0

I am using mozilla/sops for encrypting and storing the secrets on git. They suggested a git diff filter to decrypt the data on git diff and it shows the actual diff of secret instead of diff of cipher-text.

I configured this git filter using following commands.

git config diff.sopsdiffer.textconv "sops --decrypt --config /dev/null"

and adjusted .gitattributes with *?.sops.yaml diff=sopsdiffer attributes.

This basically means for abc.sops.yaml file git diff will decrypt the file content and shows dif f of original secret.

Similarly, I want to use git grep to decrypt and search in the decrypted content. However it does not work.

I used following commands to configure git grep filter.

git config grep.sopsgrepper.textconv "sops --decrypt --config /dev/null | grep -"

and adjusted .gitattributes with *?.sops.yaml grep=sopsgrepper attributes.

I then tested it with git grep "secret_value".

Any help/hint would be appreciable. Thanks

jack_t
  • 145
  • 3
  • 9
  • There is a `diff=` in `.gitattributes` but there's no `grep=`. (You can set arbitrary junk to arbitrary values: if Git isn't using `nonsense`, the `nonsense=nothing` setting is just ignored.) That aside, `*?.sops.yaml` is an odd pattern: it means "any number of characters, followed by at least one of any character, followed by .sops.yaml" so it means you won't match `.sops.yaml`, but usually nobody cares whether you match the empty string here. It's not wrong, it's just odd. – torek Mar 17 '22 at 12:29
  • This pattern is intentional to avoid `.sops.yaml` file. – jack_t Mar 17 '22 at 12:36
  • Okay, I further probe into git-scm doc and realized there is is not `grep` filter driver for git. That means I cannot use the driver feature for `git grep ...` – jack_t Mar 17 '22 at 12:54
  • That's what I said, there's no `grep=` setting. – torek Mar 17 '22 at 13:03

1 Answers1

0

Okay, I further probed into git-scm doc and realized there is is not grep filter driver for git. That means I cannot use the driver filter for git grep ...

jack_t
  • 145
  • 3
  • 9