search

AGWA / git-crypt

Transparent file encryption in git
https://www.agwa.name/projects/git-crypt/
GNU General Public License v3.0
8.22k stars 476 forks source link

git-crypt path ubuntu vs osx #71

Closed basz closed 8 years ago

basz commented 8 years ago

Hello, I'm working with Vagrant/ansible setup to do development and I've notice a small incompatibility that might be simple to fix.

When ever I do a git checkout of my project within the Ubuntu box I run git-crypt unlock on the repository. Since the virtual box directory is exposed to the osx host machine I am able work on the repository as if it is a project installed on OSX (shared directories). Apparently the git-crypt unlock stores the complete (ubuntu) path to git-crypt in the repository. This then fails on osx as the path to git-crypt is different.

on osx i get these results;

$ git-crypt --version
git-crypt 0.5.0
$ which git-crypt
/usr/local/bin/git-crypt
$ git-crypt unlock git-crypt-key.key  
$ grep -R git-crypt ./.git/
./.git//config:[filter "git-crypt"]
./.git//config: smudge = \"git-crypt\" smudge
./.git//config: clean = \"git-crypt\" clean
./.git//config:[diff "git-crypt"]
./.git//config: textconv = \"git-crypt\" diff

from ubuntu I get these results;

$ which git-crypt
/usr/bin/git-crypt
$ git-crypt --version
git-crypt 0.5.0
$ git-crypt unlock git-crypt-key.key  
$ grep -R git-crypt ./.git/
./.git/config:[filter "git-crypt"]
./.git/config:  smudge = \"/usr/bin/git-crypt\" smudge
./.git/config:  clean = \"/usr/bin/git-crypt\" clean
./.git/config:[diff "git-crypt"]
./.git/config:  textconv = \"/usr/bin/git-crypt\" diff

As you can see both git-crypt versions store a reference to the git-crypt executable differently which will be problematic in the described - admittedly not so mainstream - setup.

I'm aware that I can simply run git-crypt unlock from the host machine as a work around but I'm wondering if there is a better way to work around this.

So, is this something that can be fixed or configured?

smemsh commented 8 years ago

The OSX version has relative paths shown by .git/config, whereas the linux one shows absolute paths.

Once you've done an unlock inside (in the VM), why do you need to do it again on the host (OSX)? If you can manage to unlock inside and store the smudge/clean variant without paths, maybe it will work on both sides (by doing a path lookup)?

basz commented 8 years ago

Op 26 dec. 2015 om 20:48 heeft Scott Mcdermott notifications@github.com het volgende geschreven:

The OSX version has relative paths shown by .git/config, whereas the linux one shows absolute paths.

Correct. Once you've done an unlock inside (in the VM), why do you need to do it again on the host (OSX)?

Because it's the same ansible play for production and development. It should unlock the repo. After provisioning the local vagrant box I'll start developing via IDE/sourcetree on OS X via the shared path feature of vagrant. If you can manage to unlock inside and store the smudge/clean variant without paths, maybe it will work on both sides (by doing a path lookup)?

What I now do (manually) is lock on the guest and unlock on the OSX host. After that things are fine. All OS X tools work fine and even within the Ubuntu box git works as normal.

My take away is that paths don't need to be absolute.

— Reply to this email directly or view it on GitHub.

AGWA commented 8 years ago

I just pushed a commit (b47176e) that changes Linux to work like OS X in this regard. All future git-crypt unlocks will place a relative path in .git/config as long as git-crypt was invoked as a bare filename (i.e. with no slashes in the command name). Thanks for your input on this!

basz commented 8 years ago

thanks! appreciated...