Closed mrmachine closed 3 years ago
I wonder if there is some stale stat info from whatever codefresh is doing. Instead of running git status
, if you touch all of the encrypted files, does the clean check work as expected?
cd $(git rev-parse --show-toplevel)
touch $(git ls-crypt)
I've experienced the same thing using CircleCI. I solved it by doing a git reset --hard HEAD
even though when I'd ssh'ed in, git status
returned nothing to commit, working directory clean
Hate to do a +1, but I'm now experiencing this when running WSL on Windows on Github Actions.
LATER EDIT
It is just mesmerizing how running git status
before decrypting can workaround the situation 🤔
Explanations:
LATER LATER EDIT
As per SO, I used git update-index -q --really-refresh
instead of git status
, etc.
Hmm, is there any reason we shouldn't apply the naïve but simple "fix" and always run git update-index -q --really-refresh
or git status
before checking for a clean repository?
It would be weird voodoo, but should at least solve the problem.
It's not really voodoo :) after you read the tiny details, that is.... sigh it's just that diff-index gives you a probabilistic view of the world, not a binary one that's all. So if we want to stick to diff-index, then we need update-index. Otherwise we can use a higher-level git command like git status
that gives you a binary answer.
for example, have a look at how the git bash prompt detects dirty state https://github.com/git/git/blob/e31aba42fb12bdeb0f850829e008e1e3f43af500/contrib/completion/git-prompt.sh#L527-L528
Hi @andreineculau it's been a while sorry, but I have created a pull request with a potential fix to more reliably detect dirty repositories, without false positives. It would be great if you could look over it or test it: https://github.com/elasticdog/transcrypt/pull/109
Well, I have already implemented this in https://github.com/rokmoln/support-firecloud/commit/4834b270fb0b2d9a3eb61d99d42ac6c65e9ae5e2 (basically just for my usecase of WSL in CI) and it does work. I'd be surprised if your fix gives degraded outcome.
I'm currently not able to test this, but it's a +1 from me.
Hi @mrmachine @dfee and anyone else watching this issue, could someone test and confirm the potential fix for detection of dirty repos in pull request #109?
With the merge of https://github.com/elasticdog/transcrypt/pull/109 this issue should now be fixed. Please re-open if dirty repo detection is still failing for you when using the latest transcrypt from the master
branch.
I'm using codefresh to build Docker images (including the
.git
directory), with an entrypoint script that configures the git repo for transcrypt with a password from the environment, to decrypt secret files at runtime.transcrypt thinks the git repo is dirty:
When I run the
git diff-index
command that transcrypt uses internally (minus the--quiet
arg), it seems to return some odd results:But the repo is clean, cloned and built by codefresh:
Strangely, after running
git status
, transcrypt suddenly agrees that the repo is clean and agrees to configure the repo:Is there something wrong with the way codefresh is cloning the repo before it builds the Docker image?
Is there a more reliable way transcrypt can detect a dirty repo (as reported by
git status
)?