Closed timmalich closed 8 months ago
Since I couldn't find a total obvious bug in the transcrypt skript to raise a PR, our current workaround is: 1) Backup unecrypted files 2) transcrypt --uninstall 3) git stash # just in case something was not clean 4) remove and commit old files 5) configure transcrypt like normal with new password 6) add the previously backed up files again
Hi @timmalich I have checked the --flush
command and found that it wasn't handling contexts correctly, thanks for reporting this.
I have a potential fix on the branch fix-flush-of-context, could you try this and confirm whether it fixes the flush problem for you?
As a side note, given the process you describe you should try using the --rekey
command instead, it would be easier and it does not suffer from the bug that you found using --flush
. You could re-encrypt (rekey) the files in your "local" context with a command like this:
transcrypt --context=local --rekey --password=NewPassword --yes
Hi @jmurty thanks for the amazing fast fix and sorry for the late reply. I can confirm that it works. Ignoring my limited knowledge on that matter: I would say that the code looks also good and readable to me. <3
Hi @timmalich thanks for confirming the fix, I have now merged it into the main
branch and it will be included in a future official release
We have defined this context: transcrypt -C local -c aes-256-cbc -p 'XXXXXXXXX'
Our gitattributes look like this: kubernetes//secrets/ filter=crypt diff=crypt merge=crypt kubernetes//local//secrets/ filter=crypt-local diff=crypt-local merge=crypt-local kubernetes//secret-values.yaml filter=crypt diff=crypt merge=crypt
The files have already been reencrypted with XXXXXXXXX.
Now we would like to reencrypt the files in the local context yet again, but after running:
transcrypt -C local -f -F -y; transcrypt -C local --display
We still get:
Therefore, after running:
We get: