Aneesh Bhasin venit, vidit, dixit 09.09.2011 12:50: > Hi Ted, > > > 2011/9/9 Ted Zlatanov <tzz@xxxxxxxxxxxx> >> >> I need to store some encrypted files in Git but for some clients with >> the right GPG keys, decrypt them on checkout (possibly also encrypt them >> back on commit, but that's not as important). >> >> diff doesn't have to work, this is just for convenience. Can Git do >> this (matching only .gpg files) or do I need my own command to run after >> the checkout/fetch and before commit? It seems pretty out of Git's >> scope but perhaps others have done this before. >> > > Have you looked at git hooks (e.g. here : http://progit.org/book/ch7-3.html). > > You could do the encryption/decryption in pre-commit and post-checkout > hooks scripts respectively... I'd recommend textconv for diffing and clean/smudge for plaintext checkout. That is, there are two convenient versions: A) Keep blobs and checkout encrypted - Use an editor which can encrypt/decrypt on the fly (e.g. vim) - Use "*.gpg diff=gpg" in your attributes and [diff "gpg"] textconv = gpg -d in your config to have cleartext diffs. Use cachetextconv with caution ;) B) Keep blobs encrypted, checkout decrypted - Use Use "*.gpg filter=gpg" in your attributes and [filter "gpg"] smudge = gpg -d clean = gpg -e -r yourgpgkey in your config. I use A on a regular basis. B is untested (but patterned after a similar gzip filter I use). You may or may not have better results with "gpg -ea". On clients without the keys, you can simply leave out the diff or filter config resp. set them to "cat". Michael -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html