git-crypt thinks repo is locked but unlock successful - unable to add-gpg-user

[aellison9]

macOS Catalina 10.15.6

Having an issue trying to add a new gpg user to git-crypt within our repository.

Steps to reproduce:

1. In an existing repository, execute git-crypt unlock - enc files are now readable
2. execute git-crypt add-gpg-user --trusted

Results: git-crypt: Error: Unable to open key file - have you unlocked/initialized this repository yet?

3. try unlocking again - no errors and enc files are still readable 4 try locking just for grins - git-crypt lock

Results: Error: this repository is already locked.

Additional information:

1. I made a backup of the repo and re-cloned from Github. Files in the clone were encrypted. Ran git-crypt unlock and the files were decrypted. Still encountered the issues describe above when trying to add the new user to the newly cloned repo.

2. Having the same issue in another repo in which we used git-crypt.

Thoughts: For some reason, unlock seems to be failing to flip a flag somewhere at the repo level. Just a guess.

OR something is really weird within my environment setup.

[aellison9]

More additional info: .gitattributes file at the repo TLD contains the following:

/helm//-stage-secret filter=git-crypt-stage diff=git-crypt-stage /helm//-prod-secret filter=git-crypt-prod diff=git-crypt-prod

.git-crypt directory structure is as follows: .git-crypt/keys/stage/0/.gpg .git-crypt/keys/prod/0/.gpg

the .gitattributes file under .git-crypt contains the following:

• !filter !diff *.gpg binary

[aellison9]

RTFM

I couldn't for the life of me find documentation surrounding different access levels based upon keys. I knew the answer lay somewhere within our usage across environments.

it is amazing what the -k parameter does for you when you bifurcate your keys.