Merge branch 'asmundg-x-update-gitignore'

Makefile

@@ -37,4 +37,8 @@ unlock:
 test:
 	echo "You don't want to run this."
 	exit 1
-	pkill gpg-agent ; rm -rf /tmp/tmp.* ; export PATH=/home/tlimoncelli/gitwork/blackbox/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin ; cd ~/gitwork/blackbox;tools/confidence_test.sh;ls -lad /home/tlimoncelli/.gnupg || true
+	pkill gpg-agent ; rm -rf /tmp/tmp.* ; \
+		export PATH=/home/tlimoncelli/gitwork/blackbox/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin ; \
+		cd ~/gitwork/blackbox ; \
+		tools/confidence_test.sh ; \
+		if [[ -e ~/.gnupg ]]; then echo ERROR: '~/.gnupg' should not exist ; false ; fi

bin/blackbox_register_new_file

@@ -8,10 +8,11 @@
 # to systems that need the plaintext (unencrypted) versions, run
 # blackbox_postdeploy.sh to decrypt all the files.
 
-# TODO(tlim): Add the unencrypted file to .gitignore
+# TODO(tlim): Add the unencrypted file to .hgignore
 
 set -e
 . _blackbox_common.sh
+_determine_vcs_base_and_type
 
 unencrypted_file=$(get_unencrypted_filename "$1")
 encrypted_file=$(get_encrypted_filename "$1")
@@ -45,6 +46,19 @@ if $SECRETSEXPOSED ; then
 else
   COMMIT_FILES="$BB_FILES $encrypted_file"
 fi
+
+# TODO(tlim): This should be moved to _blackbox_common.sh in a
+# VCS-independent way.
+IGNOREFILE=".${VCS_TYPE}ignore"
+if [[ $VCS_TYPE = 'git' ]]; then
+  ignored_file="$(echo "$unencrypted_file" | sed 's/^\([!#]\)/\\\1/')"
+  if ! grep -Fsx >/dev/null "$ignored_file" "$IGNOREFILE"; then
+    echo "$ignored_file" >>"$IGNOREFILE"
+    COMMIT_FILES="$COMMIT_FILES $IGNOREFILE"
+  fi
+  vcs_add "$IGNOREFILE"
+fi
+
 echo 'NOTE: "already tracked!" messages are safe to ignore.'
 vcs_add $BB_FILES $encrypted_file
 vcs_commit "registered in blackbox: ${unencrypted_file}" $COMMIT_FILES

tools/confidence_test.sh

@@ -52,6 +52,30 @@ function assert_file_group() {
     exit 1
   fi
 }
+function assert_line_not_exists() {
+  local target="$1"
+  local file="$2"
+  assert_file_exists "$file"
+  if grep -F -x -s -q >/dev/null "$target" "$file" ; then
+    echo "ASSERT FAILED: line '$target' should not exist in file $file"
+    echo ==== file contents: START "$file"
+    cat "$file"
+    echo ==== file contents: END "$file"
+    exit 1
+  fi
+}
+function assert_line_exists() {
+  local target="$1"
+  local file="$2"
+  assert_file_exists "$file"
+  if ! grep -F -x -s -q >/dev/null "$target" "$file" ; then
+    echo "ASSERT FAILED: line '$target' should not exist in file $file"
+    echo ==== file contents: START "$file"
+    cat "$file"
+    echo ==== file contents: END "$file"
+    exit 1
+  fi
+}
 
 make_tempdir test_repository
 cd "$test_repository"
@@ -210,13 +234,7 @@ rm secret.txt
 
 PHASE 'Bob removes alice.'
 blackbox_removeadmin alice@example.com
-if grep -xs >dev/null 'alice@example.com' keyrings/live/blackbox-admins.txt ; then
-  echo "ASSERT FAILED: alice@example.com should be removed from keyrings/live/blackbox-admins.txt"
-  echo ==== file start
-  cat keyrings/live/blackbox-admins.txt
-  echo ==== file end
-  exit 1
-fi
+assert_line_not_exists 'alice@example.com' keyrings/live/blackbox-admins.txt
 
 PHASE 'Bob reencrypts files so alice can not access them.'
 blackbox_update_all_files
@@ -266,6 +284,20 @@ assert_file_exists to/relsecrets.txt.gpg
 assert_file_md5hash to/relsecrets.txt "c47f9c3c8ce03d895b883ac22384cb67"
 cd ../..
 
+PHASE 'Bob enrolls !important!.txt'
+echo A very important file >'!important!.txt'
+blackbox_register_new_file '!important!.txt'
+assert_file_missing '!important!.txt'
+assert_file_exists '!important!.txt'.gpg
+assert_line_exists '\!important!.txt' .gitignore
+
+PHASE 'Bob enrolls #andpounds.txt'
+echo A very commented file >'#andpounds.txt'
+blackbox_register_new_file '#andpounds.txt'
+assert_file_missing '#andpounds.txt'
+assert_file_exists '#andpounds.txt'.gpg
+assert_line_exists '\#andpounds.txt' .gitignore
+
 # TODO(tlim): Add test to make sure that now alice can NOT decrypt.
 
 #
@@ -277,7 +309,7 @@ if [[ -e $HOME/.gnupg ]]; then
   exit 1
 fi
 
-find * -ls
+find .git?* * -type f -ls
 echo cd "$test_repository"
 echo rm "$test_repository"
 echo DONE.