With git push and pull dependent on PASSWORD_STORE_GIT_PUSH and _PULL
being set, defaults to not automatic. And the fix for git clone is
still there. Plus doc changes.
diff --git a/man/pass.1 b/man/pass.1
index 01a3fbe..4376bfc 100644
--- a/man/pass.1
+++ b/man/pass.1
@@ -48,8 +48,8 @@ description using \fBinit\fP and
.BR git (1).
The \fBinit\fP command must be run before other commands in order to
initialize
-the password store with the correct gpg key id. Passwords are encrypted
using
-the gpg key set with \fBinit\fP.
+the password store with the correct gpg key id unless you plan to clone
a git
+repository. Passwords are encrypted using the gpg key set with \fBinit\fP.
There is a corresponding bash completion script for use with tab
completing
password names in
@@ -71,8 +71,9 @@ is recommended so that the batch decryption does not
require as much user
intervention. If \fI--path\fP or \fI-p\fP is specified, along with an
argument,
a specific gpg-id or set of gpg-ids is assigned for that specific sub
folder of
the password store. If only one \fIgpg-id\fP is given, and it is an
empty string,
-then the current \fI.gpg-id\fP file for the specified \fIsub-folder\fP
(or root if
-unspecified) is removed.
+then the current \fI.gpg-id\fP file for the specified \fIsub-folder\fP
(or root
+if unspecified) is removed. Do not use this option if you plan to clone
from a
+remote git repository.
.TP
\fBls\fP \fIsubfolder\fP
List names of passwords inside the tree at
@@ -168,7 +169,11 @@ in addition to initializing the git repository, add
the current contents of the
store to the repository in an initial commit. If the git config key
\fIpass.signcommits\fP
is set to \fItrue\fP, then all commits will be signed using
\fIuser.signingkey\fP or the
default git signing key. This config key may be turned on using:
-.B `pass git config --bool --add pass.signcommits true`
+\fB `pass git config --bool --add pass.signcommits true`\fP. If the
first of
+\fIgit-command-args\fP is \fBclone\fP, clone the provided git URL. The
+environment variables \fIPASSWORD_STORE_GIT_PUSH\fP and
+\fIPASSWORD_STORE_GIT_PULL\fP can be set to "true" to specify that a
git pull is
+done before commits and a git push is done after commits.
.TP
\fBhelp\fP
Show usage message.
@@ -387,6 +392,20 @@ Total 7 (delta 0), reused 0 (delta 0)
.br
To kexec.com:pass-store
+.B zx2c4@desktop ~ $ pass git clone kexec.com:pass-store
+.br
+Cloning into '/Users/zx2c4/.password-store'...
+.br
+remote: Counting objects: 101, done.
+.br
+remote: Compressing objects: 100% (97/97), done.
+.br
+remote: Total 101 (delta 30), reused 0 (delta 0)
+.br
+Receiving objects: 100% (101/101), 21.85 KiB | 1.99 MiB/s, done.
+.br
+Resolving deltas: 100% (30/30), done.
+
.SH FILES
.TP
@@ -459,6 +478,14 @@ upper-case fingerprint in this variable. If
multiple fingerprints are specified,
separated by a whitespace character, then signatures must match at
least one.
The \fBinit\fP command will keep signatures of \fB.gpg-id\fP files up
to date.
.TP
+.I PASSWORD_STORE_GIT_PULL
+This environment variable must be set to "true" for git pull to
automatically
+run before a commit.
+.TP
+.I PASSWORD_STORE_GIT_PUSH
+This environment variable must be set to "true" for git push to
automatically
+run after a commit.
+.TP
.I EDITOR
The location of the text editor used by \fBedit\fP.
.SH SEE ALSO
diff --git a/src/password-store.sh b/src/password-store.sh
index d89d455..efbdf5e 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -19,6 +19,8 @@ CLIP_TIME="${PASSWORD_STORE_CLIP_TIME:-45}"
GENERATED_LENGTH="${PASSWORD_STORE_GENERATED_LENGTH:-25}"
CHARACTER_SET="${PASSWORD_STORE_CHARACTER_SET:-[:graph:]}"
CHARACTER_SET_NO_SYMBOLS="${PASSWORD_STORE_CHARACTER_SET_NO_SYMBOLS:-[:alnum:]}"
+GIT_PUSH=0; [[ "$PASSWORD_STORE_GIT_PUSH" =~ ^[YyTt1] ]] && GIT_PUSH=1
+GIT_PULL=0; [[ "$PASSWORD_STORE_GIT_PULL" =~ ^[YyTt1] ]] && GIT_PULL=1
export GIT_CEILING_DIRECTORIES="$PREFIX/.."
@@ -43,7 +45,10 @@ git_commit() {
local sign=""
[[ -n $INNER_GIT_DIR ]] || return
[[ $(git -C "$INNER_GIT_DIR" config --bool --get pass.signcommits)
== "true" ]] && sign="-S"
+ local remote=$(git -C "$INNER_GIT_DIR" remote -v)
+ [[ "$remote" ]] && (( "$GIT_PULL" )) && git -C "$INNER_GIT_DIR" pull
git -C "$INNER_GIT_DIR" commit $sign -m "$1"
+ [[ "$remote" ]] && (( "$GIT_PUSH" )) && git -C "$INNER_GIT_DIR" push
}
yesno() {
[[ -t 0 ]] || return 0
@@ -641,6 +646,8 @@ cmd_git() {
git_add_file .gitattributes "Configure git repository for gpg
file diff."
git -C "$INNER_GIT_DIR" config --local diff.gpg.binary true
git -C "$INNER_GIT_DIR" config --local diff.gpg.textconv "$GPG
-d ${GPG_OPTS[*]}"
+ elif [[ $1 == "clone" ]]; then
+ git "$@" "$PREFIX"
elif [[ -n $INNER_GIT_DIR ]]; then
tmpdir nowarn #Defines $SECURE_TMPDIR. We don't warn, because
at most, this only copies encrypted files.
export TMPDIR="$SECURE_TMPDIR"
On 1/6/19 7:11 AM, Saeed Rasooli wrote:
I disagree with auto-push too (unless enabled explicitly with an
environment variable). For example if the remote git repo is encrypted
on server-side (something like git-remote-gcrypt), then git push
becomes slow. You may even want to push to a local storage device that
is not always plugged in. Or you are keeping your passwords in another
bigger repo along with some other things you want to synchronize.
There are many more cases that you don't want to have auto-push (or
maybe even auto-commit).
Afterall this is Linux, and we never want to loose the flexibility of
Linux.
On Sun, Jan 6, 2019, 5:36 PM Tinu Weber <tak...@bluewin.ch
<mailto:tak...@bluewin.ch> wrote:
On Sat, Jan 05, 2019 at 21:24:10 -0800, Pass Word wrote:
> This patch adds git pull before commit and push after if a
remote exists.
The main appeal of pass for me is that it keeps things relatively
simple. And for me "simple" means: I don't expect a `git commit` to
automagically interact with a remote; these are two distinct
things that
should IMHO not be mixed up.
If anything, I would make this optional at least.
Best,
Tinu
_______________________________________________
Password-Store mailing list
Password-Store@lists.zx2c4.com <mailto:Password-Store@lists.zx2c4.com>
https://lists.zx2c4.com/mailman/listinfo/password-store
_______________________________________________
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store
_______________________________________________
Password-Store mailing list
Password-Store@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/password-store
