使用 git-crypt 加解密 Git 中的文件

1

❯ brew install git-crypt

1
2
3
4
5
6
7
8
9

❯ git-crypt init
Generating key...
❯ git-crypt export-key /Users/damonguo/Workspace/keys/git-crypt-v1.key
❯ diff .git/git-crypt/keys/default /Users/damonguo/Workspace/keys/git-crypt-v1.key

❯ echo "git-crypt/api.key filter=git-crypt diff=git-crypt" > .gitattributes
❯ git add .gitattributes
❯ git commit -m "feat: tell git-crypt to encrypt git-crypt/api.key"
❯ git push

1
2
3
4
5
6

❯ mkdir git-crypt
❯ echo "This is some text" > git-crypt/file.txt
❯ echo "dummy value" > git-crypt/api.key
❯ git add git-crypt
❯ git commit -m "feat: add git-crypt demo files"
❯ git push

1
2
3

❯ git-crypt status git-crypt
    encrypted: git-crypt/api.key
not encrypted: git-crypt/file.txt

1
2
3
4
5
6
7
8
9

❯ git-crypt lock
❯ file git-crypt/api.key
git-crypt/api.key: data

❯ git-crypt unlock /Users/damonguo/Workspace/keys/git-crypt-v1.key
❯ file git-crypt/api.key
git-crypt/api.key: ASCII text
❯ cat git-crypt/api.key
dummy value

1
2
3
4
5
6

❯ git-crypt unlock /Users/damonguo/Workspace/keys/git-crypt-v1.key
❯ rm -rf .git/git-crypt/keys
❯ git-crypt init
Generating key...
❯ git-crypt export-key /Users/damonguo/Workspace/keys/git-crypt-v2.key
❯ diff .git/git-crypt/keys/default /Users/damonguo/Workspace/keys/git-crypt-v2.key

1
2
3
4

❯ echo "new dummy value" > git-crypt/api.key
❯ git add git-crypt/api.key
❯ git commit -m "feat: update api.key with new git-crypt encryption key"
❯ git push