mirror of https://github.com/sobolevn/git-secret
This commit is pretty large. A lot of changes.
The full list of changes: 1. Added `.docker/` folder with Dockerfiles 2. Now `travis` runs integrational tests inside these containers 3. Now `travis` runs tests with `mac os x` 4. Now there are new ways to autodeploy `deb` and `rpm` packages 5. Fixed some issues 6. Also added `.ci/` folder, where utility scripts for travis are stored 7. Moved `git-hooks` into the separate folder: `utils/hooks/` 8. Added new target to the `Makefile` 9. `.gitignore` is updated to ignore `build/` folder and inner filespull/48/head
parent
c766b4c0fe
commit
8b1a01f1f6
@ -0,0 +1,15 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
if [[ "$GITSECRET_DIST" == "rpm" ]]; then
|
||||
# To deploy `rpm`-packages this utility is needed:
|
||||
sudo apt-get install -y rpm;
|
||||
fi
|
||||
|
||||
|
||||
if [[ ! -z "$DOCKER_DIST" ]]; then
|
||||
# When making a non-container build, this step will generate
|
||||
# proper manifest files:
|
||||
make deploy-${GITSECRET_DIST};
|
||||
fi
|
@ -0,0 +1,24 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
# Docker:
|
||||
if [[ ! -z "$DOCKER_DIST" ]]; then
|
||||
TEMPLATE="sobolevn/git-secret-docker-$DOCKER_DIST"
|
||||
DOCKERFILE_PATH=".docker/${GITSECRET_DIST}/${DOCKER_DIST}"
|
||||
|
||||
# Building the local image:
|
||||
docker build -t "$TEMPLATE" "$DOCKERFILE_PATH"
|
||||
fi
|
||||
|
||||
# Mac:
|
||||
if [[ "$GITSECRET_DIST" == "brew" ]]; then
|
||||
brew install $GITSECRET_GPG_DEP
|
||||
fi
|
||||
|
||||
# Local linux (standart build):
|
||||
if [[ "$GITSECRET_DIST" == "none" ]] &&
|
||||
[[ "$GITSECRET_GPG_DEP" == "gnupg2" ]]; then
|
||||
# Installing custom GPG version:
|
||||
sudo apt-get install -y gnupg2
|
||||
fi
|
@ -0,0 +1,22 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
# Docker-baised builds:
|
||||
if [[ ! -z "$DOCKER_DIST" ]]; then
|
||||
TEMPLATE="sobolevn/git-secret-docker-$DOCKER_DIST"
|
||||
# Passing the `TRAVIS_COMMIT` into the container:
|
||||
COMMAND="if [ ! -z "${TRAVIS_COMMIT}" ]; then git checkout "${TRAVIS_COMMIT}"; fi; make test-${GITSECRET_DIST}-ci"
|
||||
|
||||
# This will run the full intergration check inside the `docker` container:
|
||||
# see `test-deb-ci` and `test-rpm-ci` in `Makefile`
|
||||
docker run "$TEMPLATE" /bin/bash -c "$COMMAND"
|
||||
docker ps -a
|
||||
fi
|
||||
|
||||
# Local builds:
|
||||
if [[ -z "$DOCKER_DIST" ]]; then
|
||||
# Only running `make test` on standard (non-docker) build,
|
||||
# since it is called inside the docker container anyway.
|
||||
make test
|
||||
fi
|
@ -0,0 +1,23 @@
|
||||
FROM debian:latest
|
||||
|
||||
MAINTAINER Nikita Sobolev (mail@sobolevn.me)
|
||||
|
||||
# Dependencies and project initialization:
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y man make git apt-transport-https && \
|
||||
apt-get install -y ruby ruby-dev ruby-build && \
|
||||
apt-get autoremove && apt-get autoclean
|
||||
|
||||
# This will increase the container size, but speed up the build,
|
||||
# since this part will change, while the dependencies won't:
|
||||
|
||||
RUN mkdir /code
|
||||
WORKDIR /code
|
||||
|
||||
# Removing `origin` for good:
|
||||
|
||||
RUN git clone -q https://github.com/sobolevn/git-secret.git && \
|
||||
cd git-secret && git remote rm origin
|
||||
|
||||
WORKDIR /code/git-secret
|
@ -0,0 +1,23 @@
|
||||
FROM ubuntu:latest
|
||||
|
||||
MAINTAINER Nikita Sobolev (mail@sobolevn.me)
|
||||
|
||||
# Dependencies and project initialization:
|
||||
|
||||
RUN apt-get update && \
|
||||
apt-get install -y man make git apt-transport-https && \
|
||||
apt-get install -y ruby ruby-dev ruby-build && \
|
||||
apt-get autoremove && apt-get autoclean && \
|
||||
mkdir /code
|
||||
|
||||
# This will increase the container size, but speed up the build,
|
||||
# since this part will change, while the dependencies won't:
|
||||
|
||||
WORKDIR /code
|
||||
|
||||
# Removing `origin` for good:
|
||||
|
||||
RUN git clone -q https://github.com/sobolevn/git-secret.git && \
|
||||
cd git-secret && git remote rm origin
|
||||
|
||||
WORKDIR /code/git-secret
|
@ -0,0 +1,22 @@
|
||||
FROM fedora:latest
|
||||
|
||||
MAINTAINER Nikita Sobolev (mail@sobolevn.me)
|
||||
|
||||
ENV HOME /root
|
||||
|
||||
RUN dnf update -y && \
|
||||
dnf install -y gnupg man make gcc git tar > /dev/null && \
|
||||
dnf install -y which pciutils redhat-rpm-config rpm-build zlib-devel && \
|
||||
dnf -y group install 'Development tools' && \
|
||||
dnf install -y ruby ruby-devel rubygems && \
|
||||
dnf -y autoremove && \
|
||||
mkdir /code
|
||||
|
||||
WORKDIR /code
|
||||
|
||||
# Removing `origin` for good:
|
||||
|
||||
RUN git clone -q https://github.com/sobolevn/git-secret.git && \
|
||||
cd git-secret && git remote rm origin
|
||||
|
||||
WORKDIR /code/git-secret
|
@ -0,0 +1,36 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-ADD" "1" "May 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-add\fR \- starts to track added files\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret add [\-i] <pathspec>\.\.\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-add\fR adds a filepath(es) into the \fB\.gitsecret/paths/mapping\.cfg\fR\. When adding files, ensure that they are ignored by \fBgit\fR, since they must be secure and not be commited into the remote repository unencrypted\.
|
||||
.
|
||||
.P
|
||||
If there\'s no users in the \fBgit\-secret\fR\'s keyring, when adding a file, an exception will be raised\.
|
||||
.
|
||||
.P
|
||||
It is not recommened to add filenames directly into the \fB\.gitsecret/paths/mapping\.cfg\fR, use the command\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-i \- auto adds given files to the `\.gitignore` if they are unignored at the moment\.
|
||||
\-h \- shows this help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-init(1), git\-secret\-tell(1), git\-secret\-hide(1), git\-secret\-reveal(1)
|
@ -0,0 +1,31 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-CHANGES" "1" "May 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-changes\fR \- view diff of the hidden files\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret changes [\-h] [\-d dir] [\-p password] <pathspec>\.\.\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-changes\fR \- shows changes between the current version of hidden files and the ones already commited\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-d \- specifies `\-\-homedir` option for the `gpg`, basically use this option if your store your keys in a custom location\.
|
||||
\-p \- specifies password for noinput mode, adds `\-\-passphrase` option for `gpg`\.
|
||||
\-h \- shows help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-add(1), git\-secret\-tell(1), git\-secret\-hide(1), git\-secret\-reveal(1)
|
@ -0,0 +1,30 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-CLEAN" "1" "February 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-clean\fR \- removes all the hidden files\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret clean [\-v]
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-clean\fR deletes all the encrypted files\. This command can produce a verbose output, printing which files are deleted\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-v \- shows which files are deleted\.
|
||||
\-h \- shows this help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-whoknows(1), git\-secret\-add(1), git\-secret\-remove(1), git\-secret\-hide(1), git\-secret\-reveal(1)
|
@ -0,0 +1,34 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-HIDE" "1" "March 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-hide\fR \- encrypts all added files with the inner keyring\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret hide [\-c] [\-v]
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-hide\fR create an encrypted version for each file added by \fBgit\-secret\-add\fR command\. Now anyone from the \fBgit\-secret\fR\'s keyring can decrypt these files using their secret key\.
|
||||
.
|
||||
.P
|
||||
It is possible to modify the names of the encrypted files by setting \fBSECRETS_EXTENSION\fR variable\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-v \- verbose, shows extra information\.
|
||||
\-c \- deletes encrypted files before creating new ones\.
|
||||
\-h \- shows help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-init(1), git\-secret\-tell(1), git\-secret\-add(1), git\-secret\-reveal(1)
|
@ -0,0 +1,29 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-INIT" "1" "March 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-init\fR \- initializes git\-secret repository\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret init
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-init\fR should be run inside a \fBgit\fR repo\. \fBgit\-secret\-init\fR is the first command to be run, until the git\-secret repository is inited other commands are unavailable\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-h \- shows this help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-init(1), git\-secret\-tell(1)
|
@ -0,0 +1,29 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-KILLPERSON" "1" "February 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-killperson\fR \- deletes key identified by an email from the inner keyring\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret killperson [email]
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-killperson\fR makes it impossible for given user to decrypt the hidden file in the future\. It is required to run \fBgit\-secret\-hide\fR once again with the updated keyring\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-h \- shows this help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-tell(1), git\-secret\-hide(1), git\-secret\-reveal(1)
|
@ -0,0 +1,29 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-LIST" "1" "February 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-list\fR \- prints all the added files\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret list
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-list\fR prints all the currently added tracked files from the \fB\.gitsecret/paths/mapping\.cfg\fR\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-h \- shows this help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-whoknows(1), git\-secret\-add(1), git\-secret\-remove(1), git\-secret\-hide(1), git\-secret\-reveal(1)
|
@ -0,0 +1,30 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-REMOVE" "1" "February 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-remove\fR \- removes files from index\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret remove [\-c] <pathspec\.\.>
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-remove\fR deletes files from \fB\.gitsecret/paths/mapping\.cfg\fR, so they won\'t be encrypted or decrypted in the future\. There\'s also an option to delete existing encrypted versions of the files provided\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-c \- deletes existing real encrypted files\.
|
||||
\-h \- shows help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-add(1), git\-secret\-reveal(1), git\-secret\-hide(1)
|
@ -0,0 +1,32 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-REVEAL" "1" "May 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-reveal\fR \- decrypts all added files\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret reveal [\-f] [\-d dir] [\-p password]
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-reveal\fR \- decrypts all the files in the \fB\.gitsecret/paths/mapping\.cfg\fR by running a \fBgpg \-\-decrypt\fR command\. It is important to have paired secret\-key with one of the public\-keys, which were used in the encryption\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-f \- forces to overwrite exisiting files without prompt\.
|
||||
\-d \- specifies `\-\-homedir` option for the `gpg`, basically use this option if your store your keys in a custom location\.
|
||||
\-p \- specifies password for noinput mode, adds `\-\-passphrase` option for `gpg`\.
|
||||
\-h \- shows help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-init(1), git\-secret\-tell(1), git\-secret\-add(1), git\-secret\-hide(1)
|
@ -0,0 +1,34 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-TELL" "1" "March 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-tell\fR \- adds a person, who can access private data\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret tell [\-m] [\-d dir] [email]
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-tell\fR receives an email address as an input, searches for the \fBgpg\fR\-key in the \fBgpg\fR\'s \fBhomedir\fR by this email, then imports a person\'s public key into the \fBgit\-secret\fR\'s inner keychain\. From this moment this person can encrypt new files with the keyring which contains their key\. But they cannot decrypt the old files, which were already encrypted without their key\. They should be reencrypted with the new keyring by someone, who has the unencrypted files\.
|
||||
.
|
||||
.P
|
||||
\fBDo not manually import secret key into \fBgit\-secret\fR\fR\. Anyways, it won\'t work with any of the secret\-keys imported\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-m \- takes your current `git config user\.email` as an identifier for the key\.
|
||||
\-d \- specifies `\-\-homedir` option for the `gpg`, basically use this option if your store your keys in a custom location\.
|
||||
\-h \- shows help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-init(1), git\-secret\-add(1), git\-secret\-hide(1), git\-secret\-reveal(1)
|
@ -0,0 +1,29 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-USAGE" "1" "February 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-usage\fR \- prints all the available commands\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret usage
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-usage\fR is used to print all the available commands\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-h \- shows this help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-init(1), git\-secret\-add(1), git\-secret\-hide(1), git\-secret\-reveal(1)
|
@ -0,0 +1,29 @@
|
||||
.\" generated with Ronn/v0.7.3
|
||||
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
||||
.
|
||||
.TH "GIT\-SECRET\-WHOKNOWS" "1" "February 2016" "" ""
|
||||
.
|
||||
.SH "NAME"
|
||||
\fBgit\-secret\-whoknows\fR \- prints email\-labels for each key in the keyring\.
|
||||
.
|
||||
.SH "SYNOPSIS"
|
||||
.
|
||||
.nf
|
||||
|
||||
git secret whoknows
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "DESCRIPTION"
|
||||
\fBgit\-secret\-whokowns\fR prints list of email addresses which are used as labels for currently public keys added to the local keyring\.
|
||||
.
|
||||
.SH "OPTIONS"
|
||||
.
|
||||
.nf
|
||||
|
||||
\-h \- shows this help\.
|
||||
.
|
||||
.fi
|
||||
.
|
||||
.SH "SEE ALSO"
|
||||
git\-secret\-list(1), git\-secret\-add(1), git\-secret\-hide(1), git\-secret\-reveal(1)
|
@ -0,0 +1,3 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
GITSECRET_VERSION="0.2.0"
|
@ -1,48 +0,0 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
# Initializing and settings:
|
||||
READ_PEM=0644
|
||||
EXEC_PEM=0755
|
||||
|
||||
SCRIPT_NAME="git-secret"
|
||||
SCRIPT_DESCRIPTION="A bash-tool to store your private data inside a git repository."
|
||||
SCRIPT_VERSION=$(bash ${PWD}/git-secret --version)
|
||||
: ${SCRIPT_EPOCH:=0}
|
||||
: ${SCRIPT_ITERATION:=1}
|
||||
|
||||
if [[ -z "$SCRIPT_BUILD_DIR" ]]; then
|
||||
SCRIPT_BUILD_DIR="${HOME}/debbuild-${SCRIPT_NAME}"
|
||||
fi
|
||||
|
||||
SCRIPT_DEST_DIR="${SCRIPT_BUILD_DIR}/installroot"
|
||||
|
||||
# Preparing the files
|
||||
rm -rf "$SCRIPT_BUILD_DIR"
|
||||
mkdir -p "$SCRIPT_DEST_DIR"
|
||||
|
||||
# Coping the files inside the build folder:
|
||||
install -D -T -b -m "$EXEC_PEM" -T "git-secret" "${SCRIPT_DEST_DIR}/usr/bin/git-secret"
|
||||
install -m "$EXEC_PEM" -d "${SCRIPT_DEST_DIR}/usr/share/man/man1"
|
||||
install -m "$EXEC_PEM" -d "${SCRIPT_DEST_DIR}/usr/share/man/man7"
|
||||
for file in man/man1/* ; do
|
||||
if [[ "$file" == *.ronn ]]; then
|
||||
continue
|
||||
fi
|
||||
|
||||
install -D -T -b -m "$READ_PEM" -T "$file" "${SCRIPT_DEST_DIR}/usr/share/${file}"
|
||||
done
|
||||
install -D -T -b -m "$READ_PEM" -T "man/man7/git-secret.7" \
|
||||
"${SCRIPT_DEST_DIR}/usr/share/man/man7/git-secret.7"
|
||||
|
||||
# Building .deb package:
|
||||
cd "$SCRIPT_DEST_DIR" && fpm -s dir -t deb \
|
||||
-a all \
|
||||
-n "$SCRIPT_NAME" \
|
||||
--epoch "$SCRIPT_EPOCH" \
|
||||
--version "$SCRIPT_VERSION" \
|
||||
--iteration "$SCRIPT_ITERATION" \
|
||||
--description="$SCRIPT_DESCRIPTION" \
|
||||
-C "$SCRIPT_DEST_DIR" \
|
||||
.
|
@ -0,0 +1,81 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
# Initializing and settings:
|
||||
READ_PEM=0644
|
||||
EXEC_PEM=0755
|
||||
|
||||
SCRIPT_NAME="git-secret"
|
||||
SCRIPT_DESCRIPTION="A bash-tool to store your private data inside a git repository."
|
||||
SCRIPT_VERSION=$(bash ${PWD}/git-secret --version)
|
||||
|
||||
# This might be overridden someday:
|
||||
: ${SCRIPT_EPOCH:=0}
|
||||
: ${SCRIPT_ITERATION:=1}
|
||||
|
||||
# This may be overridden:
|
||||
if [[ -z "$SCRIPT_BUILD_DIR" ]]; then
|
||||
SCRIPT_BUILD_DIR="${PWD}/build"
|
||||
fi
|
||||
|
||||
SCRIPT_DEST_DIR="${SCRIPT_BUILD_DIR}/buildroot"
|
||||
|
||||
|
||||
function locate_deb {
|
||||
ls $SCRIPT_DEST_DIR/*.deb | head -1
|
||||
}
|
||||
|
||||
|
||||
function locate_rpm {
|
||||
ls $SCRIPT_DEST_DIR/*.rpm | head -1
|
||||
}
|
||||
|
||||
|
||||
function preinstall_files {
|
||||
# Preparing the files:
|
||||
rm -rf "$SCRIPT_BUILD_DIR"
|
||||
mkdir -p "$SCRIPT_DEST_DIR"
|
||||
|
||||
# Coping the files inside the build folder:
|
||||
install -D -T -b -m "$EXEC_PEM" -T "git-secret" "${SCRIPT_DEST_DIR}/usr/bin/git-secret"
|
||||
install -m "$EXEC_PEM" -d "${SCRIPT_DEST_DIR}/usr/share/man/man1"
|
||||
install -m "$EXEC_PEM" -d "${SCRIPT_DEST_DIR}/usr/share/man/man7"
|
||||
for file in man/man1/* ; do
|
||||
if [[ "$file" == *.ronn ]]; then
|
||||
continue
|
||||
fi
|
||||
|
||||
install -D -T -b -m "$READ_PEM" -T "$file" "${SCRIPT_DEST_DIR}/usr/share/$file"
|
||||
done
|
||||
install -D -T -b -m "$READ_PEM" -T "man/man7/git-secret.7" \
|
||||
"${SCRIPT_DEST_DIR}/usr/share/man/man7/git-secret.7"
|
||||
}
|
||||
|
||||
|
||||
function build_package {
|
||||
# Only requires `rpm` or `deb` as first argument:
|
||||
local build_type="$1"
|
||||
|
||||
# See https://github.com/jordansissel/fpm for docs:
|
||||
fpm \
|
||||
-s dir \
|
||||
-t "$build_type" \
|
||||
-a all \
|
||||
-n "$SCRIPT_NAME" \
|
||||
--version "$SCRIPT_VERSION" \
|
||||
--description "$SCRIPT_DESCRIPTION" \
|
||||
--url "https://sobolevn.github.io/git-secret/" \
|
||||
--maintainer "Nikita Sobolev (mail@sobolevn.me)" \
|
||||
--license "MIT" \
|
||||
-C "$SCRIPT_DEST_DIR" \
|
||||
-d "git" \
|
||||
-d "gnupg" \
|
||||
--deb-no-default-config-files \
|
||||
.
|
||||
}
|
||||
|
||||
|
||||
function clean_up_files {
|
||||
rm -rf "${SCRIPT_DEST_DIR}/usr"
|
||||
}
|
@ -0,0 +1,13 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
source "${SECRET_PROJECT_ROOT}/utils/build-utils.sh"
|
||||
|
||||
preinstall_files
|
||||
|
||||
# Building .deb package:
|
||||
cd "$SCRIPT_DEST_DIR" && build_package "deb"
|
||||
|
||||
# Cleaning up:
|
||||
clean_up_files && cd "${SECRET_PROJECT_ROOT}"
|
@ -0,0 +1,36 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
# Note that this file is created for test purposes:
|
||||
# 1. It runs inside the Docker container
|
||||
# 2. It does not use `sudo` or anything
|
||||
# 3. If you would like to install `.deb` package on your system, see `Installation`
|
||||
|
||||
source "${SECRET_PROJECT_ROOT}/utils/build-utils.sh"
|
||||
|
||||
# This folder should contain just one .deb file:
|
||||
DEB_FILE_LOCATION=$(locate_deb)
|
||||
|
||||
|
||||
# Integration tests
|
||||
function integration_tests {
|
||||
# Installing the package:
|
||||
dpkg -i "$DEB_FILE_LOCATION"
|
||||
|
||||
# Configuring the dependencies:
|
||||
apt-get -f -y install
|
||||
|
||||
# Testing the installation:
|
||||
dpkg --get-selections | grep "git-secret"
|
||||
which "git-secret"
|
||||
|
||||
# Test the manuals:
|
||||
man --where "git-secret" # .7
|
||||
man --where "git-secret-init" # .1
|
||||
}
|
||||
|
||||
integration_tests
|
||||
|
||||
# Unit tests:
|
||||
source "${SECRET_PROJECT_ROOT}/utils/tests.sh"
|
@ -0,0 +1,35 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
source "${SECRET_PROJECT_ROOT}/utils/build-utils.sh"
|
||||
|
||||
# Variables, which will be used in `bintray.json`:
|
||||
SCRIPT_VERSION=$(bash ${PWD}/git-secret --version)
|
||||
RELEASE_DATE=$(date +%Y-%m-%d)
|
||||
|
||||
# add `\"override\": 1 \` into the `matrixParams`, if needed:
|
||||
echo "{ \
|
||||
\"package\": { \
|
||||
\"name\": \"git-secret\", \
|
||||
\"repo\": \"deb\", \
|
||||
\"subject\": \"sobolevn\" \
|
||||
}, \
|
||||
\"version\": {
|
||||
\"name\": \"${SCRIPT_VERSION}\", \
|
||||
\"desc\": \"Version ${SCRIPT_VERSION}\", \
|
||||
\"released\": \"${RELEASE_DATE}\", \
|
||||
\"vcs_tag\": \"v${SCRIPT_VERSION}\", \
|
||||
\"gpgSign\": true \
|
||||
}, \
|
||||
\"files\": [{ \
|
||||
\"includePattern\": \"build/buildroot/(.*\.deb)\", \
|
||||
\"uploadPattern\": \"/git-secret_${SCRIPT_VERSION}_all.deb\", \
|
||||
\"matrixParams\": { \
|
||||
\"deb_distribution\": \"stable\", \
|
||||
\"deb_component\": \"main\", \
|
||||
\"deb_architecture\": \"all\" \
|
||||
} \
|
||||
}], \
|
||||
\"publish\": true \
|
||||
}" > "${SECRET_PROJECT_ROOT}/build/deb_descriptor.json"
|
@ -0,0 +1,14 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
source "${SECRET_PROJECT_ROOT}/utils/build-utils.sh"
|
||||
|
||||
# Copying all the required files to the build directory:
|
||||
preinstall_files
|
||||
|
||||
# Building .rpm package:
|
||||
cd "$SCRIPT_DEST_DIR" && build_package "rpm"
|
||||
|
||||
# Cleaning up:
|
||||
clean_up_files && cd "${SECRET_PROJECT_ROOT}"
|
@ -0,0 +1,33 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
# Note that this file is created for test purposes:
|
||||
# 1. It runs inside the Docker container
|
||||
# 2. It does not use `sudo` or anything
|
||||
# 3. If you would like to install `.rpm` package on your system, see `Installation`
|
||||
|
||||
source "${SECRET_PROJECT_ROOT}/utils/build-utils.sh"
|
||||
|
||||
# This folder should contain just one .rpm file:
|
||||
RPM_FILE_LOCATION=$(locate_rpm)
|
||||
|
||||
|
||||
# Integration tests
|
||||
function integration_tests {
|
||||
# Installing the package:
|
||||
dnf install -y "$RPM_FILE_LOCATION"
|
||||
|
||||
# Testing the installation:
|
||||
dnf info "git-secret"
|
||||
which "git-secret"
|
||||
|
||||
# Test the manuals:
|
||||
man --where "git-secret" # .7
|
||||
man --where "git-secret-init" # .1
|
||||
}
|
||||
|
||||
integration_tests
|
||||
|
||||
# Unit tests:
|
||||
source "${SECRET_PROJECT_ROOT}/utils/tests.sh"
|
@ -0,0 +1,30 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
|
||||
source "${SECRET_PROJECT_ROOT}/utils/build-utils.sh"
|
||||
|
||||
# Variables, which will be used in `bintray.json`:
|
||||
SCRIPT_VERSION=$(bash ${PWD}/git-secret --version)
|
||||
RELEASE_DATE=$(date +%Y-%m-%d)
|
||||
|
||||
# add `\"override\": 1 \` into the `matrixParams`, if needed:
|
||||
echo "{ \
|
||||
\"package\": { \
|
||||
\"name\": \"git-secret\", \
|
||||
\"repo\": \"rpm\", \
|
||||
\"subject\": \"sobolevn\" \
|
||||
}, \
|
||||
\"version\": {
|
||||
\"name\": \"${SCRIPT_VERSION}\", \
|
||||
\"desc\": \"Version ${SCRIPT_VERSION}\", \
|
||||
\"released\": \"${RELEASE_DATE}\", \
|
||||
\"vcs_tag\": \"v${SCRIPT_VERSION}\", \
|
||||
\"gpgSign\": true \
|
||||
}, \
|
||||
\"files\": [{ \
|
||||
\"includePattern\": \"build/buildroot/(.*\.rpm)\", \
|
||||
\"uploadPattern\": \"/git-secret-${SCRIPT_VERSION}-1.noarch.rpm\"
|
||||
}], \
|
||||
\"publish\": true \
|
||||
}" > "${SECRET_PROJECT_ROOT}/build/rpm_descriptor.json"
|
@ -0,0 +1,9 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# `SECRET_PROJECT_ROOT` must be set before running the script.
|
||||
|
||||
set -e
|
||||
|
||||
# Running all the bats-tests:
|
||||
cd "${SECRET_PROJECT_ROOT}"; rm -rf temp; mkdir temp; cd temp;
|
||||
bats "${SECRET_PROJECT_ROOT}/tests"
|
Loading…
Reference in New Issue