Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrate with git support #14

Open
mdellweg opened this issue Nov 5, 2017 · 8 comments
Open

Integrate with git support #14

mdellweg opened this issue Nov 5, 2017 · 8 comments

Comments

@mdellweg
Copy link
Owner

mdellweg commented Nov 5, 2017

Secrets, as well as metadata should be subject to git operation if configured.
@mdellweg mdellweg mentioned this issue Dec 5, 2021
Closed
@3nprob
Copy link

3nprob commented Mar 21, 2022

Could you elaborate on this issue - how would it work in difference compared to how it's working today?

Does it refer to the password-store folder being a git repo? Just like for pass/gopass, that should already work fine, managed outside of pass_secret_service. What is the requirement for this feature to be considered done?

@3nprob 3nprob mentioned this issue Mar 21, 2022
Merged
@mdellweg
Copy link
Owner Author

This tool creates supplemental file to the usual pass operation (.aliases; *.properties). We need to ensure that these are part of git commits created by pypass for the corresponding password entries.

@3nprob
Copy link

3nprob commented Mar 21, 2022
edited
Loading

Ah, right. Would the below be an accurate description of desired behavior?

When pass_secret_service adds a new file to the password store, or makes changes to an existing file, invoke pypass git add $FILE, followed by pypass git commit. This behavior should be optional and opt-in through configuration.

@mdellweg
Copy link
Owner Author

It should be autodetected based on the password store in use being "git aware".

@Thaodan
Copy link

Thaodan commented Sep 8, 2022

This tool creates supplemental file to the usual pass operation (.aliases; *.properties). We need to ensure that these are part of git commits created by pypass for the corresponding password entries.

Should those go into the password metadata? Similar things were done for browser extensions.

@michaelk83
Copy link

Aliases are not associated with any particular password, so can't go there. Properties, assuming he means Secret Service's lookup attributes, may fit into metadata, but they're usually not meant to be encrypted (I'm not sure if metadata is or not). They're primarily intended for password lookups.
https://specifications.freedesktop.org/secret-service/latest/ch04.html
https://specifications.freedesktop.org/secret-service/latest/ch05.html

@Thaodan
Copy link

Thaodan commented Sep 8, 2022 via email

@michaelk83
Copy link

The Secret Service API allows an arbitrary set of lookup attributes to be associated with each password, where each attribute is a key-value pair. So I don't think the filesystem path is enough for this. But this begins to enter implementation details specific to this particular adapter service, which I'm less familiar with. Keep in mind that client applications talking to the Secret Service API are not aware which backend is being used, or how it works. They only know the API specification.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Thaodan @michaelk83 @mdellweg @3nprob