Initialize \fBgit\-secret\fR repository by running \fBgit secret init\fR command\.\fB\.gitsecret/\fR folder will be created, \fBnote\fR that \fB\.gitsecret/\fR folder with the exception of the random_seed file should \fBnot\fR ignored via inclusion in your \.gitignore file \fIhttps://github\.com/sobolevn/git\-secret/issues/39\fR\.
Now it\'s time to add files you wish to encrypt inside the \fBgit\-secret\fR repository\. It can be done by running \fBgit secret add <filenames\.\.\.>\fR command\. Make sure these files are ignored by mentions in \.gitignore, otherwise \fBgit\-secret\fR won\'t allow you to add them, as these files could be stored unencrypted\.
When done, run \fBgit secret hide\fR to encrypt all files which you have added by the \fBgit secret add\fR command\. The data will be encrypted with the public\-keys described by the \fBgit secret tell\fR command\. After using \fBgit secret hide\fR to encrypt your data, it is safe to commit your changes\.\fBNOTE:\fR\. It\'s recommended to add \fBgit secret hide\fR command to your \fBpre\-commit\fR hook, so you won\'t miss any changes\.
Later you can decrypt files with the \fBgit secret reveal\fR command, or just show their contents to strdout with the \fBgit secret cat\fR command\. If you used a password on you GPG key (always recommended), it will ask you for your password\. And you\'re done!
Then re\-encrypt the files using \fBgit secret reveal; git secret hide \-d\fR\. (The \-d options deletes the unencrypted file after re\-encrypting it)\. Now the newly added user be able to decrypt them using \fBgit\-secret\fR and their secret key\.
Note that it is possible to add yourself to the system without decrypting existing files\. It will be possible to decrypt them after reencrypting them with the new keyring\. So, if you don\'t want unexpected keys added, make sure to configure some server\-side security policy with the \fBpre\-receive\fR hook\.
You can configure several things to suit your workflow better\. To do so, just set the required variable to the value you need\. This can be done in your shell environment file or with the each \fBgit\-secret\fR command\.
\fB$SECRETS_GPG_COMMAND\fR\- sets the \fBgpg\fR alternatives, defaults to \fBgpg\fR\. It can be changed to \fBgpg\fR, \fBgpg2\fR, \fBpgp\fR, \fB/usr/local/gpg\fR or any other value\. After doing so rerun the tests to be sure that it won\'t break anything\. Tested to be working with: \fBgpg\fR, \fBgpg2\fR\.
.SH"Internals \-\- the <code>\.gitsecret</code> folder"
This folder contains all the information about the data encrypted in this repo\. Use the \'git secret\' commands to manipulate these files, you should not change the data in these files directly\.
which currently contains only the file \fBmapping\.cfg\fR, which lists all the files your storing encrypted\. In other words, the path mappings: what files are tracked to be hidden and revealed\.
