search

sliteteam / github-action-git-crypt-unlock

Github Action to unlock git-crypt secrets
MIT License
47 stars 23 forks source link

No way to commit once unlocked #14

Open alexnault opened 3 years ago

alexnault commented 3 years ago

Once the repo is unlocked, any attempt to commit from the GH Action will result in an error:

"git-crypt" clean: 1: git-crypt: not found
error: external filter '"git-crypt" clean' failed 127
error: external filter '"git-crypt" clean' failed
alexnault commented 3 years ago

My current workaround is to manually install git-crypt and set the $GITHUB_PATH:

name: Deploy

on:
  workflow_dispatch:

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      # ...

      - name: Install git-crypt
        run: |
          git clone https://github.com/AGWA/git-crypt.git
          cd git-crypt && make && make install PREFIX=/opt/project
          echo "/opt/project/bin" >> $GITHUB_PATH

      - name: Unlock git-crypt
        run: |
          echo ${{ secrets.GIT_CRYPT_KEY }} | base64  -d > ./git-crypt-key
          git-crypt unlock ./git-crypt-key
          rm ./git-crypt-key

      - name: Login with built-in token to enable commiting
        run: |
          git config user.name github-actions
          git config user.email github-actions@github.com

       # ...
Francismb commented 1 year ago

Same issue, I believe it is because the git-crypt folder inside .git ends up being owned by root, not the user the worker is running in.