Added `-i` flag to the `git-secret-add` command, which now auto-ignores unignored files.

Also added a test case for this feature. Other changes: 1. refactored `Makefile` to have `.PHONY` marks 2. added install target to the `Makefile`, now one can run `make install` (with optional `$PREFIX` variable) 3. updated docs for `git-secret.7`, `git-secret-add.1` 4. refactored some commands to `shift` arguments 5. added a test case to the 'other-file-extension' situation 5. added `.github` folder to store templates Closed #18
8 years ago · 3577c165ec
parent 70ce25c899
commit 3577c165ec
17 changed files with 207 additions and 5 deletions
--- a/.github/ISSUE_TEMPLTE.md
+++ b/.github/ISSUE_TEMPLTE.md
@ -0,0 +1,32 @@
+Thanks for reporting an issue! Please make sure you click the link above to view the issue guidelines, then fill out the blanks below.
+
+What are the steps to reproduce this issue?
+-------------------------------------------
+1. …
+2. …
+3. …
+
+What happens?
+-------------
+…
+
+What were you expecting to happen?
+----------------------------------
+…
+
+Any logs, error output, etc?
+----------------------------
+(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
+
+
+Any other comments?
+-------------------
+…
+
+What versions of software are you using?
+----------------------------------------
+**Operating system:** …
+
+**`git-secret` version:** …
+
+**Shell type and version:** …
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -0,0 +1,33 @@
+Thanks for sending a pull request!
+
+Here's how it's done:
+1. Make sure that you open your pull-request to the `develop` branch (master branch is protected, since some plugins use it when installed)
+2. Make sure that tests pass
+3. Make sure that your code has the same style
+
+Please make sure you click the link above to view the contribution guidelines, then fill out the blanks below.
+
+What does this implement/fix? Explain your changes.
+---------------------------------------------------
+…
+
+Does this close any currently open issues?
+------------------------------------------
+…
+
+
+Any relevant logs, error output, etc?
+-------------------------------------
+(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
+
+Any other comments?
+-------------------
+…
+
+Where has this been tested?
+---------------------------
+**Operating system:** …
+
+**`git-secret` version:** …
+
+**Shell type and version:** …
--- a/17
+++ b/17
@ -5,24 +5,34 @@ PREFIX?="/usr"
 # Building:
 #

+.PHONY: all
 all: build

 git-secret: src/_utils/* src/commands/* src/main.sh
 	@cat $^ > "$@"
 	@chmod +x git-secret

+.PHONY: clean
 clean:
 	@rm -f git-secret

+.PHONY: build
 build: git-secret

+.PHONY: install
+install:
+	@chmod +x "./utils/install.sh"
+	@"./utils/install.sh" "${PREFIX}"
+
 #
 # Testing:
 #

+.PHONY: install-test
 install-test:
 	git clone https://github.com/sstephenson/bats.git vendor/bats

+.PHONY: test
 test:
 	@if [ ! -d "vendor/bats" ]; then make install-test; fi
 	@export SECRET_PROJECT_ROOT="${PWD}"; export PATH="${PWD}/vendor/bats/bin:${PWD}:${PATH}"; \
@ -34,13 +44,16 @@ test:
 # Manuals:
 #

+.PHONY: install-ronn
 install-ronn:
 	@if [ ! `gem list ronn -i` == "true" ]; then gem install ronn; fi

+.PHONY: build-man
 build-man:
 	@make install-ronn
 	ronn --roff man/*/*.ronn

+.PHONY: build-gh-pages
 build-gh-pages:
 	@chmod +x "./utils/gh-branch.sh"
 	@"./utils/gh-branch.sh"
@ -49,6 +62,7 @@ build-gh-pages:
 # Development:
 #

+.PHONY: install-hooks
 install-hooks:
 	@# pre-commit:
 	@ln -fs "${PWD}/utils/pre-commit.sh" "${PWD}/.git/hooks/pre-commit"
@ -57,15 +71,18 @@ install-hooks:
 	@ln -fs "${PWD}/utils/post-commit.sh" "${PWD}/.git/hooks/post-commit"
 	@chmod +x "${PWD}/.git/hooks/post-commit"

+.PHONY: develop
 develop: clean build install-hooks

 #
 # Packaging:
 #

+.PHONY: install-fpm
 install-fpm:
 	@if [ ! `gem list fpm -i` == "true" ]; then gem install fpm; fi

+.PHONY: build-deb
 build-deb: clean build
 	@make install-fpm
 	@chmod +x "./utils/build-deb.sh"
--- a/README.md
+++ b/README.md
@ -19,6 +19,7 @@ See the [installation section](https://sobolevn.github.io/git-secret/#installati
 This project is still under development. Current objectives:

 - add `trust-model` parameter to `git-secret-hide`
+- translate manuals for popular languages
 - autocomplete for `zsh` plugin
 - extra tests
 - precompiled distribution for `RPM`
--- a/man/man1/git-secret-add.1.ronn
+++ b/man/man1/git-secret-add.1.ronn
@ -3,7 +3,7 @@ git-secret-add - starts to track added files.

 ## SYNOPSIS

-    git secret add <pathspec>...
+    git secret add [-i] <pathspec>...


 ## DESCRIPTION
@ -16,6 +16,7 @@ It is not recommened to add filenames directly into the `.gitsecret/paths/mappin

 ## OPTIONS

+    -i  - auto adds given files to the `.gitignore` if they are unignored at the moment.
    -h  - shows this help.


--- a/man/man7/git-secret.7.ronn
+++ b/man/man7/git-secret.7.ronn
@ -43,6 +43,11 @@ There are several ways to install `git-secret`:

 1. Run `brew install sobolevn/tap/git-secret`

+**Manual**
+
+1. Clone the repository first: `git clone https://github.com/sobolevn/git-secret.git git-secret`
+2. Run `PREFIX="/usr/local" make install`, note that you can install to any prefix in your `PATH`
+
 **`antigen` plugin (or any other `oh-my-zsh`-styled plugin-systems)**

 1. Add line `antigen bundle sobolevn/git-secret` to your `.zshrc`
@ -78,5 +83,13 @@ These steps cover the basic process of using `git-secret`:

 Note, that it is possible to add yourself to the system without decrypting existing files. It will be possible to decrypt them after reencrypting them with the new keyring. So, if you don't want unexpected keys added, make sure to configure some server-side security policy with the `pre-receive` hook.

+## Configuration
+You can configure several things to suit your workflow better. To do so, just set the required variable to the value you need. This can be done in your shell environment file or with the each `git-secret` command.
+
+These settings are available to be changed:
+
+* `$SECRETS_GPG_COMMAND` - sets the `gpg` alternatives, defaults to `gpg`. It can be changed to `gpg`, `gpg2`, `pgp`, `/usr/local/gpg` or any other value. After doing so rerun tests to be sure, that it won't break anything. Tested to be working with: `gpg`, `gpg2`.
+* `$SECRETS_EXTENSION` - sets the secret files extension, defaults to `.secret`. It can be changed to any valid file extension.
+
 [1]: https://git-scm.com/
 [2]: https://www.gnupg.org/
--- a/src/_utils/_git_secret_tools.sh
+++ b/src/_utils/_git_secret_tools.sh
@ -130,6 +130,15 @@ function _check_ignore {
 }


+function _add_ignored_file {
+  if [[ ! -f ".gitignore" ]]; then
+    touch ".gitignore"
+  fi
+
+  echo "$1" >> ".gitignore"
+}
+
+
 # Logic :

 function _abort {
--- a/src/_utils/_git_secret_tools_osx.sh
+++ b/src/_utils/_git_secret_tools_osx.sh
@ -13,6 +13,6 @@ function __delete_line_osx {

 function __temp_file_osx {
  : "${TMPDIR:=/tmp}"
-  local filename=$(mktemp -t _gitsecrets_ )
+  local filename=$(mktemp -t _gitsecrets_XXX )
  echo "$filename";
 }
--- a/src/commands/git_secret_add.sh
+++ b/src/commands/git_secret_add.sh
@ -2,14 +2,19 @@


 function add {
+  local auto_add=0
  OPTIND=1

-  while getopts "h" opt; do
+  while getopts "ih" opt; do
    case "$opt" in
+      i) auto_add=1;;
      h) _show_manaul_for "add";;
    esac
  done

+  shift $((OPTIND-1))
+  [ "$1" = "--" ] && shift
+
  _user_required

  local not_ignored=()
@ -29,7 +34,20 @@ function add {

  if [[ ! "${#not_ignored[@]}" -eq 0 ]]; then
    # and show them all at once.
-    _abort "these files are not ignored: ${not_ignored[@]} ;"
+    local message="these files are not ignored: ${not_ignored[@]} ;"
+    if [[ "$auto_add" -eq 0 ]]; then
+      # this file is not ignored. user don't want it to be added automatically.
+      # raise the exception, since all files, which will be hidden, must be ignored.
+      _abort "$message"
+    else
+      # in this case these files should be added to the `.gitignore` automatically:
+      # see https://github.com/sobolevn/git-secret/issues/18 for more.
+      echo "$message"
+      echo "auto adding them to .gitignore"
+      for item in "${not_ignored[@]}"; do
+        _add_ignored_file "$item"
+      done
+    fi
  fi

  for item in $@; do
--- a/src/commands/git_secret_init.sh
+++ b/src/commands/git_secret_init.sh
@ -10,6 +10,9 @@ function init {
    esac
  done

+  shift $((OPTIND-1))
+  [ "$1" = "--" ] && shift
+
  if [[ -d "$SECRETS_DIR" ]]; then
    _abort "already inited."
  fi
--- a/src/commands/git_secret_killperson.sh
+++ b/src/commands/git_secret_killperson.sh
@ -10,6 +10,9 @@ function killperson {
    esac
  done

+  shift $((OPTIND-1))
+  [ "$1" = "--" ] && shift
+
  _user_required

  if [[ ${#@} -eq 0 ]]; then
--- a/src/commands/git_secret_list.sh
+++ b/src/commands/git_secret_list.sh
@ -10,6 +10,9 @@ function list {
    esac
  done

+  shift $((OPTIND-1))
+  [ "$1" = "--" ] && shift
+
  _user_required

  if [[ ! -s "$SECRETS_DIR_PATHS_MAPPING" ]]; then
--- a/src/commands/git_secret_usage.sh
+++ b/src/commands/git_secret_usage.sh
@ -23,6 +23,9 @@ function usage {
    esac
  done

+  shift $((OPTIND-1))
+  [ "$1" = "--" ] && shift
+
  local commands=""
  local separator="|"

--- a/src/commands/git_secret_whoknows.sh
+++ b/src/commands/git_secret_whoknows.sh
@ -10,6 +10,9 @@ function whoknows {
    esac
  done

+  shift $((OPTIND-1))
+  [ "$1" = "--" ] && shift
+
  _user_required

  local keys=$(_get_users_in_keyring)
--- a/tests/test_add.bats
+++ b/tests/test_add.bats
@ -29,6 +29,21 @@ function teardown {
 }


+@test "run 'add' for unignored file with '-i' option" {
+  local TEST_FILE='test_file.auto_ignore'
+  touch "$TEST_FILE"
+  echo "content" > "$TEST_FILE"
+
+  run git secret add -i "$TEST_FILE"
+  [ "$status" -eq 0 ]
+
+  run _file_has_line "$TEST_FILE" ".gitignore"
+  [ "$status" -eq 0 ]
+
+  rm -f "$TEST_FILE"
+}
+
+
@test "run 'add' normally" {
  local filename="local_file"
  echo "content" > "$filename"
--- a/tests/test_reveal_filename.bats
+++ b/tests/test_reveal_filename.bats
@ -0,0 +1,48 @@
+#!/usr/bin/env bats
+
+load _test_base
+
+FILE_TO_HIDE="file_to_hide"
+FILE_CONTENTS="hidden content юникод"
+
+FINGERPRINT=""
+OLD_SECRETS_EXTENSION=""
+
+
+function setup {
+  FINGERPRINT=$(install_fixture_full_key "$TEST_DEFAULT_USER")
+
+  set_state_git
+  set_state_secret_init
+  set_state_secret_tell "$TEST_DEFAULT_USER"
+  set_state_secret_add "$FILE_TO_HIDE" "$FILE_CONTENTS"
+
+  OLD_SECRETS_EXTENSION="$SECRETS_EXTENSION"
+  export SECRETS_EXTENSION=".new_secret"
+
+  set_state_secret_hide
+}
+
+
+function teardown {
+  uninstall_fixture_full_key "$TEST_DEFAULT_USER" "$FINGERPRINT"
+  unset_current_state
+  rm -f "$FILE_TO_HIDE"
+  export SECRETS_EXTENSION="$OLD_SECRETS_EXTENSION"
+}
+
+
+@test "run 'reveal' with different file extension" {
+  cp "$FILE_TO_HIDE" "${FILE_TO_HIDE}2"
+  rm -f "$FILE_TO_HIDE"
+
+  local password=$(test_user_password "$TEST_DEFAULT_USER")
+  run git secret reveal -d "$TEST_GPG_HOMEDIR" -p "$password"
+
+  [ "$status" -eq 0 ]
+  [ -f "$FILE_TO_HIDE" ]
+
+  cmp --silent "$FILE_TO_HIDE" "${FILE_TO_HIDE}2"
+
+  rm -f "${FILE_TO_HIDE}2"
+}
--- a/utils/install.sh
+++ b/utils/install.sh
@ -34,4 +34,4 @@ cp "$SCRIPT_ROOT"/git-secret "$PREFIX"/bin/git-secret
 cp -R "$SCRIPT_ROOT"/man/man1/* "$PREFIX"/share/man/man1
 cp "$SCRIPT_ROOT"/man/man7/git-secret.7 "$PREFIX"/share/man/man7/git-secret.7

-echo "Installed git-secret to $PREFIX/bin/git-secret"
+echo "Installed git-secret to ${PREFIX}/bin/git-secret"