diff --git a/Makefile b/Makefile index 63552ca2..f47438cf 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,10 @@ +SHELL:=/usr/bin/env bash +PREFIX?="/usr" + +# +# Building: +# + all: build git-secret: src/_utils/* src/commands/* src/main.sh @@ -9,6 +16,14 @@ clean: build: git-secret +install: clean build + @chmod +x "./utils/install.sh" + @sudo "./utils/install.sh" "$(PREFIX)" + +# +# Testing: +# + install-test: git clone https://github.com/sstephenson/bats.git vendor/bats @@ -19,15 +34,23 @@ test: rm -rf temp; mkdir temp; cd temp; \ bats "../tests"; -install-man: - gem install ronn +# +# Manuals: +# + +install-ronn: + @if [ ! `gem list ronn -i` == "true" ]; then gem install ronn; fi build-man: - @if [ ! `gem list ronn -i` == "true" ]; then make install-man; fi - ronn --roff man/man1/*.ronn + @make install-ronn + ronn --roff man/*/*.ronn build-gh-pages: - @/usr/bin/env bash utils/gh-branch.sh + @"./utils/gh-branch.sh" + +# +# Development: +# install-hooks: @# pre-commit: @@ -38,3 +61,16 @@ install-hooks: @chmod +x "${PWD}/.git/hooks/post-commit" develop: clean build install-hooks + +# +# Packaging: +# + +install-fpm: + @if [ ! `gem list fpm -i` == "true" ]; then gem install fpm; fi + +build-deb: clean build + @make install-fpm + @chmod +x "./utils/build-deb.sh" + @"./utils/build-deb.sh" + diff --git a/README.md b/README.md index 2850bff2..1869d6a8 100644 --- a/README.md +++ b/README.md @@ -6,10 +6,14 @@ ![git-secret terminal preview](https://raw.githubusercontent.com/sobolevn/git-secret/gh-pages/images/gitsecret_terminal.gif) -## Installation and Usage +## Usage See the [git-secret site](https://sobolevn.github.io/git-secret/). +## Installation + +See the [installation section](https://sobolevn.github.io/git-secret/#installation). + ## Status This project is still under development. Current objectives: @@ -17,15 +21,19 @@ This project is still under development. Current objectives: - add `trust-model` parameter to `git-secret-hide` - autocomplete for `zsh` plugin - extra tests -- precompiled distributions for `brew` and other package managers -- create `CONTRIBUTING.md` with custom styleguide, refactor code due to styleguide +- precompiled distribution for `RPM` +- integrate [`shellcheck`](https://github.com/koalaman/shellcheck) for code style tests +- create `CONTRIBUTING.md` with development process explained - сygwin support (?) - ## Testing -For testing this project uses [`bats`](1). You can install it by running `make install-test`. -To run tests call: `make test`. It will download and install `bats` into `vandor/bats` if it's not installed yet. +For testing this project uses [`bats`](https://github.com/sstephenson/bats). You can install it by running `make install-test`. +To run tests call: `make test`. It will download and install `bats` into `vendor/bats` if it's not installed yet. + + +## Changelog +### Version 0.1.0 -[1]: https://github.com/sstephenson/bats +- Initial release diff --git a/man/man1/git-secret.7 b/man/man7/git-secret.7 similarity index 95% rename from man/man1/git-secret.7 rename to man/man7/git-secret.7 index 929c1aee..6b15b102 100644 --- a/man/man1/git-secret.7 +++ b/man/man7/git-secret.7 @@ -1,7 +1,7 @@ .\" generated with Ronn/v0.7.3 .\" http://github.com/rtomayko/ronn/tree/0.7.3 . -.TH "GIT\-SECRET" "7" "February 2016" "" "" +.TH "GIT\-SECRET" "7" "March 2016" "" "" . .SH "NAME" \fBgit\-secret\fR @@ -26,7 +26,7 @@ There\'s a known problem in server configuration and deploying, when you have to These files are not version controlled\. Filenames change, locations change, passwords change from time to time, some new information appears, other is removed\. And you can not tell for sure which version of the configuration file was used with each commit\. . .IP "2." 4 -When building the automated deploment system there will be one extra step: download and place these secret\-configuration files where they need to be\. So you have to maintain an extra secure server, where everything is stored\. +When building the automated deployment system there will be one extra step: download and place these secret\-configuration files where they need to be\. So you have to maintain an extra secure server, where everything is stored\. . .IP "" 0 . diff --git a/man/man1/git-secret.7.ronn b/man/man7/git-secret.7.ronn similarity index 87% rename from man/man1/git-secret.7.ronn rename to man/man7/git-secret.7.ronn index 21a4a0c9..3c41af24 100644 --- a/man/man1/git-secret.7.ronn +++ b/man/man7/git-secret.7.ronn @@ -39,18 +39,31 @@ You can add your platform to this list, if all the tests pass for you. There are several ways to install `git-secret`: -**The hard way** +**Brew** -1. Clone the repository first: `git clone https://github.com/sobolevn/git-secret.git git-secret` -2. Run `cd git-secret && make build` -3. Move `git-secret` file and `man/` folder somewhere inside your `$PATH`, or extend your `$PATH` to contain `git-secret` file and `man/` folder +1. Run `brew install sobolevn/tap/git-secret` **`antigen` plugin (or any other `oh-my-zsh`-styled plugin-systems)** 1. Add line `antigen bundle sobolevn/git-secret` to your `.zshrc` 2. Run `source ~/.zshrc` or reopen the terminal -`brew` and `fpm` support is planned. +**`make install`** + +1. Download the latest realease [here](https://github.com/sobolevn/git-secret/releases) +2. Unpack and run `make install PREFIX="your/installation/path"`, note that this command may require `sudo` + +**The hard way** + +1. Clone the repository first: `git clone https://github.com/sobolevn/git-secret.git git-secret` +2. Run `cd git-secret && make build` +3. Move `git-secret` file and `man/` folder somewhere inside your `$PATH`, or extend your `$PATH` to contain `git-secret` file and `man/` folder + +**Local `.deb` package** + +1. Download the latest realease [here](https://github.com/sobolevn/git-secret/releases) +2. Unpack, and run `make build-deb`, it is possible to set the output folder with `$SCRIPT_BUILD_DIR` variable. +3. Install the local `.deb` package with `dpkp -i git-secret-package-name.deb`, note that this command may require `sudo` and the package name will be different ## Usage These steps cover the basic process of using `git-secret`: diff --git a/src/_utils/_git_secret_tools.sh b/src/_utils/_git_secret_tools.sh index 21da88ca..d1a1adf8 100644 --- a/src/_utils/_git_secret_tools.sh +++ b/src/_utils/_git_secret_tools.sh @@ -1,5 +1,7 @@ #!/usr/bin/env bash +GITSECRET_VERSION="0.1.0" + # Global variables: WORKING_DIRECTORY="$PWD" diff --git a/src/commands/git_secret_reveal.sh b/src/commands/git_secret_reveal.sh index 973ddab5..6143a0eb 100644 --- a/src/commands/git_secret_reveal.sh +++ b/src/commands/git_secret_reveal.sh @@ -32,11 +32,11 @@ function reveal { fi if [[ ! -z "$passphrase" ]]; then - base="$base --batch --yes --passphrase $passphrase" + echo "$passphrase" | $base --batch --yes --no-tty --passphrase-fd 0 -o "$line" "$encrypted_filename" + else + $base -o "$line" "$encrypted_filename" fi - $base -o "$line" "$encrypted_filename" - counter=$((counter+1)) done < "$SECRETS_DIR_PATHS_MAPPING" diff --git a/src/main.sh b/src/main.sh index 52573a46..011c88b4 100755 --- a/src/main.sh +++ b/src/main.sh @@ -29,19 +29,29 @@ function _incorrect_usage { } -function _init_script { - # checking for proper set-up: - _check_setup +function _show_version { + echo "$GITSECRET_VERSION" + exit 0 +} + +function _init_script { if [[ $# == 0 ]]; then _incorrect_usage "no input parameters provided." 126 fi + if [[ $1 == "--version" ]]; then + _show_version + fi + + # checking for proper set-up: + _check_setup + # load dependencies: # for f in ${0%/*}/src/*/*; do [[ -f "$f" ]] && . "$f"; done # routing the input command: - if [[ $(_function_exists "$1") == 0 ]] && [[ ! $1 == _* ]]; then + if [[ $(_function_exists $1) == 0 ]] && [[ ! $1 == _* ]]; then $1 "${@:2}" else _incorrect_usage "command $1 not found." 126 diff --git a/tests/test_main.bats b/tests/test_main.bats index f52e9daa..6a1d5838 100644 --- a/tests/test_main.bats +++ b/tests/test_main.bats @@ -23,3 +23,9 @@ function teardown { run git secret notacommand [ "$status" -eq 126 ] } + + +@test "run 'git secret --version'" { + run git secret --version + [ "$output" == "$GITSECRET_VERSION" ] +} diff --git a/utils/build-deb.sh b/utils/build-deb.sh new file mode 100755 index 00000000..e20af392 --- /dev/null +++ b/utils/build-deb.sh @@ -0,0 +1,48 @@ +#!/usr/bin/env bash + +set -e + +# Initializing and settings: +READ_PEM=0644 +EXEC_PEM=0755 + +SCRIPT_NAME="git-secret" +SCRIPT_DESCRIPTION="A bash-tool to store your private data inside a git repository." +SCRIPT_VERSION=$(bash ${PWD}/git-secret --version) +: ${SCRIPT_EPOCH:=0} +: ${SCRIPT_ITERATION:=1} + +if [[ -z "$SCRIPT_BUILD_DIR" ]]; then + SCRIPT_BUILD_DIR="${HOME}/debbuild-${SCRIPT_NAME}" +fi + +SCRIPT_DEST_DIR="${SCRIPT_BUILD_DIR}/installroot" + +# Preparing the files +rm -rf "$SCRIPT_BUILD_DIR" +mkdir -p "$SCRIPT_DEST_DIR" + +# Coping the files inside the build folder: +install -D -T -b -m "$EXEC_PEM" -T "git-secret" "${SCRIPT_DEST_DIR}/usr/bin/git-secret" +install -m "$READ_PEM" -d "${SCRIPT_DEST_DIR}/usr/share/man/man1" +install -m "$READ_PEM" -d "${SCRIPT_DEST_DIR}/usr/share/man/man7" +for file in man/man1/* ; do + if [[ "$file" == *.ronn ]]; then + continue + fi + + install -D -T -b -m "$READ_PEM" -T "$file" "${SCRIPT_DEST_DIR}/usr/share/${file}" +done +install -D -T -b -m "$READ_PEM" -T "man/man7/git-secret.7" \ + "${SCRIPT_DEST_DIR}/usr/share/man/man7/git-secret.7" + +# Building .deb package: +cd "$SCRIPT_DEST_DIR" && fpm -s dir -t deb \ + -a all \ + -n "$SCRIPT_NAME" \ + --epoch "$SCRIPT_EPOCH" \ + --version "$SCRIPT_VERSION" \ + --iteration "$SCRIPT_ITERATION" \ + --description="$SCRIPT_DESCRIPTION" \ + -C "$SCRIPT_DEST_DIR" \ + . diff --git a/utils/install.sh b/utils/install.sh new file mode 100755 index 00000000..89e006d0 --- /dev/null +++ b/utils/install.sh @@ -0,0 +1,37 @@ +#!/usr/bin/env bash +set -e + +# Credit goes to: +# https://github.com/sstephenson/bats/blob/master/install.sh +resolve_link() { + $(type -p greadlink readlink | head -1) "$1" +} + +abs_dirname() { + local cwd="$(pwd)" + local path="$1" + + while [ -n "$path" ]; do + cd "${path%/*}" + local name="${path##*/}" + path="$(resolve_link "$name" || true)" + done + + pwd + cd "$cwd" +} + +PREFIX="$1" +if [ -z "$PREFIX" ]; then + echo "usage: $0 " >&2 + exit 1 +fi + +SCRIPT_ROOT="$(dirname $(abs_dirname "$0"))" + +mkdir -p "$PREFIX"/bin "$PREFIX"/share/man/man1 "$PREFIX"/share/man/man7 +cp "$SCRIPT_ROOT"/git-secret "$PREFIX"/bin/git-secret +cp -R "$SCRIPT_ROOT"/man/man1/* "$PREFIX"/share/man/man1 +cp "$SCRIPT_ROOT"/man/man7/git-secret.7 "$PREFIX"/share/man/man7/git-secret.7 + +echo "Installed git-secret to $PREFIX/bin/git-secret" diff --git a/utils/post-commit.sh b/utils/post-commit.sh index 836d81a7..f37496e7 100755 --- a/utils/post-commit.sh +++ b/utils/post-commit.sh @@ -4,7 +4,14 @@ set -e BRANCH_NAME=$(git branch | grep '*' | sed 's/* //') -if [[ $BRANCH_NAME == 'master' ]]; then +if [[ "$BRANCH_NAME" == 'master' ]]; then # Build new web documentation: make build-gh-pages + + # create new release: + NEWEST_TAG=$(git describe --abbrev=0 --tags) + SCRIPT_VERSION=$(git secret --version) + if [[ "$NEWEST_TAG" != "$SCRIPT_VERSION" ]]; then + git tag -a "$SCRIPT_VERSION" -m "version $SCRIPT_VERSION" + fi fi