init

Initialise a directory as an enc repo’s working tree stage. This directory may already be a git repo or may be empty (in which case it will be initialised to a git repo and then an enc repo’s working tree stage) Since this command uses ‘git init …’ under the hood hence all the ‘git init’ options are also valid for this command and can be provided after all the options for enc-init have been provided as needed. An enc repo has two counterparts as the:

1) Working tree stage: This stage contains files in their raw/original form and has every branch and commit in
naked form as well.

2) Process stage: This stage contains files, filenames, commit-messages, branch-names, tags etc. in scrambled
and/or encrypted state. Manual changes to this stage is highly discouraged as it may destroy the sanctity of
underlying git history. This is the stage that eventually gets pushed to a remote encrypted repo.

usage: enc init [-h] [-v | -q] -s SEED -k KEY_FILE [--config-version {v0}] [-f] [--disable-cleanup] encrypt_directory

Positional Arguments

encrypt_directory

The directory where this enc repo’s process stage will be initialised. This directory will be created and must not exist already.

Named Arguments

-v, --verbose

Specify verbosity level as -v, -vv or -vvv.

By default the VCS (Git) or OS call command logs are always displayed. For more fine grain tuning on the verbosity of logs use: -v to show INFO logs additionally. -vv to show INFO and DEBUG logs additionally. -vvv to show INFO, DEBUG and TRACE logs, this level also enables exception tracebacks.

-q, --quiet

Quiet logs as -q, -qq or -qqq.

By default the VCS (Git) or OS call command logs are always displayed. For more fine grain tuning on quietness of logs use: -q to Disable VCS (git) or OS call command logs and WARNINGS; ERROR and FATAL will still show. -qq to Additionally disable ERRORS; FATAL logs will still show. -qqq to Disable full logging.

-s, --seed

seed to be used for encryption.

-k, --key-file

Path to the key file. This file is used as a key/passphrase file to encrypt and decrypt the .enc/.config for further usage. Only readable files will be accepted. Since ‘-’ as a filename opens <stdin> and because we want to store the key-file for later use hence ‘-’ as a filename is not accepted. Likewise, Directories are also not accepted.

--config-version

Possible choices: v0

config version for this enc repo, defaults to ‘v0’ if not provided

Default: v0

-f, --force

force initialise the process stage. This is not the default behavior and providing this flag indicates enc-init to reinitialise the .enc/.config as well as .enc/local.config in this repo’s working tree stage.

Default: False

--disable-cleanup

Disable cleanup if the command fails. This is not the default behavior.

On failure enc-init deletes the created process-stage and cleans up the populated working-tree. This action will not happen if –disable-cleanup is supplied.

Default: False

Currently only current directory can be initialised

Examples

Normal run

Always takes current directory as the working tree. This is done so that all the commands (atleast) in v0 will always run only on the working-tree root. This is decided to reduce vcs complications at a later stage.

enc init {non_existing_process_stage} -k {key_file}

EncInitCLITest(command).run()

Does not accept existing process stage or encrypt directory

This is done because an existing process-stage may or may-not be empty which can result in potential complications in directory and vcs management in the future. A path to non-existing process-stage must be provided which will then be created and initialised.

enc init {process_stage} -k {non_existing_key_file}

EncInitCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

Does not accept non-existing key files

Absent key files obviously do not provide any keys which will disallow encryption/decryption of the vcs tree.

enc init {non_existing_process_stage} -k {non_existing_key_file}

EncInitCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

Does not accept key files from stdin

- argument to -k/–key-file instructs program to read key-file from stdin and since key-file details are later required for encryption and hence - is disallowed as an input value for -k/–key-file.

enc init {non_existing_process_stage} -k -

EncInitCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

Does not accept unregistered config-versions

Only registered config-version:

1. v0 (default)

can be supplied.

enc init {non_existing_process_stage} --config-version unregistered -k {key_file}

EncInitCLITest(command).exits_with_err_code(ENC_ERR_INVALID_USAGE)

Force mode enables reinitialisation of enc directory

Enable force initialisation of the working tree. If working tree already has a .git and .enc directory then that means it was previously enc-initialised and enc-init will not reinitialise the enc-repo. To enable force reinitialisation use the -f flag.

enc init {gen_non_existing_process_stage} -k {key_file} -f

with TemporaryDirectory() as root_dir:
    EncInitCLITest(command.replace(f"-{ENC_INIT_FORCE_SHRT_OPT}", "").replace(f"--{ENC_INIT_FORCE_LNG_OPT}", "")).run_with_root(root_dir)   # remove force and initialise enc repo
    EncInitCLITest(command).run_with_root(root_dir, exist_ok=True)  # reinitialise with force=True

Command text in {} such as {non_existing_process_stage} and {key_file} are test fixtures. Check them out at ../_static/enc-cli-help.md.