From 40c63e9960c580bc04cc2eb30167242677088162 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 19:30:51 -0400 Subject: [PATCH 01/30] add git secret cat filename [filename2] feature --- src/commands/git_secret_cat.sh | 51 ++++++++++++++++++++++++++++++++ src/commands/git_secret_usage.sh | 2 +- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 src/commands/git_secret_cat.sh diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh new file mode 100644 index 00000000..128bd8f7 --- /dev/null +++ b/src/commands/git_secret_cat.sh @@ -0,0 +1,51 @@ +#!/usr/bin/env bash + + +function cat { + local homedir='' + local passphrase='' + local force=0 + + OPTIND=1 + + while getopts 'hfd:p:' opt; do + case "$opt" in + h) _show_manual_for 'cat';; + + f) force=1;; + + p) passphrase=$OPTARG;; + + d) homedir=$OPTARG;; + + *) _invalid_option_for 'cat';; + esac + done + + shift $((OPTIND-1)) + [ "$1" = '--' ] && shift + + _user_required + + # Command logic: + + local path_mappings + path_mappings=$(_get_secrets_dir_paths_mapping) + + local counter=0 + for line in "$@" + do + local filename + local path + echo $line + filename=$(_get_record_filename "$line") + path=$(_append_root_path "$filename") + + # The parameters are: filename, write-to-file, force, homedir, passphrase + _decrypt "$path" "0" "$force" "$homedir" "$passphrase" + + counter=$((counter+1)) + done + + #echo "done. all $counter files are revealed." +} diff --git a/src/commands/git_secret_usage.sh b/src/commands/git_secret_usage.sh index fa4e22e7..cbf1c17c 100644 --- a/src/commands/git_secret_usage.sh +++ b/src/commands/git_secret_usage.sh @@ -19,7 +19,7 @@ function usage { # to the old dynamic-loading version of this code. # thanks to @antmak it is now fixed, see: # https://github.com/sobolevn/git-secret/issues/47 - local commands="add|changes|clean|hide|init|killperson|list|remove|reveal|tell|usage|whoknows" + local commands="add|cat|changes|clean|hide|init|killperson|list|remove|reveal|tell|usage|whoknows" echo "usage: git secret [$commands]" } From 50f5a9cf021a1e24f7ccea065dc27cfbdddf6091 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 19:37:44 -0400 Subject: [PATCH 02/30] ronn file for manpage --- man/man1/git-secret-cat.1.ronn | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 man/man1/git-secret-cat.1.ronn diff --git a/man/man1/git-secret-cat.1.ronn b/man/man1/git-secret-cat.1.ronn new file mode 100644 index 00000000..ca4f6ba8 --- /dev/null +++ b/man/man1/git-secret-cat.1.ronn @@ -0,0 +1,27 @@ +git-secret-cat - decrypts files passed on command line to stdout +============================================= + +## SYNOPSIS + + git secret cat [-f] [-d dir] [-p password] filename [filenames] + + +## DESCRIPTION +`git-secret-cat` - decrypts the files passed on the command line and in the `.gitsecret/paths/mapping.cfg` by running a `gpg --decrypt` command and printing the output to stdout. It is important to have paired secret-key with one of the public-keys, which were used in the encryption. + + +## OPTIONS + + -d - specifies `--homedir` option for the `gpg`, basically use this option if your store your keys in a custom location. + -p - specifies password for noinput mode, adds `--passphrase` option for `gpg`. + -h - shows help. + + +## MANUAL + +Run `man git-secret-cat` to see this note. + + +## SEE ALSO + +[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-cat) From 85854df8fda802ac5cb405c778b33ebc5af74713 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 19:40:09 -0400 Subject: [PATCH 03/30] cleanup. Remove -f option. --- man/man1/git-secret-cat.1.ronn | 2 +- src/commands/git_secret_cat.sh | 12 ++---------- 2 files changed, 3 insertions(+), 11 deletions(-) diff --git a/man/man1/git-secret-cat.1.ronn b/man/man1/git-secret-cat.1.ronn index ca4f6ba8..2ebb0fb1 100644 --- a/man/man1/git-secret-cat.1.ronn +++ b/man/man1/git-secret-cat.1.ronn @@ -3,7 +3,7 @@ git-secret-cat - decrypts files passed on command line to stdout ## SYNOPSIS - git secret cat [-f] [-d dir] [-p password] filename [filenames] + git secret cat [-d dir] [-p password] filename [filenames] ## DESCRIPTION diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh index 128bd8f7..d794de47 100644 --- a/src/commands/git_secret_cat.sh +++ b/src/commands/git_secret_cat.sh @@ -4,7 +4,6 @@ function cat { local homedir='' local passphrase='' - local force=0 OPTIND=1 @@ -12,8 +11,6 @@ function cat { case "$opt" in h) _show_manual_for 'cat';; - f) force=1;; - p) passphrase=$OPTARG;; d) homedir=$OPTARG;; @@ -32,20 +29,15 @@ function cat { local path_mappings path_mappings=$(_get_secrets_dir_paths_mapping) - local counter=0 for line in "$@" do local filename local path - echo $line + #echo $line filename=$(_get_record_filename "$line") path=$(_append_root_path "$filename") # The parameters are: filename, write-to-file, force, homedir, passphrase - _decrypt "$path" "0" "$force" "$homedir" "$passphrase" - - counter=$((counter+1)) + _decrypt "$path" "0" "0" "$homedir" "$passphrase" done - - #echo "done. all $counter files are revealed." } From dc4c8d72844aba45983d650d5618500ea34be658 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 20:02:16 -0400 Subject: [PATCH 04/30] bump version to 0.2.4 --- CHANGELOG.md | 6 +++++- src/version.sh | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index cb3c260e..03e1faaa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ # Changelog +## Version 0.2.4 + +- Added `git secret cat` feature + ## Version 0.2.3 + - Added `-m` option to `hide` command, files will only be hidden when modifications are detected (#92) - Changed how path mappings file works: colon delimited FSDB (#92) - Fixed `gnupg` >= 2.1 CI tests (#6) @@ -31,7 +36,6 @@ - Refactored `hide` and `clean` commands to be shorter - `shellcheck` is now supported with `make lint` - ## Version 0.2.1 - Now everything is tested inside the `docker`-containers and `OSX` images on `travis`. diff --git a/src/version.sh b/src/version.sh index f9ff5674..4803b553 100644 --- a/src/version.sh +++ b/src/version.sh @@ -1,4 +1,4 @@ #!/usr/bin/env bash # shellcheck disable=2034 -GITSECRET_VERSION='0.2.3' +GITSECRET_VERSION='0.2.4' From badb0938d95d9a505a88e76fae56435f48c31d49 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 20:04:15 -0400 Subject: [PATCH 05/30] remove unused variable --- src/commands/git_secret_cat.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh index d794de47..29a8c900 100644 --- a/src/commands/git_secret_cat.sh +++ b/src/commands/git_secret_cat.sh @@ -26,8 +26,8 @@ function cat { # Command logic: - local path_mappings - path_mappings=$(_get_secrets_dir_paths_mapping) + #local path_mappings + #path_mappings=$(_get_secrets_dir_paths_mapping) for line in "$@" do From c0012a63e641de1bcc4b08bf3fe7446165906f16 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 20:18:13 -0400 Subject: [PATCH 06/30] add references to git secret cat in ronn docs. --- man/man1/git-secret-cat.1.ronn | 2 +- man/man1/git-secret-changes.1.ronn | 2 +- man/man1/git-secret-hide.1.ronn | 4 ++-- man/man1/git-secret-list.1.ronn | 2 +- man/man1/git-secret-reveal.1.ronn | 4 ++-- man/man1/git-secret-tell.1.ronn | 2 +- man/man1/git-secret-usage.1.ronn | 2 +- man/man1/git-secret-whoknows.1.ronn | 2 +- 8 files changed, 10 insertions(+), 10 deletions(-) diff --git a/man/man1/git-secret-cat.1.ronn b/man/man1/git-secret-cat.1.ronn index 2ebb0fb1..f4d457a2 100644 --- a/man/man1/git-secret-cat.1.ronn +++ b/man/man1/git-secret-cat.1.ronn @@ -7,7 +7,7 @@ git-secret-cat - decrypts files passed on command line to stdout ## DESCRIPTION -`git-secret-cat` - decrypts the files passed on the command line and in the `.gitsecret/paths/mapping.cfg` by running a `gpg --decrypt` command and printing the output to stdout. It is important to have paired secret-key with one of the public-keys, which were used in the encryption. +`git-secret-cat` - Outputs to stdout the contents of the files named on the command line by running a `gpg --decrypt` command. As with `git-secret-reveal`, it is important to have paired secret-key with one of the public-keys, which were used in the encryption. ## OPTIONS diff --git a/man/man1/git-secret-changes.1.ronn b/man/man1/git-secret-changes.1.ronn index d0a75983..a98bef8f 100644 --- a/man/man1/git-secret-changes.1.ronn +++ b/man/man1/git-secret-changes.1.ronn @@ -24,4 +24,4 @@ Run `man git-secret-changes` to see this note. ## SEE ALSO -[git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal) +[git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat) diff --git a/man/man1/git-secret-hide.1.ronn b/man/man1/git-secret-hide.1.ronn index fe9475bf..7b1250e6 100644 --- a/man/man1/git-secret-hide.1.ronn +++ b/man/man1/git-secret-hide.1.ronn @@ -7,7 +7,7 @@ git-secret-hide - encrypts all added files with the inner keyring. ## DESCRIPTION -`git-secret-hide` create an encrypted version for each file added by `git-secret-add` command. Now anyone from the `git-secret`'s keyring can decrypt these files using their secret key. +`git-secret-hide` creates an encrypted version for each file added by `git-secret-add` command. Now anyone from the `git-secret`'s keyring can decrypt these files using their secret key. It is possible to modify the names of the encrypted files by setting `SECRETS_EXTENSION` variable. @@ -28,4 +28,4 @@ Run `man git-secret-hide` to see this note. ## SEE ALSO -[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal) +[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat) diff --git a/man/man1/git-secret-list.1.ronn b/man/man1/git-secret-list.1.ronn index 892380f7..9adbf163 100644 --- a/man/man1/git-secret-list.1.ronn +++ b/man/man1/git-secret-list.1.ronn @@ -22,4 +22,4 @@ Run `man git-secret-list` to see this note. ## SEE ALSO -[git-secret-whoknows(1)](http://git-secret.io/git-secret-whoknows), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-remove(1)](http://git-secret.io/git-secret-remove), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal) +[git-secret-whoknows(1)](http://git-secret.io/git-secret-whoknows), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-remove(1)](http://git-secret.io/git-secret-remove), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat) diff --git a/man/man1/git-secret-reveal.1.ronn b/man/man1/git-secret-reveal.1.ronn index 0dcc6951..74ec0bf0 100644 --- a/man/man1/git-secret-reveal.1.ronn +++ b/man/man1/git-secret-reveal.1.ronn @@ -7,7 +7,7 @@ git-secret-reveal - decrypts all added files. ## DESCRIPTION -`git-secret-reveal` - decrypts all the files in the `.gitsecret/paths/mapping.cfg` by running a `gpg --decrypt` command. It is important to have paired secret-key with one of the public-keys, which were used in the encryption. +`git-secret-reveal` - decrypts all the files in the `.gitsecret/paths/mapping.cfg` by running a `gpg --decrypt` command. It is important to have paired secret-key with one of the public-keys which were used in the encryption. ## OPTIONS @@ -25,4 +25,4 @@ Run `man git-secret-reveal` to see this note. ## SEE ALSO -[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide) +[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-cat(1)](http://git-secret.io/git-secret-cat), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide) diff --git a/man/man1/git-secret-tell.1.ronn b/man/man1/git-secret-tell.1.ronn index 86c36672..1453167e 100644 --- a/man/man1/git-secret-tell.1.ronn +++ b/man/man1/git-secret-tell.1.ronn @@ -26,4 +26,4 @@ Run `man git-secret-tell` to see this note. ## SEE ALSO -[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-killperson(1)](http://git-secret.io/git-secret-killperson) +[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat), [git-secret-killperson(1)](http://git-secret.io/git-secret-killperson) diff --git a/man/man1/git-secret-usage.1.ronn b/man/man1/git-secret-usage.1.ronn index 50b6bb37..e0506d26 100644 --- a/man/man1/git-secret-usage.1.ronn +++ b/man/man1/git-secret-usage.1.ronn @@ -22,4 +22,4 @@ Run `man git-secret-usage` to see this note. ## SEE ALSO -[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal) +[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat) diff --git a/man/man1/git-secret-whoknows.1.ronn b/man/man1/git-secret-whoknows.1.ronn index ab1b2bec..1b57db4f 100644 --- a/man/man1/git-secret-whoknows.1.ronn +++ b/man/man1/git-secret-whoknows.1.ronn @@ -22,4 +22,4 @@ Run `man git-secret-whoknows` to see this note. ## SEE ALSO -[git-secret-list(1)](http://git-secret.io/git-secret-list), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal) +[git-secret-list(1)](http://git-secret.io/git-secret-list), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat) From 492f575848821da9e57655e6b30ea37255cd19df Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 20:34:33 -0400 Subject: [PATCH 07/30] git-secret-cat man page --- man/man1/git-secret-cat.1 | Bin 0 -> 1315 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 man/man1/git-secret-cat.1 diff --git a/man/man1/git-secret-cat.1 b/man/man1/git-secret-cat.1 new file mode 100644 index 0000000000000000000000000000000000000000..cc73ec2136cb72aa634ec31451729d60e34a23e0 GIT binary patch literal 1315 zcmb7E!H(K65WVLsMme<-2}^ru)mutYi?j*JRV5Ax zJM(z+=Di7N5yKt@YG$#5BexB#q!8o7L;5NG7^PHhtW{se<2}{-U0TX+tgYp9d?`gJ-lo=KjF*Xs-AS8rGagbR11rO9?RO_!&I(~A1Xlp7;JX}-3!6R9vC>6)Sg@+ z@xc~n(qKf9LS{m)f4iyifUG6#2*?F)fOkr2%Y=368g@W3fNPQv94eAmJOwIA<_=O- zziWBvYi0z;hL;T-Q6uy&5ia~ZD12O8ih@iF5ih-0mnfX|E?T3oON77GI3i7P%>2U|Gq|}2d zm-lshw^S~D-%>~}C^+b3g(F~9HOO-y)o5n$N}*Rrvy%S6+Q_4U23r*jxa`eSw)mMn z#?h)5E=gKm_}9+6eZgTsAuV2f%x5#m9`j}Fmih9oaKY`n$$R3QUtZvIIpxy5(C2&N q;C>aZo?2|%J4hV-mW0f@gM-kw6b-NN4h{#uB? Date: Fri, 13 Apr 2018 20:34:54 -0400 Subject: [PATCH 08/30] regenerated git-secret man pages --- man/man1/git-secret-add.1 | Bin 1279 -> 1276 bytes man/man1/git-secret-changes.1 | Bin 1278 -> 1342 bytes man/man1/git-secret-clean.1 | Bin 907 -> 904 bytes man/man1/git-secret-hide.1 | Bin 1239 -> 1304 bytes man/man1/git-secret-init.1 | Bin 764 -> 761 bytes man/man1/git-secret-killperson.1 | Bin 986 -> 983 bytes man/man1/git-secret-list.1 | Bin 896 -> 960 bytes man/man1/git-secret-remove.1 | Bin 937 -> 934 bytes man/man1/git-secret-reveal.1 | Bin 1250 -> 1313 bytes man/man1/git-secret-tell.1 | Bin 1671 -> 1735 bytes man/man1/git-secret-usage.1 | Bin 780 -> 844 bytes man/man1/git-secret-whoknows.1 | Bin 877 -> 941 bytes man/man7/git-secret.7 | Bin 3105 -> 3719 bytes 13 files changed, 0 insertions(+), 0 deletions(-) diff --git a/man/man1/git-secret-add.1 b/man/man1/git-secret-add.1 index 073525dfb4d1a5dd45d78b45f02a0b36876fd5e6..5bc9bb3385a5f556f3de46776639d77966d11e54 100644 GIT binary patch delta 21 ccmey*`G<2t4wqv=QD%;Uk%6Jb#>zGp09?KYs{jB1 delta 24 fcmeyv`JZz_4zF8kQc-DQQKf>BfuZ@vvNjd~dDsZ@ diff --git a/man/man1/git-secret-changes.1 b/man/man1/git-secret-changes.1 index c57aaefc14950cf26309259f7f294ede07c33b08..408a2f22339a46216bd24e5712a3bc05b1234b99 100644 GIT binary patch delta 52 zcmeyzxsPi?0hePzQD%;Uk%6Jb#@YrJAsvPE%#s-0;?(4#R3M$4STfm`MVlQ+$D{>u F0RY^)5j_9^ delta 26 hcmdnT^^bEx0k2zXQc-DQQKf>BfuZ@vssBfuZ@t@&}tE7;Bgrxd5sj3N-)# diff --git a/man/man1/git-secret-init.1 b/man/man1/git-secret-init.1 index 62a2aed10758cd2b43bbd3082ce045160a466683..fa97dbaeb9208b6eb73c4d3992a37680f815a990 100644 GIT binary patch delta 21 ccmeyv`jd4+E|+6LQD%;Uk%6Jb#;PVJ09&^QnE(I) delta 24 fcmey#`iFHwF0Wf^Qc-DQQKf>BfuZ@v@+Kw#c&Z5C diff --git a/man/man1/git-secret-killperson.1 b/man/man1/git-secret-killperson.1 index d69ce6aef205ae84248169bd548f64e1409d1be0..e1922350773f5b73d082275bfaac8166ad63262c 100644 GIT binary patch delta 21 ccmcb`ew}?nF_&XOQD%;Uk%6Jb#)c?n09MuqJ^%m! delta 24 fcmcc4ev5rVF|S){Qc-DQQKf>BfuZ@v+9+lKa~lYS diff --git a/man/man1/git-secret-list.1 b/man/man1/git-secret-list.1 index 0a4bc2d0e802f614250c31210c6375e8ce699484..476292c6fa5875e9dac39c48444a928175481462 100644 GIT binary patch delta 52 zcmZo*KfpdAm&>uBC^JXF$iUEIV-+j2kd8unW=V{0acXi=Dv(Z2ESap&q|FYbW72}S E0I>29DgXcg delta 26 hcmX@W-oQQ~m)9*dsi-uus8Yemz|eeSIV&?G7XWvA2fhFR diff --git a/man/man1/git-secret-remove.1 b/man/man1/git-secret-remove.1 index 863c09bfde5282b8ad3b49e80f5ca6dc88f9f3a7..46b67f8452f9923f0272e4efa18bb10ca666a0b4 100644 GIT binary patch delta 21 ccmZ3BfuZ@vN?m3EX`2V` diff --git a/man/man1/git-secret-reveal.1 b/man/man1/git-secret-reveal.1 index 0c9a86751a51d990d4dbf502ef6b47c2fb1e2dff..55fbdac7762f9d7678c9bc0b0c178ceac57d6f26 100644 GIT binary patch delta 40 tcmaFFxsYo@K9^%bQD%;Uk%6Jb#+qr2n}wMKn3$3iCqHD?0Z{@hmjDnK49Nfh delta 35 rcmZ3;^@wvqKCfG9Qc-DQQKf>BfuZ@v%4v*@I-B{K1ehi#vFrx`+L;SU diff --git a/man/man1/git-secret-tell.1 b/man/man1/git-secret-tell.1 index fe3b14b88b417a6e8afaacff9d11fdf9bf129cf9..5e85db6d2605f56df5e78f64e724ddf09cf74bad 100644 GIT binary patch delta 36 rcmZqYJuBC^JXF$iUEIW7R2ErsTxQhO9cw$%!SCjo3l~-FgdS delta 28 jcmX@k+s->7m)9*dsi-uus8Yemz|eeS`6<@PEo{yJl2!@y diff --git a/man/man1/git-secret-usage.1 b/man/man1/git-secret-usage.1 index 5a7d2278f0ecb73b07e2d63970df6ab00b3b3ca4..7813b19558388b36534f1784e3177465c2b0f9fc 100644 GIT binary patch delta 52 zcmeBSJHs|1kIS*3C^JXF$iUEIWAy|kAsvPE%#s-0;?(4#R3M$4STcD6lQuh$j!6sR F0szaM5iI}! delta 26 hcmX@Z*26X-kJl|Vsi-uus8Yemz|eeS#RMisE&zMx2w(sJ diff --git a/man/man1/git-secret-whoknows.1 b/man/man1/git-secret-whoknows.1 index e532e29f24fc12863ab11c3e98f7d89cde2145ea..f4f5f543b2da8477b1d792d8072e26ea383b19c6 100644 GIT binary patch delta 52 zcmaFMww8TDA(vx8QD%;Uk%6Jb#=3V*LOKfRnI$p0#i_|fsX#h8v1IZ`CT(^g9g`Ns F1pw->5;Xt- delta 26 hcmZ3>{+4Y*A+K9%Qc-DQQKf>BfuZ@v>UT_xTmXZ&2?qcG diff --git a/man/man7/git-secret.7 b/man/man7/git-secret.7 index 1e9b327fcd4a622ea0d7589a09817dc64220fad4..7c21df3a2831d77ca3148bb495abe8abf662e99b 100644 GIT binary patch delta 617 zcmZXRF>e$x5QRm`rAIVKPuqk7?Il0~rw9oeaupGwTnTyCv%BVe9y9jlNOdJ`Bz^%E zb;KWJoE#8DXOCy*z3=(^!>^C7#_Dwx=kfID_{H_-AJxG`KOfw$?(LeYIX^|c3YjDr zpX#bq&QYKAZ0S|oj4mhYh4RVbrhYc+Yo#>D8t zm~`tqQDLx33AQXYEwP>u1T z@$4-E=Q8capaizy1oS3pB}21OLrQQ9zx^|yhSm_{lA49t1&|2K67BG&J-ie5qCG52 z{w~-2L^IQ-;k{~|^0tKiWG@yuCD(aH Date: Fri, 13 Apr 2018 20:36:33 -0400 Subject: [PATCH 09/30] small grammar change --- man/man7/git-secret.7.ronn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/man/man7/git-secret.7.ronn b/man/man7/git-secret.7.ronn index 97c0665e..14e3bca5 100644 --- a/man/man7/git-secret.7.ronn +++ b/man/man7/git-secret.7.ronn @@ -24,7 +24,7 @@ You can configure several things to suit your workflow better. To do so, just se These settings are available to be changed: -* `$SECRETS_GPG_COMMAND` - sets the `gpg` alternatives, defaults to `gpg`. It can be changed to `gpg`, `gpg2`, `pgp`, `/usr/local/gpg` or any other value. After doing so rerun the tests to be sure, that it won't break anything. Tested to be working with: `gpg`, `gpg2`. +* `$SECRETS_GPG_COMMAND` - sets the `gpg` alternatives, defaults to `gpg`. It can be changed to `gpg`, `gpg2`, `pgp`, `/usr/local/gpg` or any other value. After doing so rerun the tests to be sure that it won't break anything. Tested to be working with: `gpg`, `gpg2`. * `$SECRETS_EXTENSION` - sets the secret files extension, defaults to `.secret`. It can be changed to any valid file extension. ## Internals From 04b7c391b059971acb377aca5df790f6ba2754fe Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 20:37:07 -0400 Subject: [PATCH 10/30] update --- man/man7/git-secret.7 | Bin 3719 -> 3718 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/man/man7/git-secret.7 b/man/man7/git-secret.7 index 7c21df3a2831d77ca3148bb495abe8abf662e99b..752424b61951b7f756296d9b07861e65fb5b844c 100644 GIT binary patch delta 12 TcmZpdZIj)g&AnNNJDM2)8Q24M delta 14 VcmZpZZI|7k&CRH@S(`hW82}$W1EK%` From 6dc50652c8bcbb1ea352e7a2d1b199fb1ed12223 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 20:58:37 -0400 Subject: [PATCH 11/30] fixes for linter errors about 'which' For example: in utils/deb/deb-ci.sh line 27: 'which git-secret': SC2230: which is non-standard. Use builtin 'command -v' instead. --- utils/apk/apk-ci.sh | 3 ++- utils/deb/deb-ci.sh | 3 ++- utils/make/make-ci.sh | 4 +++- utils/rpm/rpm-ci.sh | 3 ++- 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/utils/apk/apk-ci.sh b/utils/apk/apk-ci.sh index e0afc6d6..e9107596 100644 --- a/utils/apk/apk-ci.sh +++ b/utils/apk/apk-ci.sh @@ -24,7 +24,8 @@ function integration_tests { # Testing the installation: apk info | grep "git-secret" - which "git-secret" + # lint says to use 'command -v' and not 'which' + command -v "git-secret" # Test the manuals: man --where "git-secret" # .7 diff --git a/utils/deb/deb-ci.sh b/utils/deb/deb-ci.sh index 571003b3..ab734dc5 100644 --- a/utils/deb/deb-ci.sh +++ b/utils/deb/deb-ci.sh @@ -24,7 +24,8 @@ function integration_tests { # Testing the installation: dpkg --get-selections | grep "git-secret" - which "git-secret" + # lint says to use 'command -v' and not 'which' + command -v "git-secret" # Test the manuals: man --where "git-secret" # .7 diff --git a/utils/make/make-ci.sh b/utils/make/make-ci.sh index 61441cb3..6f29594d 100644 --- a/utils/make/make-ci.sh +++ b/utils/make/make-ci.sh @@ -18,7 +18,9 @@ function integration_tests { make install # Testing the installation: - which "git-secret" + # 'command -v' is like 'which' + command -v "git-secret" + # Test the manuals: man --where "git-secret" # .7 diff --git a/utils/rpm/rpm-ci.sh b/utils/rpm/rpm-ci.sh index 1f2e38f6..466f1c6e 100644 --- a/utils/rpm/rpm-ci.sh +++ b/utils/rpm/rpm-ci.sh @@ -24,7 +24,8 @@ function integration_tests { # Testing the installation: dnf info "git-secret" - which "git-secret" + # 'command -v' is like 'which' + command -v "git-secret" # Test the manuals: man --where "git-secret" # .7 From 44bcfcd5bf6ab1ca5def40d0cc091db17aebd3b5 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 21:21:26 -0400 Subject: [PATCH 12/30] remove inoperative links --- README.md | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/README.md b/README.md index 350aebc4..e5e66609 100644 --- a/README.md +++ b/README.md @@ -73,18 +73,6 @@ Thank you to all our backers! πŸ™ [[Become a backer](https://opencollective.com Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/git-secret#sponsor)] - - - - - - - - - - - - ## License From da55b565652a31eb5cc9589432a497d59d190087 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 07:11:51 -0400 Subject: [PATCH 13/30] reflect code review input --- src/commands/git_secret_cat.sh | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh index 29a8c900..4ada2016 100644 --- a/src/commands/git_secret_cat.sh +++ b/src/commands/git_secret_cat.sh @@ -7,7 +7,7 @@ function cat { OPTIND=1 - while getopts 'hfd:p:' opt; do + while getopts 'hd:p:' opt; do case "$opt" in h) _show_manual_for 'cat';; @@ -26,14 +26,11 @@ function cat { # Command logic: - #local path_mappings - #path_mappings=$(_get_secrets_dir_paths_mapping) - for line in "$@" do local filename local path - #echo $line + filename=$(_get_record_filename "$line") path=$(_append_root_path "$filename") From 50c946376358ec6547c291f79fafc1a5ae55a557 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 08:33:57 -0400 Subject: [PATCH 14/30] add test for 'git secret cat' --- tests/test_cat.bats | 46 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 tests/test_cat.bats diff --git a/tests/test_cat.bats b/tests/test_cat.bats new file mode 100644 index 00000000..95687144 --- /dev/null +++ b/tests/test_cat.bats @@ -0,0 +1,46 @@ +#!/usr/bin/env bats + +load _test_base + +FILE_TO_HIDE="file_to_hide" +FILE_CONTENTS="hidden content юникод" + +FINGERPRINT="" + + +function setup { + FINGERPRINT=$(install_fixture_full_key "$TEST_DEFAULT_USER") + + set_state_initial + set_state_git + set_state_secret_init + set_state_secret_tell "$TEST_DEFAULT_USER" + set_state_secret_add "$FILE_TO_HIDE" "$FILE_CONTENTS" + set_state_secret_hide +} + + +function teardown { + #rm "$FILE_TO_HIDE" + + uninstall_fixture_full_key "$TEST_DEFAULT_USER" "$FINGERPRINT" + unset_current_state +} + + +@test "run 'cat' with password argument" { + cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2" + rm -f "$FILE_TO_HIDE" + + local password=$(test_user_password "$TEST_DEFAULT_USER") + run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" + + [ "$status" -eq 0 ] + + # $output is the output from 'git secret cat' above + [ "$FILE_CONTENTS" == "$output" ] + + rm "${FILE_TO_HIDE}2" +} + + From 293446461f60095d9b53c457fd7d6ce60d2df9f0 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 08:40:31 -0400 Subject: [PATCH 15/30] restore sponsor links --- README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/README.md b/README.md index e5e66609..1c06fa9c 100644 --- a/README.md +++ b/README.md @@ -73,6 +73,17 @@ Thank you to all our backers! πŸ™ [[Become a backer](https://opencollective.com Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/git-secret#sponsor)] + + + + + + + + + + + ## License From 29b36ae3a8555b7a98e598dca4f00db4582ac5f0 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 08:43:27 -0400 Subject: [PATCH 16/30] remove unneeded code --- tests/test_cat.bats | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/test_cat.bats b/tests/test_cat.bats index 95687144..7d6e44aa 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -29,7 +29,6 @@ function teardown { @test "run 'cat' with password argument" { - cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2" rm -f "$FILE_TO_HIDE" local password=$(test_user_password "$TEST_DEFAULT_USER") @@ -39,8 +38,6 @@ function teardown { # $output is the output from 'git secret cat' above [ "$FILE_CONTENTS" == "$output" ] - - rm "${FILE_TO_HIDE}2" } From c2936bf8f32bbcb1294719f08ddd1d8a71581790 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 08:50:32 -0400 Subject: [PATCH 17/30] remove extra newline --- utils/make/make-ci.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/utils/make/make-ci.sh b/utils/make/make-ci.sh index 6f29594d..e5e409fc 100644 --- a/utils/make/make-ci.sh +++ b/utils/make/make-ci.sh @@ -21,7 +21,6 @@ function integration_tests { # 'command -v' is like 'which' command -v "git-secret" - # Test the manuals: man --where "git-secret" # .7 man --where "git-secret-init" # .1 From 02e4bde64eda7b8f4b586980fceee546fc644fce Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 09:27:55 -0400 Subject: [PATCH 18/30] better error checking --- src/commands/git_secret_cat.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh index 4ada2016..f656a9c7 100644 --- a/src/commands/git_secret_cat.sh +++ b/src/commands/git_secret_cat.sh @@ -36,5 +36,8 @@ function cat { # The parameters are: filename, write-to-file, force, homedir, passphrase _decrypt "$path" "0" "0" "$homedir" "$passphrase" + if [[ "$?" ne "0" ]]; then + _abort( "error decrypting $(filename): $?" ) + fi done } From d5b1dd7829836b96f2f05dbba2973642b30a3501 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 09:28:05 -0400 Subject: [PATCH 19/30] test cat with wrong filename --- tests/test_cat.bats | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/test_cat.bats b/tests/test_cat.bats index 7d6e44aa..d08fca52 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -29,6 +29,7 @@ function teardown { @test "run 'cat' with password argument" { + cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2" rm -f "$FILE_TO_HIDE" local password=$(test_user_password "$TEST_DEFAULT_USER") @@ -38,6 +39,12 @@ function teardown { # $output is the output from 'git secret cat' above [ "$FILE_CONTENTS" == "$output" ] + + rm "${FILE_TO_HIDE}2" } +@test "run 'cat' with wrong filename" { + run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password" NO_SUCH_FILE + [ "$status" -eq 2 ] +} From 612e34cce8b40998dac3d8e1779cff3b30092129 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Fri, 13 Apr 2018 19:30:51 -0400 Subject: [PATCH 20/30] add git secret cat filename [filename2] feature. ronn file for manpage cleanup. Remove -f option. bump version to 0.2.4 remove unused variable add references to git secret cat in ronn docs. git-secret-cat man page --- CHANGELOG.md | 6 +++- man/man1/git-secret-cat.1 | Bin 0 -> 1315 bytes man/man1/git-secret-cat.1.ronn | 27 +++++++++++++++++ man/man1/git-secret-changes.1.ronn | 2 +- man/man1/git-secret-hide.1.ronn | 4 +-- man/man1/git-secret-list.1.ronn | 2 +- man/man1/git-secret-reveal.1.ronn | 4 +-- man/man1/git-secret-tell.1.ronn | 2 +- man/man1/git-secret-usage.1.ronn | 2 +- man/man1/git-secret-whoknows.1.ronn | 2 +- src/commands/git_secret_cat.sh | 43 ++++++++++++++++++++++++++++ src/commands/git_secret_usage.sh | 2 +- src/version.sh | 2 +- 13 files changed, 86 insertions(+), 12 deletions(-) create mode 100644 man/man1/git-secret-cat.1 create mode 100644 man/man1/git-secret-cat.1.ronn create mode 100644 src/commands/git_secret_cat.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index cb3c260e..03e1faaa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ # Changelog +## Version 0.2.4 + +- Added `git secret cat` feature + ## Version 0.2.3 + - Added `-m` option to `hide` command, files will only be hidden when modifications are detected (#92) - Changed how path mappings file works: colon delimited FSDB (#92) - Fixed `gnupg` >= 2.1 CI tests (#6) @@ -31,7 +36,6 @@ - Refactored `hide` and `clean` commands to be shorter - `shellcheck` is now supported with `make lint` - ## Version 0.2.1 - Now everything is tested inside the `docker`-containers and `OSX` images on `travis`. diff --git a/man/man1/git-secret-cat.1 b/man/man1/git-secret-cat.1 new file mode 100644 index 0000000000000000000000000000000000000000..cc73ec2136cb72aa634ec31451729d60e34a23e0 GIT binary patch literal 1315 zcmb7E!H(K65WVLsMme<-2}^ru)mutYi?j*JRV5Ax zJM(z+=Di7N5yKt@YG$#5BexB#q!8o7L;5NG7^PHhtW{se<2}{-U0TX+tgYp9d?`gJ-lo=KjF*Xs-AS8rGagbR11rO9?RO_!&I(~A1Xlp7;JX}-3!6R9vC>6)Sg@+ z@xc~n(qKf9LS{m)f4iyifUG6#2*?F)fOkr2%Y=368g@W3fNPQv94eAmJOwIA<_=O- zziWBvYi0z;hL;T-Q6uy&5ia~ZD12O8ih@iF5ih-0mnfX|E?T3oON77GI3i7P%>2U|Gq|}2d zm-lshw^S~D-%>~}C^+b3g(F~9HOO-y)o5n$N}*Rrvy%S6+Q_4U23r*jxa`eSw)mMn z#?h)5E=gKm_}9+6eZgTsAuV2f%x5#m9`j}Fmih9oaKY`n$$R3QUtZvIIpxy5(C2&N q;C>aZo?2|%J4hV-mW0f@gM-kw6b-NN4h{#uB? Date: Fri, 13 Apr 2018 20:34:54 -0400 Subject: [PATCH 21/30] regenerated git-secret man pages --- man/man1/git-secret-add.1 | Bin 1279 -> 1276 bytes man/man1/git-secret-changes.1 | Bin 1278 -> 1342 bytes man/man1/git-secret-clean.1 | Bin 907 -> 904 bytes man/man1/git-secret-hide.1 | Bin 1239 -> 1304 bytes man/man1/git-secret-init.1 | Bin 764 -> 761 bytes man/man1/git-secret-killperson.1 | Bin 986 -> 983 bytes man/man1/git-secret-list.1 | Bin 896 -> 960 bytes man/man1/git-secret-remove.1 | Bin 937 -> 934 bytes man/man1/git-secret-reveal.1 | Bin 1250 -> 1313 bytes man/man1/git-secret-tell.1 | Bin 1671 -> 1735 bytes man/man1/git-secret-usage.1 | Bin 780 -> 844 bytes man/man1/git-secret-whoknows.1 | Bin 877 -> 941 bytes man/man7/git-secret.7 | Bin 3105 -> 3719 bytes 13 files changed, 0 insertions(+), 0 deletions(-) diff --git a/man/man1/git-secret-add.1 b/man/man1/git-secret-add.1 index 073525dfb4d1a5dd45d78b45f02a0b36876fd5e6..5bc9bb3385a5f556f3de46776639d77966d11e54 100644 GIT binary patch delta 21 ccmey*`G<2t4wqv=QD%;Uk%6Jb#>zGp09?KYs{jB1 delta 24 fcmeyv`JZz_4zF8kQc-DQQKf>BfuZ@vvNjd~dDsZ@ diff --git a/man/man1/git-secret-changes.1 b/man/man1/git-secret-changes.1 index c57aaefc14950cf26309259f7f294ede07c33b08..408a2f22339a46216bd24e5712a3bc05b1234b99 100644 GIT binary patch delta 52 zcmeyzxsPi?0hePzQD%;Uk%6Jb#@YrJAsvPE%#s-0;?(4#R3M$4STfm`MVlQ+$D{>u F0RY^)5j_9^ delta 26 hcmdnT^^bEx0k2zXQc-DQQKf>BfuZ@vssBfuZ@t@&}tE7;Bgrxd5sj3N-)# diff --git a/man/man1/git-secret-init.1 b/man/man1/git-secret-init.1 index 62a2aed10758cd2b43bbd3082ce045160a466683..fa97dbaeb9208b6eb73c4d3992a37680f815a990 100644 GIT binary patch delta 21 ccmeyv`jd4+E|+6LQD%;Uk%6Jb#;PVJ09&^QnE(I) delta 24 fcmey#`iFHwF0Wf^Qc-DQQKf>BfuZ@v@+Kw#c&Z5C diff --git a/man/man1/git-secret-killperson.1 b/man/man1/git-secret-killperson.1 index d69ce6aef205ae84248169bd548f64e1409d1be0..e1922350773f5b73d082275bfaac8166ad63262c 100644 GIT binary patch delta 21 ccmcb`ew}?nF_&XOQD%;Uk%6Jb#)c?n09MuqJ^%m! delta 24 fcmcc4ev5rVF|S){Qc-DQQKf>BfuZ@v+9+lKa~lYS diff --git a/man/man1/git-secret-list.1 b/man/man1/git-secret-list.1 index 0a4bc2d0e802f614250c31210c6375e8ce699484..476292c6fa5875e9dac39c48444a928175481462 100644 GIT binary patch delta 52 zcmZo*KfpdAm&>uBC^JXF$iUEIV-+j2kd8unW=V{0acXi=Dv(Z2ESap&q|FYbW72}S E0I>29DgXcg delta 26 hcmX@W-oQQ~m)9*dsi-uus8Yemz|eeSIV&?G7XWvA2fhFR diff --git a/man/man1/git-secret-remove.1 b/man/man1/git-secret-remove.1 index 863c09bfde5282b8ad3b49e80f5ca6dc88f9f3a7..46b67f8452f9923f0272e4efa18bb10ca666a0b4 100644 GIT binary patch delta 21 ccmZ3BfuZ@vN?m3EX`2V` diff --git a/man/man1/git-secret-reveal.1 b/man/man1/git-secret-reveal.1 index 0c9a86751a51d990d4dbf502ef6b47c2fb1e2dff..55fbdac7762f9d7678c9bc0b0c178ceac57d6f26 100644 GIT binary patch delta 40 tcmaFFxsYo@K9^%bQD%;Uk%6Jb#+qr2n}wMKn3$3iCqHD?0Z{@hmjDnK49Nfh delta 35 rcmZ3;^@wvqKCfG9Qc-DQQKf>BfuZ@v%4v*@I-B{K1ehi#vFrx`+L;SU diff --git a/man/man1/git-secret-tell.1 b/man/man1/git-secret-tell.1 index fe3b14b88b417a6e8afaacff9d11fdf9bf129cf9..5e85db6d2605f56df5e78f64e724ddf09cf74bad 100644 GIT binary patch delta 36 rcmZqYJuBC^JXF$iUEIW7R2ErsTxQhO9cw$%!SCjo3l~-FgdS delta 28 jcmX@k+s->7m)9*dsi-uus8Yemz|eeS`6<@PEo{yJl2!@y diff --git a/man/man1/git-secret-usage.1 b/man/man1/git-secret-usage.1 index 5a7d2278f0ecb73b07e2d63970df6ab00b3b3ca4..7813b19558388b36534f1784e3177465c2b0f9fc 100644 GIT binary patch delta 52 zcmeBSJHs|1kIS*3C^JXF$iUEIWAy|kAsvPE%#s-0;?(4#R3M$4STcD6lQuh$j!6sR F0szaM5iI}! delta 26 hcmX@Z*26X-kJl|Vsi-uus8Yemz|eeS#RMisE&zMx2w(sJ diff --git a/man/man1/git-secret-whoknows.1 b/man/man1/git-secret-whoknows.1 index e532e29f24fc12863ab11c3e98f7d89cde2145ea..f4f5f543b2da8477b1d792d8072e26ea383b19c6 100644 GIT binary patch delta 52 zcmaFMww8TDA(vx8QD%;Uk%6Jb#=3V*LOKfRnI$p0#i_|fsX#h8v1IZ`CT(^g9g`Ns F1pw->5;Xt- delta 26 hcmZ3>{+4Y*A+K9%Qc-DQQKf>BfuZ@v>UT_xTmXZ&2?qcG diff --git a/man/man7/git-secret.7 b/man/man7/git-secret.7 index 1e9b327fcd4a622ea0d7589a09817dc64220fad4..7c21df3a2831d77ca3148bb495abe8abf662e99b 100644 GIT binary patch delta 617 zcmZXRF>e$x5QRm`rAIVKPuqk7?Il0~rw9oeaupGwTnTyCv%BVe9y9jlNOdJ`Bz^%E zb;KWJoE#8DXOCy*z3=(^!>^C7#_Dwx=kfID_{H_-AJxG`KOfw$?(LeYIX^|c3YjDr zpX#bq&QYKAZ0S|oj4mhYh4RVbrhYc+Yo#>D8t zm~`tqQDLx33AQXYEwP>u1T z@$4-E=Q8capaizy1oS3pB}21OLrQQ9zx^|yhSm_{lA49t1&|2K67BG&J-ie5qCG52 z{w~-2L^IQ-;k{~|^0tKiWG@yuCD(aH Date: Fri, 13 Apr 2018 20:36:33 -0400 Subject: [PATCH 22/30] small grammar change, update, fixes for linter errors about 'which' For example: in utils/deb/deb-ci.sh line 27: 'which git-secret': SC2230: which is non-standard. Use builtin 'command -v' instead. remove inoperative links reflect code review input add test for 'git secret cat' restore sponsor links --- README.md | 1 - man/man7/git-secret.7 | Bin 3719 -> 3718 bytes man/man7/git-secret.7.ronn | 2 +- src/commands/git_secret_cat.sh | 7 ++--- tests/test_cat.bats | 46 +++++++++++++++++++++++++++++++++ utils/apk/apk-ci.sh | 3 ++- utils/deb/deb-ci.sh | 3 ++- utils/make/make-ci.sh | 4 ++- utils/rpm/rpm-ci.sh | 3 ++- 9 files changed, 58 insertions(+), 11 deletions(-) create mode 100644 tests/test_cat.bats diff --git a/README.md b/README.md index 350aebc4..1c06fa9c 100644 --- a/README.md +++ b/README.md @@ -85,7 +85,6 @@ Support this project by becoming a sponsor. Your logo will show up here with a l - ## License MIT. See [LICENSE.md](LICENSE.md) for details. diff --git a/man/man7/git-secret.7 b/man/man7/git-secret.7 index 7c21df3a2831d77ca3148bb495abe8abf662e99b..752424b61951b7f756296d9b07861e65fb5b844c 100644 GIT binary patch delta 12 TcmZpdZIj)g&AnNNJDM2)8Q24M delta 14 VcmZpZZI|7k&CRH@S(`hW82}$W1EK%` diff --git a/man/man7/git-secret.7.ronn b/man/man7/git-secret.7.ronn index 97c0665e..14e3bca5 100644 --- a/man/man7/git-secret.7.ronn +++ b/man/man7/git-secret.7.ronn @@ -24,7 +24,7 @@ You can configure several things to suit your workflow better. To do so, just se These settings are available to be changed: -* `$SECRETS_GPG_COMMAND` - sets the `gpg` alternatives, defaults to `gpg`. It can be changed to `gpg`, `gpg2`, `pgp`, `/usr/local/gpg` or any other value. After doing so rerun the tests to be sure, that it won't break anything. Tested to be working with: `gpg`, `gpg2`. +* `$SECRETS_GPG_COMMAND` - sets the `gpg` alternatives, defaults to `gpg`. It can be changed to `gpg`, `gpg2`, `pgp`, `/usr/local/gpg` or any other value. After doing so rerun the tests to be sure that it won't break anything. Tested to be working with: `gpg`, `gpg2`. * `$SECRETS_EXTENSION` - sets the secret files extension, defaults to `.secret`. It can be changed to any valid file extension. ## Internals diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh index 29a8c900..4ada2016 100644 --- a/src/commands/git_secret_cat.sh +++ b/src/commands/git_secret_cat.sh @@ -7,7 +7,7 @@ function cat { OPTIND=1 - while getopts 'hfd:p:' opt; do + while getopts 'hd:p:' opt; do case "$opt" in h) _show_manual_for 'cat';; @@ -26,14 +26,11 @@ function cat { # Command logic: - #local path_mappings - #path_mappings=$(_get_secrets_dir_paths_mapping) - for line in "$@" do local filename local path - #echo $line + filename=$(_get_record_filename "$line") path=$(_append_root_path "$filename") diff --git a/tests/test_cat.bats b/tests/test_cat.bats new file mode 100644 index 00000000..95687144 --- /dev/null +++ b/tests/test_cat.bats @@ -0,0 +1,46 @@ +#!/usr/bin/env bats + +load _test_base + +FILE_TO_HIDE="file_to_hide" +FILE_CONTENTS="hidden content юникод" + +FINGERPRINT="" + + +function setup { + FINGERPRINT=$(install_fixture_full_key "$TEST_DEFAULT_USER") + + set_state_initial + set_state_git + set_state_secret_init + set_state_secret_tell "$TEST_DEFAULT_USER" + set_state_secret_add "$FILE_TO_HIDE" "$FILE_CONTENTS" + set_state_secret_hide +} + + +function teardown { + #rm "$FILE_TO_HIDE" + + uninstall_fixture_full_key "$TEST_DEFAULT_USER" "$FINGERPRINT" + unset_current_state +} + + +@test "run 'cat' with password argument" { + cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2" + rm -f "$FILE_TO_HIDE" + + local password=$(test_user_password "$TEST_DEFAULT_USER") + run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" + + [ "$status" -eq 0 ] + + # $output is the output from 'git secret cat' above + [ "$FILE_CONTENTS" == "$output" ] + + rm "${FILE_TO_HIDE}2" +} + + diff --git a/utils/apk/apk-ci.sh b/utils/apk/apk-ci.sh index e0afc6d6..e9107596 100644 --- a/utils/apk/apk-ci.sh +++ b/utils/apk/apk-ci.sh @@ -24,7 +24,8 @@ function integration_tests { # Testing the installation: apk info | grep "git-secret" - which "git-secret" + # lint says to use 'command -v' and not 'which' + command -v "git-secret" # Test the manuals: man --where "git-secret" # .7 diff --git a/utils/deb/deb-ci.sh b/utils/deb/deb-ci.sh index 571003b3..ab734dc5 100644 --- a/utils/deb/deb-ci.sh +++ b/utils/deb/deb-ci.sh @@ -24,7 +24,8 @@ function integration_tests { # Testing the installation: dpkg --get-selections | grep "git-secret" - which "git-secret" + # lint says to use 'command -v' and not 'which' + command -v "git-secret" # Test the manuals: man --where "git-secret" # .7 diff --git a/utils/make/make-ci.sh b/utils/make/make-ci.sh index 61441cb3..6f29594d 100644 --- a/utils/make/make-ci.sh +++ b/utils/make/make-ci.sh @@ -18,7 +18,9 @@ function integration_tests { make install # Testing the installation: - which "git-secret" + # 'command -v' is like 'which' + command -v "git-secret" + # Test the manuals: man --where "git-secret" # .7 diff --git a/utils/rpm/rpm-ci.sh b/utils/rpm/rpm-ci.sh index 1f2e38f6..466f1c6e 100644 --- a/utils/rpm/rpm-ci.sh +++ b/utils/rpm/rpm-ci.sh @@ -24,7 +24,8 @@ function integration_tests { # Testing the installation: dnf info "git-secret" - which "git-secret" + # 'command -v' is like 'which' + command -v "git-secret" # Test the manuals: man --where "git-secret" # .7 From 8ce78b6a5b752d5e95eba5ea6fef98c1598997af Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 08:50:32 -0400 Subject: [PATCH 23/30] remove extra newline --- utils/make/make-ci.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/utils/make/make-ci.sh b/utils/make/make-ci.sh index 6f29594d..e5e409fc 100644 --- a/utils/make/make-ci.sh +++ b/utils/make/make-ci.sh @@ -21,7 +21,6 @@ function integration_tests { # 'command -v' is like 'which' command -v "git-secret" - # Test the manuals: man --where "git-secret" # .7 man --where "git-secret-init" # .1 From da69e0766ea7f341c89c334db655824852e0aba0 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 09:28:05 -0400 Subject: [PATCH 24/30] test cat with wrong filename --- tests/test_cat.bats | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tests/test_cat.bats b/tests/test_cat.bats index 95687144..d08fca52 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -43,4 +43,8 @@ function teardown { rm "${FILE_TO_HIDE}2" } +@test "run 'cat' with wrong filename" { + run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password" NO_SUCH_FILE + [ "$status" -eq 2 ] +} From 50b23c973935eeb63e08f122a56e1cbcec29f404 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 10:05:27 -0400 Subject: [PATCH 25/30] fix --- src/commands/git_secret_cat.sh | 44 ++++++++++++++++++++++++++++++++++ tests/test_cat.bats | 1 + 2 files changed, 45 insertions(+) create mode 100644 src/commands/git_secret_cat.sh diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh new file mode 100644 index 00000000..a1b86180 --- /dev/null +++ b/src/commands/git_secret_cat.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env bash + + +function cat { + local homedir='' + local passphrase='' + + OPTIND=1 + + while getopts 'hd:p:' opt; do + case "$opt" in + h) _show_manual_for 'cat';; + + p) passphrase=$OPTARG;; + + d) homedir=$OPTARG;; + + *) _invalid_option_for 'cat';; + esac + done + + shift $((OPTIND-1)) + [ "$1" = '--' ] && shift + + _user_required + + # Command logic: + + for line in "$@" + do + local filename + local path + + filename=$(_get_record_filename "$line") + path=$(_append_root_path "$filename") + + # The parameters are: filename, write-to-file, force, homedir, passphrase + _decrypt "$path" "0" "0" "$homedir" "$passphrase" + + #if [[ "$?" ne "0" ]]; then + # _abort( "error decrypting $(filename): $?" ) + #fi + done +} diff --git a/tests/test_cat.bats b/tests/test_cat.bats index d08fca52..6b2578de 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -40,6 +40,7 @@ function teardown { # $output is the output from 'git secret cat' above [ "$FILE_CONTENTS" == "$output" ] + touch "$FILE_TO_HIDE)" rm "${FILE_TO_HIDE}2" } From 5c5a49bc3b92b5837d51a33c72e5ae9ba95ecdff Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 15:50:38 -0400 Subject: [PATCH 26/30] cleanup --- tests/test_cat.bats | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/tests/test_cat.bats b/tests/test_cat.bats index 6b2578de..91000f1f 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -21,27 +21,20 @@ function setup { function teardown { - #rm "$FILE_TO_HIDE" - uninstall_fixture_full_key "$TEST_DEFAULT_USER" "$FINGERPRINT" unset_current_state } @test "run 'cat' with password argument" { - cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2" - rm -f "$FILE_TO_HIDE" - local password=$(test_user_password "$TEST_DEFAULT_USER") run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" [ "$status" -eq 0 ] # $output is the output from 'git secret cat' above + # note that currently content may differ by a newline [ "$FILE_CONTENTS" == "$output" ] - - touch "$FILE_TO_HIDE)" - rm "${FILE_TO_HIDE}2" } @test "run 'cat' with wrong filename" { From 74e3404f367c1dd9e33a4770cad80d35f53a78d3 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 16:07:12 -0400 Subject: [PATCH 27/30] ronn/man doc improvements --- man/man1/git-secret-cat.1 | Bin 1315 -> 1307 bytes man/man1/git-secret-cat.1.ronn | 4 ++-- man/man1/git-secret-reveal.1 | Bin 1313 -> 1316 bytes man/man1/git-secret-reveal.1.ronn | 4 ++-- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/man/man1/git-secret-cat.1 b/man/man1/git-secret-cat.1 index cc73ec2136cb72aa634ec31451729d60e34a23e0..f7d58063205350812a24b1632e885b61fe0d8954 100644 GIT binary patch delta 49 zcmZ3?HJfY0K}OM-G^g}}bcGn*7~PcAJ$p;w4I24leb8{2(QYK$xw3{r!q|c}`*_~+;W6|cDOioMyK_?CT diff --git a/man/man1/git-secret-cat.1.ronn b/man/man1/git-secret-cat.1.ronn index f4d457a2..33d69e81 100644 --- a/man/man1/git-secret-cat.1.ronn +++ b/man/man1/git-secret-cat.1.ronn @@ -7,12 +7,12 @@ git-secret-cat - decrypts files passed on command line to stdout ## DESCRIPTION -`git-secret-cat` - Outputs to stdout the contents of the files named on the command line by running a `gpg --decrypt` command. As with `git-secret-reveal`, it is important to have paired secret-key with one of the public-keys, which were used in the encryption. +`git-secret-cat` - Outputs to stdout the contents of the files named on the command line by running `gpg --decrypt`. As with `git-secret-reveal`, it is important to have the paired secret-key with one of the public-keys which were used in the encryption. ## OPTIONS - -d - specifies `--homedir` option for the `gpg`, basically use this option if your store your keys in a custom location. + -d - specifies `--homedir` option for the `gpg`, basically use this option if you store your keys in a custom location. -p - specifies password for noinput mode, adds `--passphrase` option for `gpg`. -h - shows help. diff --git a/man/man1/git-secret-reveal.1 b/man/man1/git-secret-reveal.1 index 55fbdac7762f9d7678c9bc0b0c178ceac57d6f26..bdd62a1d7aacc1c77d47c33afccf3c4514846012 100644 GIT binary patch delta 19 bcmZ3;wS;TK14gEjjK%jD88_c&a$*7iOg;xB delta 18 acmZ3&wUBGW1IEcu82>RAZGOb$!~_6MZU?Ub diff --git a/man/man1/git-secret-reveal.1.ronn b/man/man1/git-secret-reveal.1.ronn index 74ec0bf0..0d410d0b 100644 --- a/man/man1/git-secret-reveal.1.ronn +++ b/man/man1/git-secret-reveal.1.ronn @@ -7,13 +7,13 @@ git-secret-reveal - decrypts all added files. ## DESCRIPTION -`git-secret-reveal` - decrypts all the files in the `.gitsecret/paths/mapping.cfg` by running a `gpg --decrypt` command. It is important to have paired secret-key with one of the public-keys which were used in the encryption. +`git-secret-reveal` - decrypts all the files in the `.gitsecret/paths/mapping.cfg` by running a `gpg --decrypt` command. It is important to have the paired secret-key with one of the public-keys which were used in the encryption. ## OPTIONS -f - forces to overwrite exisiting files without prompt. - -d - specifies `--homedir` option for the `gpg`, basically use this option if your store your keys in a custom location. + -d - specifies `--homedir` option for the `gpg`, basically use this option if you store your keys in a custom location. -p - specifies password for noinput mode, adds `--passphrase` option for `gpg`. -h - shows help. From 7b00d81ea7786cd132615c9eba1d4abb38ed27f4 Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 16:14:10 -0400 Subject: [PATCH 28/30] change to test CI --- tests/test_cat.bats | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/test_cat.bats b/tests/test_cat.bats index 91000f1f..e3509755 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -27,6 +27,10 @@ function teardown { @test "run 'cat' with password argument" { + # these two lines are needed for CI? Previous run stalled. + cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2" + rm -f "$FILE_TO_HIDE" + local password=$(test_user_password "$TEST_DEFAULT_USER") run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" @@ -35,6 +39,10 @@ function teardown { # $output is the output from 'git secret cat' above # note that currently content may differ by a newline [ "$FILE_CONTENTS" == "$output" ] + + # these two lines needed for CI? Previous run stalled. + touch "$FILE_TO_HIDE)" + rm "${FILE_TO_HIDE}2" } @test "run 'cat' with wrong filename" { From cb64fb15a7b491ff48b062687cf9ab2e6ba036ac Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 16:23:13 -0400 Subject: [PATCH 29/30] remove unneeded lines --- tests/test_cat.bats | 8 -------- 1 file changed, 8 deletions(-) diff --git a/tests/test_cat.bats b/tests/test_cat.bats index e3509755..91000f1f 100644 --- a/tests/test_cat.bats +++ b/tests/test_cat.bats @@ -27,10 +27,6 @@ function teardown { @test "run 'cat' with password argument" { - # these two lines are needed for CI? Previous run stalled. - cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2" - rm -f "$FILE_TO_HIDE" - local password=$(test_user_password "$TEST_DEFAULT_USER") run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" @@ -39,10 +35,6 @@ function teardown { # $output is the output from 'git secret cat' above # note that currently content may differ by a newline [ "$FILE_CONTENTS" == "$output" ] - - # these two lines needed for CI? Previous run stalled. - touch "$FILE_TO_HIDE)" - rm "${FILE_TO_HIDE}2" } @test "run 'cat' with wrong filename" { From 4a2f34c7914a6d4b93e7a8074ca3817a89a84f7d Mon Sep 17 00:00:00 2001 From: Josh Rabinowitz Date: Sat, 14 Apr 2018 16:37:10 -0400 Subject: [PATCH 30/30] remove commented-out code --- src/commands/git_secret_cat.sh | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/commands/git_secret_cat.sh b/src/commands/git_secret_cat.sh index a1b86180..2bf02902 100644 --- a/src/commands/git_secret_cat.sh +++ b/src/commands/git_secret_cat.sh @@ -36,9 +36,5 @@ function cat { # The parameters are: filename, write-to-file, force, homedir, passphrase _decrypt "$path" "0" "0" "$homedir" "$passphrase" - - #if [[ "$?" ne "0" ]]; then - # _abort( "error decrypting $(filename): $?" ) - #fi done }