\fBgit secret add\fR\- tells \fBgit secret\fR which files hold secrets, and adds filepath(s) into \fB\.gitsecret/paths/mapping\.cfg\fR\. (It is not recommended to alter \fB\.gitsecret/paths/mapping\.cfg\fR manually\.)
\fBgit secret add\fR\- tells \fBgit secret\fR which files hold secrets\.
.
.P
As of 0\.2\.6, this command also ensures the filepath is mentioned \fB\.gitignore\fR as the contents are now considered secret and should not be committed into the repository unencrypted\.
Adds filepath(s) into \fB\.gitsecret/paths/mapping\.cfg\fR\. (It is not recommended to alter \fB\.gitsecret/paths/mapping\.cfg\fR manually\.)
.
.P
As of 0\.2\.6, this command also ensures the filepath is in \fB\.gitignore\fR as the contents are now considered secret and should not be committed into the repository unencrypted\.
.
.P
The \fBadd\fR action will fail unless there are already users in \fBgit\-secret\fR\'s keyring\.
\fBgit\-secret\-changes\fR\- show changes between the current versions of secret files and encrypted versions\.
\fBgit\-secret\-changes\fR\- shows changes between the current versions of secret files and encrypted versions\.
.
.P
If no filenames are provided, changes to all hidden files will be shown\. Alternately, provide any number of hidden files to this command as arguments, and it will show changes for those files\.
\fBgit\-secret\-hide\fR\- writes an encrypted version (typically called \fBfilename\.txt\.secret\fR) of each file added by \fBgit\-secret\-add\fR command\.
\fBgit\-secret\-hide\fR\- writes an encrypted version of each file added by \fBgit\-secret\-add\fR command\.
.
.P
Then anyone enabled via \fBgit secret tell\fR can decrypt these files\.
.
.P
Under the hood, \fBgit\-secret\fR uses the keyring of public keys in \fB\.gitsecret/keys\fR to \fIencrypt\fR files\. Later a permitted user can use their secret key (typically from their home directory) to \fIdecrypt\fR files\.
Under the hood, \fBgit\-secret\fR uses the keyring of public keys in \fB\.gitsecret/keys\fR to \fIencrypt\fR files, encrypted versions are typically called \fBfilename\.txt\.secret\fR\.
.
.P
Later permitted users can use their secret key (typically from their home directory) to \fIdecrypt\fR files\.
.
.P
It is recommended to encrypt (or re\-encrypt) all the files in a \fBgit\-secret\fR repo each time \fBgit secret hide\fR is run\.
\fBgit\-secret\-reveal\fR\- decrypts passed files, or all files considered secret by \fBgit\-secret\fR
\fBgit\-secret\-reveal\fR\- decrypts passed files, or all files considered secret by \fBgit\-secret\fR\.
.
.P
Under the hood, \fBreveal\fR uses the \fBgpg \-\-decrypt\fR command and your private key (typically from your personal keyring in your home directory) to \fIdecrypt\fR files\.
.
.P
Therefore, for this operation to succeed, your personal keyring must contain a private key matching one of the public keys which were used to encrypt the secrets \-\- i\.e\., one of the public keys in \fBgit\-secret\fR repo\'s keyring when the file was encrypted\.
Therefore, for this operation to succeed, your personal keyring must contain a private key matching one of the public keys which were used to encrypt the secrets \-\- i\.e\., one of the public keys in your repo\'s \fBgit\-secret\fR keyring when the file was encrypted\.