Password-store git repository inference using symlinks

[chemmi at posteo.org]

Hi folks,

I use password store as my default password manager because it is super
easy to understand how passwords are stored and where the security
limitations lie. Although I have several projects which store
credentials, I want to manage them from a single point, but want to
store them near the project (e.g. in the assoicated git repo).

More verbose, I want to store secret data from a git-project in that
project repository and want to link it in my password-store.

So far I worked with symlinks from my .password-store to other password
stores (e.g. .password-store/proj1 -> .other-password-store) which
worked fine as long as the .other-password-store is the root of a git
repository. The right git repository has always been infered.

Today I got a problem with symlinking to a subfolder of a repository
(e.g. .password-store/proj2 -> proj2/proj2-password-store, where proj2
is a root of a git repository). The problem occurred when adding new
passwords to that "sub store", i.e. pass generate proj2/foo.

I expected pass to add that created foo.gpg to the proj2 git repository.
Instead, it could not infer the right repository and threw an error. It
turns out that git -C <bar> add <baz> does not work well with symlinks
in neither bar nor baz.

Thus, I would suggest to resolve all symlinks in the password-store bash
script before git actions. That would solve my problem.

Or does anyone here has a hint how I can approach the issue differently?

Thanks for you help!

Regards,
chemmi