0.4.1 | Oct 28, 2024 |
|---|---|
| 0.4.0 | Oct 28, 2024 |
| 0.3.0 | Oct 25, 2024 |
| 0.2.1 | Jul 18, 2024 |
| 0.0.0 |
|
#109 in Authentication
394 downloads per month
69KB
1.5K
SLoC
hanko
hanko keeps your allowed signers file up to date with signing keys configured on platforms like GitHub and GitLab.
Usage
Keeps your allowed signers file up to date with signing keys configured on platforms like GitHub and GitLab.
Usage: hanko [OPTIONS] <COMMAND>
Commands:
update Update the allowed signers file
help Print this message or the help of the given subcommand(s)
Options:
-c, --config <PATH> The configuration file [env: HANKO_CONFIG=]
--file <PATH> The allowed signers file [env: HANKO_ALLOWED_SIGNERS=]
-v, --verbose... Increase verbosity
-h, --help Print help
-V, --version Print version
Configuring Signers
To use hanko, a set of signers to track need to be configured first. As an example,
we'll create a configuration file in the default location ~/.config/hanko/config.toml
containing a single signer using the default GitHub source.
[[signers]]
name = "octocat"
principals = ["octocat@github.com"]
Updating the allowed signers file
Once we've configured our signers, we can run the update command.
If an allowed signers file is configured in Git, hanko will write to that file.
Should no allowed signers file be configured within Git, or you want to specify a different path, the --file runtime option may be used.
$ hanko -v update
2024-10-25T14:01:49.140028Z INFO load_and_validate: hanko::config: Loading configuration file path="/home/vscode/.config/hanko/config.toml"
2024-10-25T14:01:49.243660Z INFO hanko::cli::main: Updated allowed signers file /home/vscode/.config/git/allowed_signers in 105.315473ms
Example Configuration
signers = [
{ name = "torvalds", principals = ["torvalds@linux-foundation.org"], sources = ["github"] },
{ name = "gvanrossum", principals = ["guido@python.org"], sources = ["github", "gitlab"] },
{ name = "graydon", principals = ["graydon@pobox.com"], sources = ["github"] },
{ name = "cwoods", principals = ["cwoods@acme.corp"], sources = ["acme-corp"] },
{ name = "rdavis", principals = ["rdavis@acme.corp"], sources = ["acme-corp"] },
{ name = "pbrock", principals = ["pbrock@acme.corp"], sources = ["acme-corp"] }
]
[[sources]]
name = "acme-corp"
provider = "gitlab"
url = "https://git.acme.corp"
Optional Features
The following cargo features can be used to enable additional functionality.
- detect-allowed-signers (enabled by default): Enables use of the gix-config crate to detect the location of the allowed signers file from Git configuration.
Contributing
Contributions of all sizes that improve hanko in any way, be it DX/UX, documentation, performance or other are highly appreciated.
To get started, please read the contribution guidelines. Before starting work on a new feature you would like to contribute that may impact simplicity, reliability or performance, please open an issue first.
License
The source code of this project is licensed under the MIT License. For more information, see LICENSE.
Dependencies
~14–32MB
~502K SLoC