Support `git diff` and `git log` via `.gitattributes`

[sobolevn]

It is possible to configure standard git commands to use custom plugin's logic. We need a note in the docs about that.

[cupen]

A tool similar as git secret cat a/full/path/to/file could be works with git diff. But git secret cat does'nt work in my case.

here is my .git/config and .gitattributes.

echo "*.secret diff=secret merge=secret" >  .gitattributes
git config diff.secret.textconv       "git secret cat"
git config diff.secret.cachetextconv  "false"

run git diff

gpg: can't open '/home/cupen/workbench/repos/badwords//tmp/FWIcAl___skip__.txt.secret': No such file or directory
gpg: decrypt_message failed: No such file or directory
git-secret: abort: problem decrypting file with gpg: exit code 2: /home/cupen/workbench/repos/badwords//tmp/FWIcAl___skip__.txt.secret
fatal: unable to read files to diff

[jpbochi]

FWIW, transcrypt supports that. See https://github.com/elasticdog/transcrypt#designate-a-file-to-be-encrypted. I'm posting it here as a possible source for inspiration, not as a promotion of it.

[icy]

FWIW, transcrypt supports that. See https://github.com/elasticdog/transcrypt#designate-a-file-to-be-encrypted. I'm posting it here as a possible source for inspiration, not as a promotion of it.

There is also sops, though there is an issue https://github.com/mozilla/sops/issues/666 fyi

[jpbochi]

I managed to make git diff work by calling gpg directly. This is what I did:

echo "*.secret diff=gpg" > .gitattributes
git config --local diff.gpg.textconv 'gpg --decrypt 2> /dev/null'

This works because the secret files are raw gpg-encrypted messages.