zemuldo/git-crypt-unlock

Git-crypt unlock in custom path?

Opened this issue · 3 comments

ashutoshsaboo commented

Hey @zemuldo thanks for creating this! I have a use-case where i checkout a repo inside a folder under root - say folder/. So the dir structure in github action HOME dir looks something like this:

GITHUB_ACTION_HOME:
    - folder (folder is not a git repo)
          - git repo (which consists of secret that needs to be unlocked)

I tried cd'ing into folder before calling this action, for git-crypt-unlock to run. However i'm getting this error:

fatal: not a git repository (or any parent up to mount point /github)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).
git-crypt: Error: 'git status' failed - is this a Git repository?

I was previously getting the same error when I was not cd'ing into folder before calling this action, so then it was understandable. But after being in the correct path as well, it gives the exact same error as earlier. Is this a bug? Can you please help what can be done here to fix this? @zemuldo

zemuldo commented

Let me try and reproduce the scenario and see the fix or workaround.

ashutoshsaboo commented

Thanks @zemuldo , lmk what you find!

ashutoshsaboo commented

I figured out @zemuldo what was going wrong, so looks like GH Action doesn't retain (even if you cd in a previous step) pwd for the next dir. i.e, if you cd into folder/repo/ in step 1 and in step 2 try to git-crypt-unlock it won't work (since in step2 the pwd would be back set to ~/, i.e, home dir containing folder/ in the dir structure that I mentioned below. Because of this you need to cd manually into that path again, and then call git-crypt-unlock. (I wouldn't have presumed this - seems like a very weird limitation of github actions (or not sure, maybe I'm doing something wrong here?)!)

Unfortunately, that is not possible with this action at all - since it requires running a bash command before executing this github action. (since cd can be done only in a step before the step where this action would be invoked). I think this is the bug here, maybe you might have to vend out a custom path param which users can pass (optional param), and then your action would have to cd into that path and then only invoke git-crypt-unlock. That should fix it I think! @zemuldo

See this comment here - sliteteam/github-action-git-crypt-unlock#14 (comment) . I manually invoked git-crypt commands after cd'ing into the correct dir in the same step (i.e, without this action) on ubuntu github action runner and it works seamlessly.