-
Notifications
You must be signed in to change notification settings - Fork 864
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mozilla SOPS is all fun and games until someone has to fix a merge conflict in an encrypted file 😂 #1117
Comments
One should rebase and modify the most up to date version before sending PR/merging. |
That's right. They would still need to fix the conflicts on their branch though and I don't think it would be able to be done like a conventional conflict fix. E.g. just editing the changes to select what to keep from theirs and mine will result in a broken file from a sops perspective. |
Maybe configuring git to show plaintext diff may be a solution? I never tried: https://github.com/mozilla/sops#showing-diffs-in-cleartext-in-git |
There's no conflict when you edit & apply your changes on top of the newest version of the sops file. |
I think the problem that @m0un10 was trying to describe (and I've hit as well is following situation:
In those situations what I had to do was to manually reapply all my original changes. Which was a PITA. I had to copy my original edits elsewhere and then copy-paste them back onto the edited file. I suppose that is what the question is about - is there a nicer/recommended workflow for dealing with this situation. |
Git should already mostly merge the two encrypted files (assuming you didn't modify entries next to each other, then you'll have to fix them up manually, but that's not sops specific). The only problem are the conflicts for |
Yeah, what you describe is what I meant as "manually reapplying". I suppose you are right that it's mostly just about removing the sops metadata pieces. The trouble was that the first time I encountered it, I didn't know about I guess it should be possible to have a git hook that would detect this situation and auto-resolve it. Or perhaps better for sops to detect git conflict strings and offer to resolve them in the way you describe. |
Any guidelines for handling this...
I can only think of two ways to prevent this...
Actually fixing the conflict will (presumably) involve decrypting both versions followed by creating a new version that merges both changes. Probably quite a bit of faffing about to do this.
Probably fair to say, it's all an edge case that is only really caused by bad practices but one thing for sure, it is certainly painful fixing merge conflicts in SOPS files.
The text was updated successfully, but these errors were encountered: