Technotes for future me

Compare encrypted git files

git diff of encrypted files

vi ~/.gitconfig

[diff "gpg"]
     textconv = gpg --no-tty -q --decrypt
vi /<repo>/.gitattributes

*.gpg filter=gpg diff=gpg
*.asc filter=gpg diff=gpg

Ansible vault diff in Git

Normally, when you diff an Ansible vault, all you see is gibberish.

With Git, there’s an easy way to associate a textconv with files, so you can run the vaults through ansible-vault view prior to diffing.

Setup your textconv for vault files in either ~/.gitconfig (globally) or ./.git/config (per-project).

vi ~/.gitconfig

[diff "ansible-vault"]
     textconv = ansible-vault view
     cachetextconv = true

Then, either in ~/.config/git/attributes (globally) or in ./.gitattributes (per-project), configure your vault files to use the ansible-vault type.

# or *.vault.yml, or *-vault.yml, or whatever convention you use for vaults
vault.yml diff=ansible-vault

Now, git diff has a lot less gibberish.

Last updated on 31 Jan 2021
Published on 2 Nov 2020
Edit on GitHub