Blackbox should work with Windows better WRT crlf.
This commit is contained in:
Tom Limoncelli
110
README.md
110
README.md
@@ -14,24 +14,25 @@ Table of Contents
|
||||
- [Table of Contents](#table-of-contents)
|
||||
- [Overview](#overview)
|
||||
- [Why is this important?](#why-is-this-important)
|
||||
- [Installation Instructions:](#installation-instructions)
|
||||
- [Commands:](#commands)
|
||||
- [Compatibility:](#compatibility)
|
||||
- [Installation Instructions](#installation-instructions)
|
||||
- [Commands](#commands)
|
||||
- [Compatibility](#compatibility)
|
||||
- [How is the encryption done?](#how-is-the-encryption-done)
|
||||
- [What does this look like to the typical user?](#what-does-this-look-like-to-the-typical-user)
|
||||
- [How to use the secrets with Puppet?](#how-to-use-the-secrets-with-puppet)
|
||||
- [Entire files:](#entire-files)
|
||||
- [Small strings:](#small-strings)
|
||||
- [Entire files](#entire-files)
|
||||
- [Small strings](#small-strings)
|
||||
- [How to enroll a new file into the system?](#how-to-enroll-a-new-file-into-the-system)
|
||||
- [How to remove a file from the system?](#how-to-remove-a-file-from-the-system)
|
||||
- [How to indoctrinate a new user into the system?](#how-to-indoctrinate-a-new-user-into-the-system)
|
||||
- [How to remove a user from the system?](#how-to-remove-a-user-from-the-system)
|
||||
- [Enabling Blackbox For a Repo](#enabling-blackbox-for-a-repo)
|
||||
- [Set up automated users or “role accounts”](#set-up-automated-users-or-role-accounts)
|
||||
- [Replace expired keys:](#replace-expired-keys)
|
||||
- [Some common errors:](#some-common-errors)
|
||||
- [Replace expired keys](#replace-expired-keys)
|
||||
- [Some common errors](#some-common-errors)
|
||||
- [Using Blackbox on Windows](#using-blackbox-on-windows)
|
||||
- [Using Blackbox without a repo](#using-blackbox-without-a-repo)
|
||||
- [Some Subversion gotchas:](#some-subversion-gotchas)
|
||||
- [Some Subversion gotchas](#some-subversion-gotchas)
|
||||
- [How to submit bugs or ask questions?](#how-to-submit-bugs-or-ask-questions)
|
||||
- [Developer Info](#developer-info)
|
||||
- [Alternatives](#alternatives)
|
||||
@@ -60,8 +61,8 @@ NOT SO OBVIOUSLY when we store "secrets" in a VCS repo like Git or Mercurial, su
|
||||
|
||||
The ability to be open and transparent about our code, with the exception of a few specific files, is key to the kind of collaboration that DevOps and modern IT practitioners need to do.
|
||||
|
||||
Installation Instructions:
|
||||
==========================
|
||||
Installation Instructions
|
||||
=========================
|
||||
|
||||
- *The MacPorts Way*: `sudo port install vcs_blackbox`
|
||||
- *The Homebrew Way*: `brew install blackbox`
|
||||
@@ -72,8 +73,8 @@ Installation Instructions:
|
||||
- *The Antigen Way*: Add `antigen bundle StackExchange/blackbox` to your .zshrc
|
||||
- *The Zgen Way*: Add `zgen load StackExchange/blackbox` to your .zshrc where you're loading your other plugins.
|
||||
|
||||
Commands:
|
||||
=========
|
||||
Commands
|
||||
========
|
||||
|
||||
| Name: | Description: |
|
||||
|-------------------------------------|-------------------------------------------------------------------------|
|
||||
@@ -95,8 +96,8 @@ Commands:
|
||||
| `blackbox_update_all_files` | Decrypt then re-encrypt all files. Useful after keys are changed |
|
||||
| `blackbox_whatsnew <file>` | show what has changed in the last commit for a given file |
|
||||
|
||||
Compatibility:
|
||||
==============
|
||||
Compatibility
|
||||
=============
|
||||
|
||||
Blackbox automatically determines which VCS you are using and does the right thing. It has a plug-in architecture to make it easy to extend to work with other systems. It has been tested to work with many operating systems.
|
||||
|
||||
@@ -109,33 +110,64 @@ Blackbox automatically determines which VCS you are using and does the right thi
|
||||
- Operating system
|
||||
- CentOS / RedHat
|
||||
- MacOS X
|
||||
- Cygwin (Thanks, Ben Drasin!)
|
||||
- Cygwin (Thanks, Ben Drasin!) **See Note Below**
|
||||
- MinGW (git bash on windows) **See Note Below**
|
||||
|
||||
To add or fix support for a VCS system, look for code at the end of `bin/_blackbox_common.sh`
|
||||
|
||||
To add or fix support for a new operating system, look for the case statements in `bin/_blackbox_common.sh` and `bin/_stack_lib.sh` and maybe `tools/confidence_test.sh`
|
||||
|
||||
Note: Cywin support requires the following packages:
|
||||
Using Blackbox on Windows
|
||||
=========================
|
||||
|
||||
- Normal operation:
|
||||
- gnupg
|
||||
- git or mercurial or subversion or perforce (as appropriate)
|
||||
- Development (if you will be adding code and want to run the confidence test)
|
||||
- procps
|
||||
- make
|
||||
- git (the confidence test currently only tests git)
|
||||
Blackbox can be used with Cygwin or MinGW.
|
||||
|
||||
### Protect the line endings
|
||||
|
||||
Blackbox assumes that `blackbox-admins.txt` and `blackbox-files.txt` will have
|
||||
LF line endings. Windows users should be careful to configure Git or other systems
|
||||
to not convert or "fix" those files.
|
||||
|
||||
If you use Git, add the following lines to your `.gitattributes` file:
|
||||
|
||||
**/blackbox-admins.txt text eol=lf
|
||||
**/blackbox-files.txt text eol=lf
|
||||
|
||||
The latest version of `blackbox_initialize` will create a `.gitattributes` file in the `$BLACKBOXDATA`
|
||||
directory (usually `keyrings/live`) for you.
|
||||
|
||||
### Cygwin
|
||||
|
||||
Cygwin support requires the following packages:
|
||||
|
||||
Normal operation:
|
||||
|
||||
- gnupg
|
||||
- git or mercurial or subversion or perforce (as appropriate)
|
||||
|
||||
Development (if you will be adding code and want to run the confidence test)
|
||||
|
||||
- procps
|
||||
- make
|
||||
- git (the confidence test currently only tests git)
|
||||
|
||||
### MinGW
|
||||
|
||||
MinGW (comes with Git for Windows) support requires the following:
|
||||
|
||||
Normal operation:
|
||||
|
||||
- [Git for Windows](https://git-scm.com/) (not tested with Mercurial)
|
||||
- Git Bash MINTTY returns a MinGW console. So when you install make sure you pick `MINTTY` instead of windows console. You'll be executing blackbox from the Git Bash prompt.
|
||||
- You need at least version 2.8.1 of Git for Windows.
|
||||
- [GnuWin32](https://sourceforge.net/projects/getgnuwin32/files/) - needed for various tools not least of which is mktemp which is used by blackbox
|
||||
- after downloading the install just provides you with some batch files. Because of prior issues at sourceforge and to make sure you get the latest version of each package the batch files handle the brunt of the work of getting the correct packages and installing them for you.
|
||||
- from a **windows command prompt** run `download.bat` once it has completed run `install.bat` then add the path for those tools to your PATH (ex: `PATH=%PATH%;c:\GnuWin32\bin`)
|
||||
|
||||
Development:
|
||||
|
||||
- unknown (if you develop Blackbox under MinGW, please let us know if any additional packages are required to run `make test`)
|
||||
|
||||
Note: MinGW (comes with Git for Windows) support requires the following additional installations
|
||||
- Normal operation:
|
||||
- [Git for Windows](https://git-scm.com/) (not tested with Mercurial)
|
||||
- Git Bash MINTTY returns a MinGW console. So when you install make sure you pick `MINTTY` instead of windows console. You'll be executing blackbox from the Git Bash prompt.
|
||||
- You need at least version 2.8.1 of Git for Windows.
|
||||
- [GnuWin32](https://sourceforge.net/projects/getgnuwin32/files/) - needed for various tools not least of which is mktemp which is used by blackbox
|
||||
- after downloading the install just provides you with some batch files. Because of prior issues at sourceforge and to make sure you get the latest version of each package the batch files handle the brunt of the work of getting the correct packages and installing them for you.
|
||||
- from a **windows command prompt** run `download.bat` once it has completed run `install.bat` then add the path for those tools to your PATH (ex: `PATH=%PATH%;c:\GnuWin32\bin`)
|
||||
- Development:
|
||||
- unknown
|
||||
|
||||
How is the encryption done?
|
||||
===========================
|
||||
@@ -568,8 +600,8 @@ rm -rf /tmp/NEWMASTER
|
||||
|
||||
Also shred any other temporary files you may have made.
|
||||
|
||||
Replace expired keys:
|
||||
=====================
|
||||
Replace expired keys
|
||||
====================
|
||||
|
||||
If any one admin's key expires, you can no longer encrypt files. You will need to replace the key and re-encrypt.
|
||||
|
||||
@@ -636,8 +668,8 @@ It's possible to tell Git to decrypt versions of the file before running them th
|
||||
|
||||
And now commands like `git log -p file.gpg` will show a nice log of the changes in the encrypted file.
|
||||
|
||||
Some common errors:
|
||||
===================
|
||||
Some common errors
|
||||
==================
|
||||
|
||||
`gpg: filename: skipped: No public key` -- Usually this means there is an item in `keyrings/live/blackbox-admins.txt` that is not the name of the key. Either something invalid was inserted (like a filename instead of a username) or a user has left the organization and their key was removed from the keychain, but their name wasn't removed from the blackbox-admins.txt file.
|
||||
|
||||
@@ -656,8 +688,8 @@ The following commands have been tested outside a repo:
|
||||
- `blackbox_edit_start`
|
||||
- `blackbox_edit_end`
|
||||
|
||||
Some Subversion gotchas:
|
||||
========================
|
||||
Some Subversion gotchas
|
||||
=======================
|
||||
|
||||
The current implementation will store the blackbox in `/keyrings` at the root of the entire repo. this will create an issue between environments that have different roots (ie, checking out `/` on development vs `/releases/foo` in production). To get around this, you can `export BLACKBOX_REPOBASE=/path/to/repo` and set a specific base for your repo.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user