Initialize \fBgit\-secret\fR repository by running \fBgit secret init\fR command\.\fB\.gitsecret/\fR folder will be created, \fBnote\fR that \fB\.gitsecret/\fR folder should \fBnot\fR be ignored \fIhttps://github\.com/sobolevn/git\-secret/issues/39\fR\.
Now it\'s time to add files you wish to encrypt inside the \fBgit\-secret\fR repository\. It can be done by running \fBgit secret add <filenames\.\.\.>\fR command\. Make sure these files are ignored, otherwise \fBgit\-secret\fR won\'t allow you to add them, as these files will be stored unencrypted\.
When done, run \fBgit secret hide\fR all files, which you have added by \fBgit secret add\fR command will be encrypted with added public\-keys by the \fBgit secret tell\fR command\. Now it is safe to commit your changes\.\fBBut\fR\. It\'s recommended to add \fBgit secret hide\fR command to your \fBpre\-commit\fR hook, so you won\'t miss any changes\.
Note, that it is possible to add yourself to the system without decrypting existing files\. It will be possible to decrypt them after reencrypting them with the new keyring\. So, if you don\'t want unexpected keys added, make sure to configure some server\-side security policy with the \fBpre\-receive\fR hook\.
You can configure several things to suit your workflow better\. To do so, just set the required variable to the value you need\. This can be done in your shell environment file or with the each \fBgit\-secret\fR command\.
.
.P
These settings are available to be changed:
.
.IP"\(bu"4
\fB$SECRETS_GPG_COMMAND\fR\- sets the \fBgpg\fR alternatives, defaults to \fBgpg\fR\. It can be changed to \fBgpg\fR, \fBgpg2\fR, \fBpgp\fR, \fB/usr/local/gpg\fR or any other value\. After doing so rerun tests to be sure, that it won\'t break anything\. Tested to be working with: \fBgpg\fR, \fBgpg2\fR\.
.
.IP"\(bu"4
\fB$SECRETS_EXTENSION\fR\- sets the secret files extension, defaults to \fB\.secret\fR\. It can be changed to any valid file extension\.
