Commit 8fe9519e authored by Xueshan Feng's avatar Xueshan Feng
Browse files

initial revision.

parents
#!/bin/bash
#
# Run "git-crypt unlock" with in-repo gpg key, for cloned repo and all submodules in the repo.
# Assuming this repo and all submodule repos are encrypted with your same gpg keyid.
# If a file name is given at the command line, decrypt this repo using the given symmetric key.
#
# Author: sfeng@stanford.edu
# Date: Sun Apr 17 18:03:13 PDT 2016
function abort() {
[ -n "$@" ] && { echo "abort: $@"; exit 1; }
}
function skip() {
[ -n "$@" ] && echo "skip: $@";
}
function verify_gpg_passphrase() {
echo "Enter the passphrase that will be used to decrypt all in-repo gpg encrypted files, including submodule repos."
echo "Enter passphrase:"
read -s passphrase
[ -z "$passphrase" ] && abort "Empty passphrase"
# Try to decrypt the top level, if not successful, exit
userids=$(gpg --list-keys | grep pub | grep -oE "/(\w+) " | tr '/' ' ')
foundkey=1
echo "test" > /tmp/gpg_test.in
for i in $userids
do
echo $passphrase | \
gpg -q --sign --local-user $i --passphrase-fd 0 --output /dev/null --yes /tmp/gpg_test.in && \
echo "The correct passphrase was entered for $i" && foundkey=0 && break
done
}
# MAIN
if [ -z $1 ];
then
verify_gpg_passphrase
[ $foundkey -ne 0 ] && abort "Unable to decrypt."
else
keyfile=".git-crypt/keys/$1"
[ ! -f $keyfile ] && abort "unable to read $keyfile."
fi
modules=$(git submodule status)
[ -z "$modules" ] && abort "No submodules"
git submodule status | while read i
do
m=$(echo $i | cut -d' ' -f2)
if echo $i | grep ^- > /dev/null 2>&1 ;
then
skip "Skipping $m; Please update module with: git submodule init $m && git submodule update $m."
continue
else
( echo "Checking out $i master branch"
cd $m
git checkout master
if [ ! -z $keyfile ];
then
git-crypt unlock $keyfile
else
expect <<EOF
spawn git-crypt unlock
expect "Enter passphrase:"
send "$passphrase\r";
expect eof
EOF
fi
)
fi
done
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment