Unable to reference files in a sibling directory using `..`

Question

Unable to reference files in a sibling directory using `..`

jamesottaway opened this issue 4 years ago · comments

I have a repo with a shared secrets/ directory at the top-level, alongside many others. If I'm in one of the other directories I cannot, for example, blackbox_cat ../secrets/fake-secret.sh .gpg:

❯ ls -al ../secrets
.rw-rw-r-- 4.0k james 24 Apr 21:38 fake-secret.sh.gpg

❯ blackbox_cat ../secrets/fake-secret.sh.gpg
========== PLAINFILE "../secrets/fake-secret.sh"
ERROR: ../secrets/fake-secret.sh not found in /home/james/src/cosmos/keyrings/live/blackbox-files.txt
PWD=/home/james/src/cosmos/repro
Exiting...

I traced the problem to vcs_relative_path which doesn't try to resolve the ../ part of the relative path, meaning it doesn't exactly match the line in blackbox-files.txt. One solution would be to call realpath on the argument, but I'm not sure whether that's sufficiently cross-platform.

James Ottaway commented 4 years ago

Will do.

Tom Limoncelli · Answer 1 · Fri Apr 24 2020 21:35:58 GMT+0800 (China Standard Time)

Yeah, vcs_relative_path is pretty simplistic. realpath would be a solution but it isn't on macOS.

The workaround is to cd to the correct directory first.

I'd love a PR to fix this.

James Ottaway · Answer 2 · Sat Apr 25 2020 05:20:35 GMT+0800 (China Standard Time)

Which platforms does Blackbox support, so I can think of how to solve it for all?

James Ottaway · Answer 3 · Sat Apr 25 2020 10:13:44 GMT+0800 (China Standard Time)

Another related issue is that Blackbox can't refer to encrypted files using their absolute path, which I realised when trying to use that as a workaround for this issue.

~~If vcs_relative_path changes to resolve .. it's also probably worth changing it to strip $REPOBASE off the absolute path in order to match the relative path in blackbox-files.txt.~~

Upon closer inspection, I see that vcs_relative_path is doing this already, but only because it prefixes the argument with $PWD. As part of fixing the relative path resolution I think this will also make it work for absolute paths too.

Tom Limoncelli · Answer 4 · Thu Apr 30 2020 07:50:27 GMT+0800 (China Standard Time)

Hi @jamesottaway !

Sadly I had to revert 87b7cd0. "make test" fails. Can you take a look. A file at the base of the repo adds "/" to .gitignore instead of "/filename".

========== CREATED: secret.txt.gpg
========== UPDATING REPO:
NOTE: "already tracked!" messages are safe to ignore.
[master 67cf029] registered in blackbox: secret.txt
 3 files changed, 2 insertions(+)
 create mode 100644 secret.txt.gpg
========== UPDATING VCS: DONE
Local repo updated.  Please push when ready.
    git push
ASSERT FAILED: line '/secret.txt' should exist in file .gitignore
==== file contents: START .gitignore
/
/var/folders/qw/qp8v2j353wz7q57_jymyxj0h0000gn/T/SO.p8wByYEg
==== file contents: END .gitignore