Merge pull request #142 from joshrabinowitz/git-secret-cat

Git secret cat

CHANGELOG.md

@@ -1,6 +1,11 @@
 # Changelog
 
+## Version 0.2.4
+
+- Added `git secret cat` feature
+
 ## Version 0.2.3
+
 - Added `-m` option to `hide` command, files will only be hidden when modifications are detected (#92)
 - Changed how path mappings file works: colon delimited FSDB (#92)
 - Fixed `gnupg` >= 2.1 CI tests (#6)
@@ -31,7 +36,6 @@
 - Refactored `hide` and `clean` commands to be shorter
 - `shellcheck` is now supported with `make lint`
 
-
 ## Version 0.2.1
 
 - Now everything is tested inside the `docker`-containers and `OSX` images on `travis`.

README.md

@@ -85,7 +85,6 @@ Support this project by becoming a sponsor. Your logo will show up here with a l
 <a href="https://opencollective.com/git-secret/sponsor/9/website" target="_blank"><img src="https://opencollective.com/git-secret/sponsor/9/avatar.svg"></a>
 
 
-
 ## License
 
 MIT. See [LICENSE.md](LICENSE.md) for details.

man/man1/git-secret-cat.1.ronn

@@ -0,0 +1,27 @@
+git-secret-cat - decrypts files passed on command line to stdout
+=============================================
+
+## SYNOPSIS
+
+    git secret cat [-d dir] [-p password] filename [filenames]
+
+
+## DESCRIPTION
+`git-secret-cat` - Outputs to stdout the contents of the files named on the command line by running `gpg --decrypt`. As with `git-secret-reveal`, it is important to have the paired secret-key with one of the public-keys which were used in the encryption.
+
+
+## OPTIONS
+
+    -d  - specifies `--homedir` option for the `gpg`, basically use this option if you store your keys in a custom location.
+    -p  - specifies password for noinput mode, adds `--passphrase` option for `gpg`.
+    -h  - shows help.
+
+
+## MANUAL
+
+Run `man git-secret-cat` to see this note.
+
+
+## SEE ALSO
+
+[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-cat)

man/man1/git-secret-changes.1.ronn

@@ -24,4 +24,4 @@ Run `man git-secret-changes` to see this note.
 
 ## SEE ALSO
 
-[git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal)
+[git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat)

man/man1/git-secret-hide.1.ronn

@@ -7,7 +7,7 @@ git-secret-hide - encrypts all added files with the inner keyring.
 
 
 ## DESCRIPTION
-`git-secret-hide` create an encrypted version for each file added by `git-secret-add` command. Now anyone from the `git-secret`'s keyring can decrypt these files using their secret key.
+`git-secret-hide` creates an encrypted version for each file added by `git-secret-add` command. Now anyone from the `git-secret`'s keyring can decrypt these files using their secret key.
 
 It is possible to modify the names of the encrypted files by setting `SECRETS_EXTENSION` variable.
 
@@ -28,4 +28,4 @@ Run `man git-secret-hide` to see this note.
 
 ## SEE ALSO
 
-[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal)
+[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal),  [git-secret-cat(1)](http://git-secret.io/git-secret-cat)

man/man1/git-secret-list.1.ronn

@@ -22,4 +22,4 @@ Run `man git-secret-list` to see this note.
 
 ## SEE ALSO
 
-[git-secret-whoknows(1)](http://git-secret.io/git-secret-whoknows), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-remove(1)](http://git-secret.io/git-secret-remove), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal)
+[git-secret-whoknows(1)](http://git-secret.io/git-secret-whoknows), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-remove(1)](http://git-secret.io/git-secret-remove), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat)

man/man1/git-secret-reveal.1.ronn

@@ -7,13 +7,13 @@ git-secret-reveal - decrypts all added files.
 
 
 ## DESCRIPTION
-`git-secret-reveal` - decrypts all the files in the `.gitsecret/paths/mapping.cfg` by running a `gpg --decrypt` command. It is important to have paired secret-key with one of the public-keys, which were used in the encryption.
+`git-secret-reveal` - decrypts all the files in the `.gitsecret/paths/mapping.cfg` by running a `gpg --decrypt` command. It is important to have the paired secret-key with one of the public-keys which were used in the encryption.
 
 
 ## OPTIONS
 
     -f  - forces to overwrite exisiting files without prompt.
-    -d  - specifies `--homedir` option for the `gpg`, basically use this option if your store your keys in a custom location.
+    -d  - specifies `--homedir` option for the `gpg`, basically use this option if you store your keys in a custom location.
     -p  - specifies password for noinput mode, adds `--passphrase` option for `gpg`.
     -h  - shows help.
 
@@ -25,4 +25,4 @@ Run `man git-secret-reveal` to see this note.
 
 ## SEE ALSO
 
-[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide)
+[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-cat(1)](http://git-secret.io/git-secret-cat), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide)

man/man1/git-secret-tell.1.ronn

@@ -26,4 +26,4 @@ Run `man git-secret-tell` to see this note.
 
 ## SEE ALSO
 
-[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-killperson(1)](http://git-secret.io/git-secret-killperson)
+[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat), [git-secret-killperson(1)](http://git-secret.io/git-secret-killperson)

man/man1/git-secret-usage.1.ronn

@@ -22,4 +22,4 @@ Run `man git-secret-usage` to see this note.
 
 ## SEE ALSO
 
-[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal)
+[git-secret-init(1)](http://git-secret.io/git-secret-init), [git-secret-add(1)](http://git-secret.io/git-secret-add), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat)

man/man1/git-secret-whoknows.1.ronn

@@ -22,4 +22,4 @@ Run `man git-secret-whoknows` to see this note.
 
 ## SEE ALSO
 
-[git-secret-list(1)](http://git-secret.io/git-secret-list), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal)
+[git-secret-list(1)](http://git-secret.io/git-secret-list), [git-secret-tell(1)](http://git-secret.io/git-secret-tell), [git-secret-hide(1)](http://git-secret.io/git-secret-hide), [git-secret-reveal(1)](http://git-secret.io/git-secret-reveal), [git-secret-cat(1)](http://git-secret.io/git-secret-cat)

man/man7/git-secret.7.ronn

@@ -24,7 +24,7 @@ You can configure several things to suit your workflow better. To do so, just se
 
 These settings are available to be changed:
 
-* `$SECRETS_GPG_COMMAND` - sets the `gpg` alternatives, defaults to `gpg`. It can be changed to `gpg`, `gpg2`, `pgp`, `/usr/local/gpg` or any other value. After doing so rerun the tests to be sure, that it won't break anything. Tested to be working with: `gpg`, `gpg2`.
+* `$SECRETS_GPG_COMMAND` - sets the `gpg` alternatives, defaults to `gpg`. It can be changed to `gpg`, `gpg2`, `pgp`, `/usr/local/gpg` or any other value. After doing so rerun the tests to be sure that it won't break anything. Tested to be working with: `gpg`, `gpg2`.
 * `$SECRETS_EXTENSION` - sets the secret files extension, defaults to `.secret`. It can be changed to any valid file extension.
 
 ## Internals

src/commands/git_secret_cat.sh

@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+
+
+function cat {
+  local homedir=''
+  local passphrase=''
+
+  OPTIND=1
+
+  while getopts 'hd:p:' opt; do
+    case "$opt" in
+      h) _show_manual_for 'cat';;
+
+      p) passphrase=$OPTARG;;
+
+      d) homedir=$OPTARG;;
+
+      *) _invalid_option_for 'cat';;
+    esac
+  done
+
+  shift $((OPTIND-1))
+  [ "$1" = '--' ] && shift
+
+  _user_required
+
+  # Command logic:
+
+  for line in "$@"
+  do
+    local filename
+    local path
+
+    filename=$(_get_record_filename "$line")
+    path=$(_append_root_path "$filename")
+
+    # The parameters are: filename, write-to-file, force, homedir, passphrase
+    _decrypt "$path" "0" "0" "$homedir" "$passphrase"
+  done
+}

src/commands/git_secret_usage.sh

@@ -19,7 +19,7 @@ function usage {
   # to the old dynamic-loading version of this code.
   # thanks to @antmak it is now fixed, see:
   # https://github.com/sobolevn/git-secret/issues/47
-  local commands="add|changes|clean|hide|init|killperson|list|remove|reveal|tell|usage|whoknows"
+  local commands="add|cat|changes|clean|hide|init|killperson|list|remove|reveal|tell|usage|whoknows"
 
   echo "usage: git secret [$commands]"
 }

src/version.sh

@@ -1,4 +1,4 @@
 #!/usr/bin/env bash
 
 # shellcheck disable=2034
-GITSECRET_VERSION='0.2.3'
+GITSECRET_VERSION='0.2.4'

tests/test_cat.bats

@@ -0,0 +1,44 @@
+#!/usr/bin/env bats
+
+load _test_base
+
+FILE_TO_HIDE="file_to_hide"
+FILE_CONTENTS="hidden content юникод"
+
+FINGERPRINT=""
+
+
+function setup {
+  FINGERPRINT=$(install_fixture_full_key "$TEST_DEFAULT_USER")
+
+  set_state_initial
+  set_state_git
+  set_state_secret_init
+  set_state_secret_tell "$TEST_DEFAULT_USER"
+  set_state_secret_add "$FILE_TO_HIDE" "$FILE_CONTENTS"
+  set_state_secret_hide
+}
+
+
+function teardown {
+  uninstall_fixture_full_key "$TEST_DEFAULT_USER" "$FINGERPRINT"
+  unset_current_state
+}
+
+
+@test "run 'cat' with password argument" {
+  local password=$(test_user_password "$TEST_DEFAULT_USER")
+  run git secret cat -d "$TEST_GPG_HOMEDIR" -p "$password" "$FILE_TO_HIDE" 
+
+  [ "$status" -eq 0 ]
+
+  # $output is the output from 'git secret cat' above
+  # note that currently content may differ by a newline
+  [ "$FILE_CONTENTS" == "$output" ]
+}
+
+@test "run 'cat' with wrong filename" {
+  run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password" NO_SUCH_FILE
+  [ "$status" -eq 2 ]
+}
+

utils/apk/apk-ci.sh

@@ -24,7 +24,8 @@ function integration_tests {
 
   # Testing the installation:
   apk info | grep "git-secret"
-  which "git-secret"
+  # lint says to use 'command -v' and not 'which'
+  command -v "git-secret"
 
   # Test the manuals:
   man --where "git-secret" # .7

utils/deb/deb-ci.sh

@@ -24,7 +24,8 @@ function integration_tests {
 
   # Testing the installation:
   dpkg --get-selections | grep "git-secret"
-  which "git-secret"
+  # lint says to use 'command -v' and not 'which'
+  command -v "git-secret"
 
   # Test the manuals:
   man --where "git-secret" # .7

utils/make/make-ci.sh

@@ -18,7 +18,8 @@ function integration_tests {
   make install
 
   # Testing the installation:
-  which "git-secret"
+  # 'command -v' is like 'which'
+  command -v "git-secret"
 
   # Test the manuals:
   man --where "git-secret" # .7

utils/rpm/rpm-ci.sh

@@ -24,7 +24,8 @@ function integration_tests {
 
   # Testing the installation:
   dnf info "git-secret"
-  which "git-secret"
+  # 'command -v' is like 'which'
+  command -v "git-secret"
 
   # Test the manuals:
   man --where "git-secret" # .7