Paths may be duplicated

[cole-h]

The main reason I used a HashSet instead of a Vec was to avoid rekeying a file multiple times in case it is matched by multiple patterns, but I just realized that this case isn't covered in the encryption/decrytion code either. How/if that should be handled is probably something for a later point in time. (Maybe a note about that could be added to the readme for the meantime.)

_Originally posted by @LogicalOverflow in https://github.com/cole-h/agenix-cli/pull/7#discussion_r689135748_

[cole-h]

I feel like we shouldn't allow conflicting paths anyways -- so the ideal solution would be some kind of check to verify that none of the paths we're operating on have multiple matching patterns.

[pinpox]

@cole-h I just saw the warning, but what is actually done in this case? I was trying to match a file intentionally by multiple globs, is that supported?

E.g. I'd like to have three globs like

[[paths]]
glob = "hosts/host1/*"
identities = [ "host1" ]

[[paths]]
glob = "hosts/host2/*"
identities = [ "host2" ]

[[paths]]
glob = "hosts/*/backup-key"
identities = [ "backup-admin" ]

So that everything under /hosts/host1/* can be read by that host and additionally one or a subset of these files can be read by another identity.

[cole-h]

In spite of the warning, that is currently allowed and should work fine. I tested with the following config:

[[paths]]
glob = "t/a/*"
identities = [ "user" ]

[[paths]]
glob = "t/b/*"
identities = [ "user2" ]

[[paths]]
glob = "t/*/test"
identities = [ "machine" ]

and was able to decrypt t/a/test with both user and machine, and t/b/test with both user2 and machine.