AGWA
git-crypt unlock not working
Hi,
I try to decrypt a git-crypted file outside of git. We use symmetric en-/decryption with different keys. .gitattributes contains:
*dev_test.properties.enc filter=git-crypt-dev_test diff=git-crypt-dev_test
*dev_live.properties.enc filter=git-crypt-dev_live diff=git-crypt-dev_live
*prod_live.properties.enc filter=git-crypt-prod_live diff=git-crypt-prod_live
Folder looks like:
|-.gitattributes
|-application_credential_dev_live.properties.enc
|-application_credential_dev_test.properties.enc
|-application_credential_prod_live.properties.enc
I try to decrypt lets say the dev_test file with
git init
git-crypt unlock dev_test.key
As result I get:
fatal: You are on a branch yet to be born
Error: 'git checkout' failed
git-crypt has been set up but existing encrypted files have not been decrypted
I've executed openssl dgst -sha256 .git/git-crypt/keys/dev_test on both sides, the sh256 is the same ... do you've any idea?
fatal: You are on a branch yet to be born
Is the repo initialised correctly? What's the output of git status?
I see. I'm considering to start using it. Can I ask what the reason was, and what your alternative is?
We use plain openssl roughly like explained here: https://stackoverflow.com/questions/16056135/how-to-use-openssl-to-encrypt-decrypt-files
We trigger encryption / reencryption manually and git-ignore unencrypted files. On reencryption we respect file-timestamps, git-log (if available) & decrypted file-diff in order to reencrypt only if necessary.
git hocked trigger was not necessary for us.
But to be clear, even if we're not using gitcrypt any more, it was a good thing to try ... :-)