Skip to content

Commit fdf81c5

Browse files
jmurtyjmurty
committed
Consolidate all git operation scripts into a single transcrypt script
Instead of installing separate scripts for the git clean, smudge, textconv, and merge operations a single *transcrypt* script that contains all these sub-scripts is installed instead. This reduces the clutter in the repository's _crypt/_ directory and makes it easier to develop and test *transcrypt* itself. Also add support for an optional `transcrypt.crypt-dir` setting for advanced users to override the path of the _.git/crypt/_ directory to permit things like installing transcrypt in a repository on a device without execute permissions.
1 parent 334697a commit fdf81c5

10 files changed

+350
-324
lines changed

CHANGELOG.md

+10
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,16 @@ The format is based on [Keep a Changelog][1], and this project adheres to
1616
openssl version instead of the default version found in `$PATH`. This will be
1717
most useful to macOS users who might want to use a newer version of OpenSSL.
1818
This option can be used on init, on upgrade, or by itself.
19+
- Add support for an optional `transcrypt.crypt-dir` setting for advanced users
20+
to override the path of the _.git/crypt/_ directory to permit things like
21+
installing transcrypt in a repository on a device without execute
22+
permissions (#104)
23+
24+
### Changed
25+
26+
- No longer need stand-alone scripts for git operations `clean`, `smudge`,
27+
`textconv`, and `merge` in the repository's _crypt/_ directory; the single
28+
consolidated `transcrypt` script is stored there instead.
1929

2030
### Fixed
2131

README.md

+1-1
Original file line numberDiff line numberDiff line change
@@ -328,4 +328,4 @@ To run the tests:
328328

329329
- [install bats-core](https://github.com/bats-core/bats-core#installation)
330330
- run all tests with: `bats tests/`
331-
- run an individual test with e.g: `./tests/test_help.bats`
331+
- run an individual test with e.g: `bats tests/test_crypt.bats`

tests/_test_helper.bash

+1-1
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ function cleanup_all {
3737
}
3838

3939
function init_transcrypt {
40-
"$BATS_TEST_DIRNAME"/../transcrypt --cipher=aes-256-cbc --password=abc123 --yes
40+
"$BATS_TEST_DIRNAME"/../transcrypt --cipher=aes-256-cbc --password='abc 123' --yes
4141
}
4242

4343
function encrypt_named_file {

tests/test_cleanup.bats

+23-24
Original file line numberDiff line numberDiff line change
@@ -3,100 +3,99 @@
33
load "$BATS_TEST_DIRNAME/_test_helper.bash"
44

55
SECRET_CONTENT="My secret content"
6-
SECRET_CONTENT_ENC="U2FsdGVkX1/kkWK36bn3fbq5DY2d+JXL2YWoN/eoXA1XJZEk9JS7j/856rXK9gPn"
6+
SECRET_CONTENT_ENC="U2FsdGVkX1/6ilR0PmJpAyCF7iG3+k4aBwbgVd48WaQXznsg42nXbQrlWsf/qiCg"
77

88
@test "cleanup: transcrypt -f flush clears cached plaintext" {
99
encrypt_named_file sensitive_file "$SECRET_CONTENT"
1010

1111
# Confirm working copy file is decrypted
1212
run cat sensitive_file
13-
[[ "$status" -eq 0 ]]
14-
[[ "${lines[0]}" = "$SECRET_CONTENT" ]]
13+
[ "$status" -eq 0 ]
14+
[ "${lines[0]}" = "$SECRET_CONTENT" ]
1515

1616
# Show all changes, caches plaintext due to `cachetextconv` setting
1717
run git log -p -- sensitive_file
18-
[[ "$status" -eq 0 ]]
18+
[ "$status" -eq 0 ]
1919
[[ "${output}" = *"+$SECRET_CONTENT" ]] # Check last line of patch
2020

2121
# Look up notes ref to cached plaintext
22-
[[ -f $BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt ]]
22+
[ -f $BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt ]
2323
cached_plaintext_obj=$(cat "$BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt")
2424

2525
# Confirm plaintext is cached
2626
run git show "$cached_plaintext_obj"
27-
[[ "$status" -eq 0 ]]
27+
[ "$status" -eq 0 ]
2828
[[ "${output}" = *"+$SECRET_CONTENT" ]] # Check last line of patch
2929

3030
# Repack to force all objects into packs (which are trickier to clear)
3131
git repack
3232

3333
# Flush credentials
3434
run ../transcrypt -f --yes
35-
[[ "$status" -eq 0 ]]
35+
[ "$status" -eq 0 ]
3636

3737
# Confirm working copy file is encrypted
3838
run cat sensitive_file
39-
[[ "$status" -eq 0 ]]
40-
[[ "${lines[0]}" = "$SECRET_CONTENT_ENC" ]]
39+
[ "$status" -eq 0 ]
40+
[ "${lines[0]}" = "$SECRET_CONTENT_ENC" ]
4141

4242
# Confirm show all changes shows encrypted content, not plaintext
4343
git log -p -- sensitive_file
4444
run git log -p -- sensitive_file
45-
[[ "$status" -eq 0 ]]
45+
[ "$status" -eq 0 ]
4646
[[ "${output}" = *"+$SECRET_CONTENT_ENC" ]] # Check last line of patch
4747

4848
# Confirm plaintext cache ref was cleared
49-
[[ ! -e $BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt ]]
49+
[ ! -e $BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt ]
5050

5151
# Confirm plaintext obj was truly cleared and is no longer visible
5252
run git show "$cached_plaintext_obj"
53-
[[ "$status" -ne 0 ]]
53+
[ "$status" -ne 0 ]
5454
}
5555

5656
@test "cleanup: transcrypt --uninstall clears cached plaintext" {
5757
encrypt_named_file sensitive_file "$SECRET_CONTENT"
5858

5959
# Confirm working copy file is decrypted
6060
run cat sensitive_file
61-
[[ "$status" -eq 0 ]]
62-
[[ "${lines[0]}" = "$SECRET_CONTENT" ]]
61+
[ "$status" -eq 0 ]
62+
[ "${lines[0]}" = "$SECRET_CONTENT" ]
6363

6464
# Show all changes, caches plaintext due to `cachetextconv` setting
6565
run git log -p -- sensitive_file
66-
[[ "$status" -eq 0 ]]
66+
[ "$status" -eq 0 ]
6767
[[ "${output}" = *"+$SECRET_CONTENT" ]] # Check last line of patch
6868

6969
# Look up notes ref to cached plaintext
70-
[[ -f $BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt ]]
70+
[ -f $BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt ]
7171
cached_plaintext_obj=$(cat "$BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt")
7272

7373
# Confirm plaintext is cached
7474
run git show "$cached_plaintext_obj"
75-
[[ "$status" -eq 0 ]]
75+
[ "$status" -eq 0 ]
7676
[[ "${output}" = *"+$SECRET_CONTENT" ]] # Check last line of patch
7777

7878
# Repack to force all objects into packs (which are trickier to clear)
7979
git repack
8080

8181
# Uninstall
8282
run ../transcrypt --uninstall --yes
83-
[[ "$status" -eq 0 ]]
83+
[ "$status" -eq 0 ]
8484

8585
# Confirm working copy file remains unencrypted (per uninstall contract)
8686
run cat sensitive_file
87-
[[ "$status" -eq 0 ]]
88-
[[ "${lines[0]}" = "$SECRET_CONTENT" ]]
87+
[ "$status" -eq 0 ]
88+
[ "${lines[0]}" = "$SECRET_CONTENT" ]
8989

9090
# Confirm show all changes shows encrypted content, not plaintext
91-
git log -p -- sensitive_file
9291
run git log -p -- sensitive_file
93-
[[ "$status" -eq 0 ]]
92+
[ "$status" -eq 0 ]
9493
[[ "${output}" = *"+$SECRET_CONTENT_ENC" ]] # Check last line of patch
9594

9695
# Confirm plaintext cache ref was cleared
97-
[[ ! -e $BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt ]]
96+
[ ! -e $BATS_TEST_DIRNAME/.git/refs/notes/textconv/crypt ]
9897

9998
# Confirm plaintext obj was truly cleared and is no longer visible
10099
run git show "$cached_plaintext_obj"
101-
[[ "$status" -ne 0 ]]
100+
[ "$status" -ne 0 ]
102101
}

0 commit comments

Comments
 (0)