添加新成员接下来一起看看如何将新成员加入到 git-secret
make secret-add-user EMAIL="alice@example.com"$ make secret-add-user EMAIL="alice@example.com""C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="tell alice@example.com"git-secret: done. alice@example.com added as user(s) who know the secret.验证是否通过:
make secret-show-users$ make secret-show-users"C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="whoknows"alice@example.com添加和加密文件来添加一个新的加密文件 secret_password.txt,创建以下文件:
echo "my_new_secret_password" > secret_password.txt将其添加到 .gitignore
echo "secret_password.txt" >> .gitignore将其添加到 git-secret
make secret-add FILE="secret_password.txt"$ make secret-add FILE="secret_password.txt""C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="add secret_password.txt"git-secret: 1 item(s) added.加密所有文件:
make secret-encrypt$ make secret-encrypt"C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="hide"git-secret: done. 1 of 1 files are hidden.$ ls secret_password.txt.secretsecret_password.txt.secret解密文件首先移除 secret_password.txt文件,请运行:
rm secret_password.txt$ rm secret_password.txt$ ls secret_password.txtls: cannot access 'secret_password.txt': No such file or directory然后进行解密:
make secret-decrypt$ make secret-decrypt"C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="reveal -f"git-secret: done. 1 of 1 files are revealed.$ cat secret_password.txtmy_new_secret_password注意:如果 gpg 密钥受密码保护(假设密码是 123456) , 请运行以下命令:
make secret-decrypt-with-password GPG_PASSWORD=123456此外,还可以将 GPG_PASSWORD 变量加入.make/.env 文件作为本地默认值,这样就不用每次都指定该值 , 然后可以简单地运行以下命令而不传递 GPG_PASSWORD:
make secret-decrypt-with-password删除文件可以通过以下方式解密文件:移除之前添加的 secret-password.txt
make secret-remove FILE="secret_password.txt"$ make secret-remove FILE="secret_password.txt""C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="remove secret_password.txt"git-secret: removed from index.git-secret: ensure that files: [secret_password.txt] are now not ignored.注意:这里既不会自动删除 secret_password.txt 文件,也不会自动删除 secret_password.txt.secret 文件
$ ls -l | grep secret_password.txt-rw-r--r-- 1 Pascal 197121 3 月 31 日 19 日 14:03 secret_password.txt-rw-r--r-- 1 Pascal 197121 358 3 月 31 日 14:02 secret_password.txt.secret即使加密的 secret_password.txt 文件仍然存在,也不会被解密:
$ make secret-decrypt"C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="reveal -f"git-secret: done. 0 of 0 files are revealed.移除团队成员移除团队成员需要通过以下步骤:
make secret-remove-user EMAIL="alice@example.com"$ make secret-remove-user EMAIL="alice@example.com""C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="killperson alice@example.com"git-secret: removed keys.git-secret: now [alice@example.com] do not have an access to the repository.git-secret: make sure to hide the existing secrets again.如果团队中还有其他成员留下,需要确保再次加密机密文件:
make secret-encrypt如果该组已移除全部成员 , git-secret 就会报错:
$ make secret-decrypt"C:/Program Files/Git/mingw64/bin/make" -s git-secret ARGS="reveal -f"git-secret: abort: no public keys for users found. run 'git secret tell email@address'.make[1]: *** [.make/01-00-application-setup.mk:57: git-secret] Error 1make: *** [.make/01-00-application-setup.mk:69: secret-decrypt] Error 2恭喜你~现在你可以加密和解密机密文件,并存储在 Git 存储库中啦!
推荐阅读
- Vue中使用Switch开关用来控制商品的上架与下架情况、同时根据数据库商品的状态反应到前台、前台修改商品状态保存到数据库
- qq文件zip文件怎么打开(qq群文件zip下载不了)
- 赵云是死在什么地方的怎么死的(赵云晚年斩死4员大将)
- 5 10 15 20划拳怎么玩(划拳上下左右怎么玩)
- 原神圣金虫位置在哪些地方
- 原神赤念果在什么位置
- 荣耀平板v7pro和小米平板5哪个好_荣耀平板v7pro和小米平板5对比
- 桃花诺邓紫棋mp3下载 樱花诺邓紫棋含义
- zip文件在电脑上怎么打开(电脑下载zip怎么打开)
- 驱动开发:内核枚举LoadImage映像回调