Automatically export creators key to the store #2159
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes gopasspw#1919 RELEASE_NOTES=[ENHANCEMENT] Automatically export creators key to the store. Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
AnomalRoil
approved these changes
Mar 16, 2022
| @@ -120,7 +120,7 @@ func (s *Action) clone(ctx context.Context, repo, mount, path string) error { | |||
|
|
|||
| // make sure the parent directory exists. | |||
| if parentPath := filepath.Dir(path); !fsutil.IsDir(parentPath) { | |||
| if err := os.MkdirAll(parentPath, 0700); err != nil { | |||
| if err := os.MkdirAll(parentPath, 0o700); err != nil { | |||
There was a problem hiding this comment.
I'd argue that 0700 is already octal and the way we are used to see permission in the unix world.
There was a problem hiding this comment.
This is a gofumpt change. I don't have a strong opinion on this, but since we don't have strong community of "style reviewers" here I'd prefer to rely on automation as much as possible, i.e. follow the conventions that the tools suggest.
AnomalRoil
reviewed
Mar 16, 2022
Comment on lines
+203
to
+217
| var exported bool | ||
| if sub, err := s.Store.GetSubStore(mount); err == nil { | ||
| debug.Log("exporting public keys: %v", idSet.Elements()) | ||
| exported, err = sub.ExportMissingPublicKeys(ctx, idSet.Elements()) | ||
| if err != nil { | ||
| debug.Log("failed to export missing public keys: %w", err) | ||
| } | ||
| } else { | ||
| debug.Log("failed to get sub store: %s", err) | ||
| } | ||
|
|
||
| out.Noticef(ctx, "Please ask the owner of the password store to add one of your keys: %s", strings.Join(idSet.Elements(), ", ")) | ||
| if exported { | ||
| out.Noticef(ctx, "The missing keys were exported to the password store. Run `gopass sync` to push them.") | ||
| } |
There was a problem hiding this comment.
That's a nice addition, especially for usage with age.
There was a problem hiding this comment.
Actually I did never test this with age. It should work, but ... 🤔
kpitt
pushed a commit
to kpitt/gopass
that referenced
this pull request
Jul 21, 2022
* Automatically export creators key to the store Fixes gopasspw#1919 RELEASE_NOTES=[ENHANCEMENT] Automatically export creators key to the store. Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Fix config tests Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1919
This will also automatically try to import a public key from the store if none is found. This makes it very convenient to add new recipients, but on the other hand this is might open a small attack vector if someone manages to inject their public key into the git repo and getting an existing member to add it to the recipients. But then on the other hand I wonder how carefully people examine imported GPG keys anyway.
RELEASE_NOTES=[ENHANCEMENT] Automatically export creators key to the
store. Change default for AutoImport to false.
Signed-off-by: Dominik Schulz dominik.schulz@gauner.org