[PATCH] Mult-repo support via submodules

Lenz Weber mail at lenzw.de
Sat Nov 26 14:52:59 CET 2016


I wrote something similar about a year ago, but I believe it required
less changes to pass.

You can look it up here:
https://lists.zx2c4.com/pipermail/password-store/2016-February/002099.html

Maybe it's worth taking a look at both and maybe even combining them? :)

Regards,
Lenz

Am 26.11.2016 um 07:47 schrieb Lance R. Vick:
> Posts come up very frequently with people coming up with various
> workarounds and hacks to support team workflows.
>
> This month there have already been two threads requesting solutions for this:
>
> https://lists.zx2c4.com/pipermail/password-store/2016-November/002463.html
> https://lists.zx2c4.com/pipermail/password-store/2016-November/002482.html
>
> For many it is necessary to maintain several passdb folders for
> personal, family, work, projects, etc. Maintaining this typically
> requires each of these with its own repo, users, and git origins.
>
> One could come up with custom scripts/wrappers to support this (and
> many do), but then those scripts must be signed and distributed and
> updated properly with all members in a group which makes adoption of
> pass that much more difficult. I feel this really should be solved in
> pass itself and clearly others agree.
>
> The pass maintainer has also expressed interest in in-tree solutions
> to this problem but the last submission attempt fizzled out.
>
> https://lists.zx2c4.com/pipermail/password-store/2015-April/001455.html
>
> ## Subtree Pattern ##
>
> Currently the only workflow I have found that is natively supported by
> pass today is using subtrees. I have been using the following approach
> for over a year with 3 repos and 2 teams.
>
> While it does work, it is fairly cumbersome.
>
> Setup:
>
> ```
> pass init ABCDE12345678901
> pass git init
> pass git remote add origin git at github.com:lrvick/passdb.git
> pass git remote add -f project git at github.com:project/passdb.git
> pass git remote add -f company git at github.com:company/passdb.git
> cd ~/.password-store
> git subtree add --prefix Project someproject master --squash
> git subtree add --prefix Company someproject master --squash
> ```
>
> Add/Edit
>
> ```
> pass generate Project/somepass 50
> pass rm Personal/somepass
> pass edit Work/somepass
> ```
>
> Sync to/from respective origins
>
> ```
> pass git subtree push origin master
> pass git subtree pull --prefix=Project project master --squash
> pass git subtree pull --prefix=Company company master --squash
> pass git subtree push --prefix=Project project master
> pass git subtree push --prefix=Company company master
> ```
>
> The above also has some particularly painful side effects when
> enforcing commit signing + upstream merges. In practice this has
> resulted in us having to tap a yubikey to sign once for every file in
> the repo...
>
>
> ## Submodule Pattern ##
>
> With the attached patch for submodule support the above could become
> substantially more manageable.
>
> Personal Setup:
>
> ```
> pass init ABCDE12345678901
> pass git init
> git remote add origin git at github.com:lrvick/passdb.git
> ```
>
> Existing shared repo setup:
>
> ```
> pass git submodule add git at github.com:project/passdb.git Project
> pass git submodule add git at github.com:work/passdb.git Work
> pass git submodule foreach "git checkout origin master"
> ```
>
> Add/Edit
>
> ```
> pass generate Project/somepass 50
> pass rm Personal/somepass
> pass edit Work/somepass
> ```
>
> Sync to/from respective origins
>
> ```
> pass git push
> pass git submodule foreach "git pull"
> pass git submodule foreach "git push"
> ```
>
> ## Design and Implementation ##
>
> This change makes `pass` commit to the innermost Git repository (as
> identified by the presence of a `.git` file/folder) that contains a
> file, when it is changed.
>
> It was designed to minimize the number of changes to `pass` and not
> break existing usages. A few extra tests have been supplied for the
> new workflow.
>
> Whenever a new commit is performed (upon add/edit/remove), `GIT_DIR`
> and `GIT_WORK_TREE` are set to the relevant directories.
>
> It is worth mentioning this patchset has already undergone a few
> rounds of testing, bug-fixing, and code review here:
>
> https://github.com/lrvick/password-store/pull/1
>
> More input (or a merge!) would be very appreciated.
>
>
>
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20161126/535ba50a/attachment.html>


More information about the Password-Store mailing list