| *.encrypted.* merge=sops |
install merge tool
sudo apt install git meld curlset like local script
git config --global merge.sops.driver "~/sops-merge-driver.sh %O %A %B %L %P"or set like remote script
git config --global merge.sops.driver "curl --silent https://gist.githubusercontent.com/pashamray/b0a4146f4ec1682a03fc34f8100ecd8d/raw/4e695daec31b16308f8ada9849957ae47d3efe97/sops-merge-driver.sh | bash -s -- %O %A %B %L %P"
set merge tool
git config --global merge.tool meld| #!/usr/bin/env bash | |
| # Exit on first error and verify variables have been set/passed via CLI | |
| set -e | |
| set -u | |
| #set -x # for debug | |
| # Rename our variables to friendlier equivalents | |
| # https://git-scm.com/docs/gitattributes#_defining_a_custom_merge_driver | |
| ancestor="$1" | |
| current="$2" | |
| other="$3" | |
| conflict_size_marker="$4" | |
| result="$5" | |
| basename=$(basename $result) | |
| tmp=$(mktemp -d) | |
| trap "rm -rf $tmp" EXIT | |
| # Resolve our default mergetool | |
| mergetool="$(git config --get merge.tool)" | |
| if test "$mergetool" = ""; then | |
| echo "No default \`merge.tool\` was set for \`git\`. Please set one via \`git config --set merge.tool <tool>\`" 1>&2 | |
| exit 1 | |
| fi | |
| # Decrypt our input files | |
| current_decrypted="$tmp/current.$basename" | |
| other_decrypted="$tmp/other.$basename" | |
| result_decrypted="$tmp/result.$basename" | |
| sops decrypt --filename-override "$result" "$ancestor" > "$result_decrypted" | |
| sops decrypt --filename-override "$result" "$current" > "$current_decrypted" | |
| sops decrypt --filename-override "$result" "$other" > "$other_decrypted" | |
| # Use our mergetool | |
| "$mergetool" "$current_decrypted" "$result_decrypted" "$other_decrypted" | |
| # Re-encrypt content | |
| sops encrypt --filename-override "$result" --output "$result" "$result_decrypted" |