Closed timmalich closed 8 months ago
timmalich
commented
8 months ago Since I couldn't find a total obvious bug in the transcrypt skript to raise a PR, our current workaround is: 1) Backup unecrypted files 2) transcrypt --uninstall 3) git stash # just in case something was not clean 4) remove and commit old files 5) configure transcrypt like normal with new password 6) add the previously backed up files again
jmurty
commented
8 months ago Hi @timmalich I have checked the --flush command and found that it wasn't handling contexts correctly, thanks for reporting this.
I have a potential fix on the branch fix-flush-of-context, could you try this and confirm whether it fixes the flush problem for you?
As a side note, given the process you describe you should try using the --rekey command instead, it would be easier and it does not suffer from the bug that you found using --flush. You could re-encrypt (rekey) the files in your "local" context with a command like this:
transcrypt --context=local --rekey --password=NewPassword --yesHi @jmurty thanks for the amazing fast fix and sorry for the late reply. I can confirm that it works. Ignoring my limited knowledge on that matter: I would say that the code looks also good and readable to me. <3
jmurty
commented
8 months ago Hi @timmalich thanks for confirming the fix, I have now merged it into the main branch and it will be included in a future official release
We have defined this context: transcrypt -C local -c aes-256-cbc -p 'XXXXXXXXX'
Our gitattributes look like this: kubernetes//secrets/ filter=crypt diff=crypt merge=crypt kubernetes//local//secrets/ filter=crypt-local diff=crypt-local merge=crypt-local kubernetes//secret-values.yaml filter=crypt diff=crypt merge=crypt
The files have already been reencrypted with XXXXXXXXX.
Now we would like to reencrypt the files in the local context yet again, but after running:
transcrypt -C local -f -F -y; transcrypt -C local --displayWe still get:
Therefore, after running:
We get: