Skip to content

Instantly share code, notes, and snippets.

@kntjspr

kntjspr/PUSH.sh

Last active November 27, 2025 13:35
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save kntjspr/c42cee2a3c79ead1a09ef75b887ac211 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save kntjspr/c42cee2a3c79ead1a09ef75b887ac211 to your computer and use it in GitHub Desktop.
Download ZIP
Copy files to PROD/DEV directory, encrypts and PUSH!!
Raw
PUSH.sh
#!/bin/bash
# THIS SCRIPT IS FOR PUSHINGGGGGGG!!
# ✅PUSHING SCRIPT
# ❌PULL❌
# Fix GPG signing in WSL
export GPG_TTY=$(tty)
# Parse command line arguments
RESET_FLAG=false
while getopts "r" opt; do
case $opt in
r)
RESET_FLAG=true
echo "🔄 Reset mode enabled - will reconfigure existing settings"
;;
\?)
echo "Usage: $0 [-r]"
echo " -r Reset mode: reconfigure all settings even if they exist"
exit 1
;;
esac
done
# Customize these variables
SRC="$(cd "$(dirname "$0")" && pwd)" # Source directory (script's directory)
DEFAULT_BRANCH="main" # Default branch name
REMOTE_NAME="prod" # Remote name (prod or dev)
CURRENT_DIR_NAME=$(basename "$PWD")
DEST="../$REMOTE_NAME/$CURRENT_DIR_NAME" # Destination repo directory
# Validate REMOTE_NAME
if [ "$REMOTE_NAME" != "prod" ] && [ "$REMOTE_NAME" != "dev" ]; then
echo "❌ Error: REMOTE_NAME must be either 'prod' or 'dev'"
echo " Current value: $REMOTE_NAME"
exit 1
fi
echo "✅ Using REMOTE_NAME: $REMOTE_NAME"
# Detect if running as root
if [ "$EUID" -eq 0 ]; then
echo "✅ Running as root"
SSH_DIR="/root/.ssh"
GPG_HOME="/root/.gnupg"
else
echo "⚠️ Not running as root. Switching to root for SSH/GPG setup..."
if [ "$RESET_FLAG" = true ]; then
exec sudo "$0" -r
else
exec sudo "$0"
fi
fi
echo "✅ Using SSH directory: $SSH_DIR"
echo "✅ Using GPG directory: $GPG_HOME"
# ============================================
# STEP 1: COPY FILES FROM SOURCE TO DEST (Skip if dev)
# ============================================
if [ "$REMOTE_NAME" = "dev" ]; then
echo ""
echo "════════════════════════════════════════"
echo "⏭️ Step 1: Skipped (dev mode - working in source directory)"
echo "════════════════════════════════════════"
DEST="$SRC"
else
echo ""
echo "════════════════════════════════════════"
echo "📁 Step 1: Copying Files to Destination"
echo "════════════════════════════════════════"
# Ensure destination exists
mkdir -p "$DEST"
echo "Source: $SRC"
echo "Destination: $DEST"
# Check for .gitignore in source
if [ ! -f "$SRC/.gitignore" ]; then
echo "⚠️ Warning: .gitignore not found in $SRC"
fi
# Delete all existing files in the destination (except .git if it exists)
if [ -d "$DEST" ]; then
find "$DEST" -mindepth 1 -maxdepth 1 ! -name '.git' -exec rm -rf {} +
echo "✅ Cleaned destination directory (preserved .git if exists)"
fi
# Copy files respecting .gitignore, excluding .gitignore, shortcuts, .git, and symlinks
if [ -f "$SRC/.gitignore" ]; then
# Build rsync command with conditional exclude files
RSYNC_CMD="rsync -av --exclude='.git/' --exclude='.gitignore' --exclude='*.lnk' --no-links"
# Add main .gitignore
RSYNC_CMD="$RSYNC_CMD --exclude-from=\"$SRC/.gitignore\""
# Add environment-specific .gitignore if it exists
if [ -f "$SRC/$REMOTE_NAME.gitignore" ]; then
RSYNC_CMD="$RSYNC_CMD --exclude-from=\"$SRC/$REMOTE_NAME.gitignore\""
echo "✅ Using $REMOTE_NAME.gitignore"
else
echo "⚠️ No $REMOTE_NAME.gitignore found, skipping"
fi
# Execute rsync
eval "$RSYNC_CMD \"$SRC/\" \"$DEST/\""
else
# If no .gitignore, copy everything except .git
rsync -av \
--exclude='.git/' \
--exclude='.gitignore' \
--exclude='*.lnk' \
--no-links \
"$SRC/" "$DEST/"
fi
echo "✅ Files copied to destination"
fi
# ============================================
# NOW NAVIGATE TO DEST - ALL OPERATIONS FROM HERE
# ============================================
cd "$DEST" || { echo "❌ Failed to cd to $DEST"; exit 1; }
echo "✅ Working in directory: $(pwd)"
echo ""
# ============================================
# STEP 2: INITIALIZE GIT IN DEST (Skip if dev)
# ============================================
echo "════════════════════════════════════════"
echo "⏭️ Step 2: Skipped (dev mode - using existing git repository)"
echo "════════════════════════════════════════"
echo "════════════════════════════════════════"
echo "📦 Step 2: Git Repository Setup"
echo "════════════════════════════════════════"
if [ ! -d ".git" ]; then
echo ".git directory does not exist. Initiating git."
# Initialize git if not already
git init
# Check current branch and switch/create main if needed
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null)
if [ "$CURRENT_BRANCH" != "$DEFAULT_BRANCH" ]; then
# Check if main branch exists
if git show-ref --verify --quiet refs/heads/$DEFAULT_BRANCH; then
git checkout $DEFAULT_BRANCH
echo "✅ Switched to existing branch: $DEFAULT_BRANCH"
else
# Create and switch to main branch
git checkout -b $DEFAULT_BRANCH 2>/dev/null || git branch -M $DEFAULT_BRANCH
echo "✅ Created and switched to branch: $DEFAULT_BRANCH"
fi
else
echo "✅ Already on branch: $DEFAULT_BRANCH"
fi
fi
# ============================================
# STEP 3: GIT USER CONFIG
# ============================================
echo ""
echo "════════════════════════════════════════"
echo "👤 Step 3: Git User Configuration"
echo "════════════════════════════════════════"
# Determine user.email and set TARGET_UID
CURRENT_EMAIL=$(git config user.email 2>/dev/null)
if [ -z "$CURRENT_EMAIL" ] || [ "$RESET_FLAG" = true ]; then
if [ "$RESET_FLAG" = true ] && [ -n "$CURRENT_EMAIL" ]; then
echo "Current user.email: $CURRENT_EMAIL"
echo "🔄 Reset mode: Reconfiguring user.email"
fi
# No email configured or reset mode, ask for it
echo "Enter git user.email (e.g., your@email.com):"
read -r email_input
git config user.email "$email_input" || { echo "❌ Failed to set user.email."; exit 1; }
echo "✅ Set user.email: $email_input"
CURRENT_EMAIL="$email_input"
else
echo "✅ Using existing user.email: $CURRENT_EMAIL"
fi
# Set TARGET_UID based on current email
TARGET_UID="$REMOTE_NAME <$CURRENT_EMAIL>"
echo "✅ Target UID: $TARGET_UID"
# Check user.name
CURRENT_USERNAME=$(git config user.name 2>/dev/null)
if [ -z "$CURRENT_USERNAME" ] || [ "$RESET_FLAG" = true ]; then
if [ "$RESET_FLAG" = true ] && [ -n "$CURRENT_USERNAME" ]; then
echo "Current user.name: $CURRENT_USERNAME"
echo "🔄 Reset mode: Reconfiguring user.name"
fi
echo "Enter git user.name (e.g., John):"
read -r username
git config user.name "$username" || { echo "❌ Failed to set user.name."; exit 1; }
echo "✅ Set user.name: $username"
else
echo "✅ Using existing user.name: $CURRENT_USERNAME"
fi
# ============================================
# STEP 4: SSH KEY SETUP
# ============================================
echo ""
echo "════════════════════════════════════════"
echo "🔑 Step 4: SSH Key Setup"
echo "════════════════════════════════════════"
mkdir -p "$SSH_DIR" && chmod 700 "$SSH_DIR"
SSH_KEY_PATH="$SSH_DIR/id_${REMOTE_NAME}_ed25519"
SSH_PUB_PATH="$SSH_KEY_PATH.pub"
if [ -f "$SSH_KEY_PATH" ] && [ "$RESET_FLAG" = false ]; then
echo "✅ SSH key already exists: $SSH_KEY_PATH"
else
if [ "$RESET_FLAG" = true ] && [ -f "$SSH_KEY_PATH" ]; then
echo "🔄 Reset mode: Reconfiguring SSH key"
echo "Current SSH key exists at: $SSH_KEY_PATH"
else
echo "❌ SSH key not found: $SSH_KEY_PATH"
fi
echo "Generate or Import SSH key? (g/i/cancel)"
read -r ssh_action
if [ "$ssh_action" = "g" ]; then
echo "Generating SSH key..."
ssh-keygen -t ed25519 -C "$REMOTE_NAME@github" -f "$SSH_KEY_PATH" -N "" || { echo "❌ SSH key generation failed."; exit 1; }
chmod 600 "$SSH_KEY_PATH"
echo "✅ SSH key generated: $SSH_KEY_PATH"
elif [ "$ssh_action" = "i" ]; then
echo "Import from file path or paste content? (f/p)"
read -r import_method
if [ "$import_method" = "f" ]; then
echo "Enter the full path to your private key file:"
read -r key_file_path
if [ ! -f "$key_file_path" ]; then
echo "❌ File not found: $key_file_path"
exit 1
fi
# Copy and fix line endings
cat "$key_file_path" | dos2unix 2>/dev/null > "$SSH_KEY_PATH" || cat "$key_file_path" > "$SSH_KEY_PATH"
chmod 600 "$SSH_KEY_PATH"
echo "✅ SSH key imported from file: $key_file_path"
else
echo "Paste the content of your private key (-----BEGIN OPENSSH PRIVATE KEY-----):"
echo "(Press Ctrl+D when done)"
# Create a temporary file to capture pasted content
TMP_KEY_FILE="$SSH_KEY_PATH.tmp"
cat > "$TMP_KEY_FILE"
echo ""
echo "🔧 Sanitizing pasted key..."
# Sanitize the pasted content:
# 1. Remove all carriage returns (Windows line endings)
# 2. Remove any trailing whitespace from each line
# 3. Remove any blank lines within the key block
tr -d '\r' < "$TMP_KEY_FILE" | sed 's/[[:space:]]*$//' | sed '/^$/d' > "$SSH_KEY_PATH"
# Verify proper structure: header and footer must exist
if ! grep -q "BEGIN OPENSSH PRIVATE KEY" "$SSH_KEY_PATH" || ! grep -q "END OPENSSH PRIVATE KEY" "$SSH_KEY_PATH"; then
echo "❌ Invalid key format - missing BEGIN or END markers"
rm -f "$TMP_KEY_FILE" "$SSH_KEY_PATH"
exit 1
fi
rm -f "$TMP_KEY_FILE"
chmod 600 "$SSH_KEY_PATH"
echo "✅ SSH key sanitized and imported: $SSH_KEY_PATH"
fi
# Verify the imported key is valid
echo "🔍 Validating key format..."
if ! ssh-keygen -l -f "$SSH_KEY_PATH" &>/dev/null; then
echo "❌ Imported key is invalid or corrupted"
echo " The key may have been truncated or has syntax errors"
echo ""
echo "Key content preview (first/last 2 lines):"
head -2 "$SSH_KEY_PATH"
echo "..."
tail -2 "$SSH_KEY_PATH"
rm -f "$SSH_KEY_PATH"
exit 1
fi
echo "✅ SSH key validated successfully"
# Check if we need the public key too or generate it
if [ ! -f "$SSH_PUB_PATH" ]; then
echo ""
echo "Public key not found. Generate it from private key? (recommended: y)"
read -r gen_pub
if [ "$gen_pub" = "y" ] || [ "$gen_pub" = "Y" ] || [ -z "$gen_pub" ]; then
ssh-keygen -y -f "$SSH_KEY_PATH" > "$SSH_PUB_PATH"
chmod 644 "$SSH_PUB_PATH"
echo "✅ Public key generated: $SSH_PUB_PATH"
else
echo "Paste the content of your public key (ssh-ed25519 AAAA... $REMOTE_NAME@github):"
read -r pub_key_content
echo "$pub_key_content" > "$SSH_PUB_PATH"
chmod 644 "$SSH_PUB_PATH"
echo "✅ Public key saved: $SSH_PUB_PATH"
fi
fi
else
echo "❌ SSH key required. Exiting."
exit 1
fi
fi
# Display public key if it exists
if [ -f "$SSH_PUB_PATH" ]; then
echo ""
echo "📋 Your SSH public key (add this to GitHub → Settings → SSH and GPG keys):"
echo "─────────────────────────────────────────────────────────────────"
cat "$SSH_PUB_PATH"
echo "─────────────────────────────────────────────────────────────────"
echo ""
echo "Press Enter after you've added this key to GitHub..."
read -r
fi
# ============================================
# STEP 5: SSH CONFIG SETUP
# ============================================
echo ""
echo "════════════════════════════════════════"
echo "🔧 Step 5: SSH Config Setup"
echo "════════════════════════════════════════"
SSH_CONFIG="$SSH_DIR/config"
# Check if Host github-$REMOTE_NAME already exists
if grep -q "^Host github-$REMOTE_NAME" "$SSH_CONFIG" 2>/dev/null; then
if [ "$RESET_FLAG" = true ]; then
echo "🔄 Reset mode: Reconfiguring SSH config"
echo "⚠️ 'Host github-$REMOTE_NAME' already exists in $SSH_CONFIG"
echo "Overwriting config..."
# Remove existing github-$REMOTE_NAME section
sed -i "/^# $REMOTE_NAME account$/,/^[[:space:]]*IdentitiesOnly yes$/{/^# $REMOTE_NAME account$/d; /^Host github-$REMOTE_NAME$/,/^[[:space:]]*IdentitiesOnly yes$/d;}" "$SSH_CONFIG"
echo "✅ Removed existing 'Host github-$REMOTE_NAME' configuration"
else
echo "✅ 'Host github-$REMOTE_NAME' configuration already exists"
fi
fi
# Add or append github-$REMOTE_NAME configuration if it doesn't exist or was removed
if ! grep -q "^Host github-$REMOTE_NAME" "$SSH_CONFIG" 2>/dev/null; then
cat >> "$SSH_CONFIG" << EOF
# $REMOTE_NAME account
Host github-$REMOTE_NAME
HostName github.com
User git
IdentityFile $SSH_KEY_PATH
IdentitiesOnly yes
EOF
echo "✅ Added 'Host github-$REMOTE_NAME' to $SSH_CONFIG"
fi
# Verify SSH key permissions and validity
echo ""
echo "🔍 Verifying SSH key..."
if [ ! -f "$SSH_KEY_PATH" ]; then
echo "❌ SSH private key not found: $SSH_KEY_PATH"
exit 1
fi
# Check and fix permissions
CURRENT_PERMS=$(stat -c %a "$SSH_KEY_PATH" 2>/dev/null || stat -f %Lp "$SSH_KEY_PATH" 2>/dev/null)
if [ "$CURRENT_PERMS" != "600" ]; then
echo "⚠️ Fixing SSH key permissions (was $CURRENT_PERMS, setting to 600)"
chmod 600 "$SSH_KEY_PATH"
fi
# Verify key format
if ! ssh-keygen -l -f "$SSH_KEY_PATH" &>/dev/null; then
echo "❌ SSH key appears to be invalid or corrupted: $SSH_KEY_PATH"
echo " Please regenerate or re-import the key"
exit 1
fi
echo "✅ SSH key verified: $SSH_KEY_PATH"
# Test SSH connection
echo ""
echo "🔍 Testing SSH connection to GitHub..."
SSH_TEST_OUTPUT=$(ssh -T github-$REMOTE_NAME 2>&1)
echo "$SSH_TEST_OUTPUT" | head -5
# Check if authentication was successful (GitHub returns specific message)
if echo "$SSH_TEST_OUTPUT" | grep -q "successfully authenticated"; then
echo "✅ SSH authentication successful!"
elif echo "$SSH_TEST_OUTPUT" | grep -q "Permission denied"; then
echo "❌ SSH authentication failed - Permission denied"
echo " Please verify:"
echo " 1. The public key is added to GitHub (Settings → SSH and GPG keys)"
echo " 2. You're adding the key to the correct GitHub account"
echo " 3. The key matches the one shown above"
echo ""
echo " Public key fingerprint:"
ssh-keygen -lf "$SSH_KEY_PATH"
echo ""
echo " Do you want to continue anyway? (y/n)"
read -r continue_anyway
if [ "$continue_anyway" != "y" ]; then
echo "❌ Aborted by user"
exit 1
fi
fi
echo ""
# ============================================
# STEP 6: GPG KEY SETUP
# ============================================
echo ""
echo "════════════════════════════════════════"
echo "🔐 Step 6: GPG Key Setup"
echo "════════════════════════════════════════"
# Check if git-remote-gcrypt exists
if ! command -v git-remote-gcrypt &>/dev/null; then
echo "git-remote-gcrypt not found. Install it? (y/n)"
read -r install_gcrypt
if [ "$install_gcrypt" = "y" ]; then
apt update && apt install git-remote-gcrypt -y || { echo "❌ Install failed."; exit 1; }
else
echo "❌ Terminate: git-remote-gcrypt required."
exit 1
fi
fi
# Check GPG key for TARGET_UID
echo ""
echo "🔍 Searching for GPG key matching email: $CURRENT_EMAIL"
echo " (Target UID for new keys: $TARGET_UID)"
GPG_OUTPUT=$(gpg --list-secret-keys --keyid-format=long 2>/dev/null)
if [ $? -ne 0 ]; then
echo "❌ Error running gpg. Ensure gpg is installed."
exit 1
fi
# Debug: Show all available keys
echo "📋 Available GPG keys in $GPG_HOME:"
gpg --list-secret-keys --keyid-format=long | grep -E "(sec|uid)" || echo " No keys found"
echo ""
# Search for key by email address only (more flexible than exact UID match)
if gpg --list-secret-keys "$CURRENT_EMAIL" &>/dev/null && [ "$RESET_FLAG" = false ]; then
# Key found - extract the full fingerprint (not the short key ID)
KEYID=$(gpg --list-secret-keys --fingerprint --with-colons "$CURRENT_EMAIL" 2>/dev/null | grep "^fpr:" | head -1 | cut -d: -f10)
if [ -z "$KEYID" ]; then
echo "❌ Failed to retrieve KEYID for $CURRENT_EMAIL"
exit 1
fi
# Get the actual UID of the found key
ACTUAL_UID=$(gpg --list-secret-keys --with-colons "$KEYID" 2>/dev/null | grep "^uid:" | head -1 | cut -d: -f10)
echo "✅ GPG key found for email $CURRENT_EMAIL"
echo " Key ID (fingerprint): $KEYID"
echo " Actual UID: $ACTUAL_UID"
else
if [ "$RESET_FLAG" = true ] && gpg --list-secret-keys "$CURRENT_EMAIL" &>/dev/null; then
echo "🔄 Reset mode: Reconfiguring GPG key"
EXISTING_KEYID=$(gpg --list-secret-keys --fingerprint --with-colons "$CURRENT_EMAIL" 2>/dev/null | grep "^fpr:" | head -1 | cut -d: -f10)
echo "Current GPG key: $EXISTING_KEYID"
else
echo "❌ GPG key for email '$CURRENT_EMAIL' not found in $GPG_HOME"
fi
echo "Generate or Import? (g/i/cancel)"
read -r gpg_action
if [ "$gpg_action" = "g" ]; then
echo "Generating GPG key with UID: $TARGET_UID"
gpg --quick-generate-key "$TARGET_UID" rsa4096 sign,encrypt 2y || { echo "❌ GPG generation failed."; exit 1; }
# Get full fingerprint for the newly generated key
KEYID=$(gpg --list-secret-keys --fingerprint --with-colons "$CURRENT_EMAIL" 2>/dev/null | grep "^fpr:" | head -1 | cut -d: -f10)
if [ -z "$KEYID" ]; then
echo "❌ Failed to retrieve KEYID after generation."
exit 1
fi
echo "✅ GPG key generated. Key ID (fingerprint): $KEYID"
elif [ "$gpg_action" = "i" ]; then
echo "Enter path to private key (.asc):"
read -r key_path
gpg --import "$key_path" || { echo "❌ GPG import failed."; exit 1; }
# Get full fingerprint for the imported key (search by email, not exact UID)
KEYID=$(gpg --list-secret-keys --fingerprint --with-colons "$CURRENT_EMAIL" 2>/dev/null | grep "^fpr:" | head -1 | cut -d: -f10)
if [ -z "$KEYID" ]; then
echo "❌ Failed to retrieve KEYID after import."
echo " Searching for email: $CURRENT_EMAIL"
echo " Please ensure the imported key contains this email address."
echo ""
echo "Available keys after import:"
gpg --list-secret-keys --keyid-format=long
exit 1
fi
# Get the actual UID of the imported key
ACTUAL_UID=$(gpg --list-secret-keys --with-colons "$KEYID" 2>/dev/null | grep "^uid:" | head -1 | cut -d: -f10)
echo "✅ GPG key imported. Key ID (fingerprint): $KEYID"
echo " Key UID: $ACTUAL_UID"
else
echo "❌ Terminate: GPG key required."
exit 1
fi
fi
# Set user.signingkey (always update to ensure it matches)
git config user.signingkey "$KEYID" || { echo "❌ Failed to set user.signingkey."; exit 1; }
echo "✅ Set user.signingkey: $KEYID"
# Configure GPG to only use this specific key
export GNUPGHOME="$GPG_HOME"
git config gpg.program gpg
echo "default-key $KEYID" >> "$GPG_HOME/gpg.conf"
echo "✅ Set default GPG key to: $KEYID"
# Add GPG configuration to suppress warnings
if ! grep -q "^trust-model" "$GPG_HOME/gpg.conf" 2>/dev/null; then
echo "trust-model always" >> "$GPG_HOME/gpg.conf"
fi
# Set ultimate trust for the key to suppress trust warnings
echo "$KEYID:6:" | gpg --import-ownertrust 2>/dev/null
echo "✅ GPG trust configured"
# ============================================
# STEP 7: GIT REMOTE CONFIGURATION
# ============================================
echo ""
echo "════════════════════════════════════════"
echo "🌐 Step 7: Git Remote Configuration"
echo "════════════════════════════════════════"
# Check remote URL
EXISTING_REMOTE=$(git config remote.$REMOTE_NAME.url 2>/dev/null)
if [ -z "$EXISTING_REMOTE" ] || [ "$RESET_FLAG" = true ]; then
if [ "$RESET_FLAG" = true ] && [ -n "$EXISTING_REMOTE" ]; then
echo "🔄 Reset mode: Reconfiguring remote"
echo "Current remote: $EXISTING_REMOTE"
fi
echo "Enter GitHub repo URL (e.g., your-user/your-repo.git):"
read -r github_url
else
github_url=$(echo "$EXISTING_REMOTE" | sed 's/gcrypt::github-'"$REMOTE_NAME"'://' | sed 's/github-'"$REMOTE_NAME"'://')
echo "✅ Using existing remote: $github_url"
fi
# Check if repo is encrypted
encrypted_config=$(git config remote.encrypted 2>/dev/null)
if [ -n "$encrypted_config" ] && [ "$RESET_FLAG" = false ]; then
is_encrypted="$encrypted_config"
echo "✅ Using saved encryption setting: $is_encrypted"
else
if [ "$RESET_FLAG" = true ] && [ -n "$encrypted_config" ]; then
echo "🔄 Reset mode: Reconfiguring encryption setting"
echo "Current encryption setting: $encrypted_config"
fi
echo "Is the repository encrypted with git-remote-gcrypt? (y/n)"
read -r is_encrypted
fi
if [ "$is_encrypted" = "y" ] || [ "$is_encrypted" = "true" ]; then
git config remote.encrypted true
echo "🔧 Configuring gcrypt encryption..."
# Set gcrypt-signingkey (for signing the manifest)
git config remote.$REMOTE_NAME.gcrypt-signingkey "$KEYID" || { echo "❌ Failed to set gcrypt-signingkey."; exit 1; }
echo " ✅ Set gcrypt-signingkey: $KEYID"
# Set gcrypt-participants (who can decrypt)
git config remote.$REMOTE_NAME.gcrypt-participants "$KEYID" || { echo "❌ Failed to set gcrypt-participants."; exit 1; }
echo " ✅ Set gcrypt-participants: $KEYID"
git config gcrypt.publish-participants false
# Remove and re-add remote with gcrypt prefix
git remote remove $REMOTE_NAME 2>/dev/null
git remote add $REMOTE_NAME "gcrypt::github-$REMOTE_NAME:$github_url" || { echo "❌ Failed to set remote URL."; exit 1; }
echo "✅ Set encrypted remote: gcrypt::github-$REMOTE_NAME:$github_url"
# Verify gcrypt configuration
echo ""
echo "🔍 Verifying gcrypt configuration:"
echo " gcrypt-signingkey: $(git config remote.$REMOTE_NAME.gcrypt-signingkey)"
echo " gcrypt-participants: $(git config remote.$REMOTE_NAME.gcrypt-participants)"
echo " GPG key available: $(gpg --list-secret-keys "$KEYID" &>/dev/null && echo "✅ Yes" || echo "❌ No")"
else
# Set remote URL without gcrypt
git config remote.encrypted false
git remote remove $REMOTE_NAME 2>/dev/null
git remote add $REMOTE_NAME "github-$REMOTE_NAME:$github_url" || { echo "❌ Failed to set remote URL."; exit 1; }
echo "✅ Set non-encrypted remote: github-$REMOTE_NAME:$github_url"
fi
# ============================================
# STEP 8: COMMIT CHANGES
# ============================================
echo ""
echo "════════════════════════════════════════"
echo "💾 Step 8: Commit Changes"
echo "════════════════════════════════════════"
# Enable global GPG signing
git config --global commit.gpgsign true || { echo "❌ Failed to enable commit.gpgsign."; exit 1; }
# Ensure GPG agent is properly initialized before commit
gpg-connect-agent updatestartuptty /bye >/dev/null 2>&1
# Prompt for commit message and commit
echo "Enter git commit message:"
read -r commit_message
git add . && git commit -m "$commit_message" || { echo "❌ Commit failed."; }
echo "✅ Commit done: $commit_message"
# ============================================
# STEP 9: PUSH TO GITHUB
# ============================================
echo ""
echo "════════════════════════════════════════"
echo "🚀 Step 9: Push to GitHub"
echo "════════════════════════════════════════"
# Ensure we're on the correct branch
CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD 2>/dev/null)
if [ "$CURRENT_BRANCH" != "$DEFAULT_BRANCH" ]; then
echo "⚠️ Currently on branch: $CURRENT_BRANCH"
echo "🔄 Switching to $DEFAULT_BRANCH branch..."
# Check if the target branch exists
if git show-ref --verify --quiet refs/heads/$DEFAULT_BRANCH; then
# Branch exists, switch to it
git checkout $DEFAULT_BRANCH || { echo "❌ Failed to checkout $DEFAULT_BRANCH"; exit 1; }
echo "✅ Switched to existing branch: $DEFAULT_BRANCH"
else
# Branch doesn't exist, create it
if git rev-parse HEAD &>/dev/null; then
# We have commits, create branch from current state
git checkout -b $DEFAULT_BRANCH || { echo "❌ Failed to create branch $DEFAULT_BRANCH"; exit 1; }
echo "✅ Created new branch: $DEFAULT_BRANCH"
else
# No commits yet, branch will be created after first commit
echo "⚠️ No commits yet - branch will be created after first commit"
fi
fi
else
echo "✅ Already on branch: $DEFAULT_BRANCH"
fi
# For initial push to empty repo, use -u flag to set upstream
if ! git ls-remote --exit-code --heads $REMOTE_NAME $DEFAULT_BRANCH &>/dev/null; then
echo "🔍 Detected new/empty remote repository - performing initial push with upstream tracking"
git push -u $REMOTE_NAME $DEFAULT_BRANCH || { echo "❌ Push failed."; exit 1; }
else
git push $REMOTE_NAME $DEFAULT_BRANCH || { echo "❌ Push failed."; exit 1; }
fi
echo "✅ Successfully pushed to $REMOTE_NAME $DEFAULT_BRANCH"
# ============================================
# FINAL SUMMARY
# ============================================
echo ""
echo "════════════════════════════════════════════════════════"
echo "✅ Setup Complete!"
echo "════════════════════════════════════════════════════════"
echo "📋 Configuration Summary:"
echo " Working Directory: $(pwd)"
echo " Branch: $DEFAULT_BRANCH"
echo " Remote: $REMOTE_NAME"
echo " user.name: $(git config user.name)"
echo " user.email: $(git config user.email)"
echo " user.signingkey: $(git config user.signingkey)"
echo " remote.$REMOTE_NAME.url: $(git config remote.$REMOTE_NAME.url)"
if [ "$is_encrypted" = "y" ]; then
echo " remote.$REMOTE_NAME.gcrypt-signingkey: $(git config remote.$REMOTE_NAME.gcrypt-signingkey)"
echo " remote.$REMOTE_NAME.gcrypt-participants: $(git config remote.$REMOTE_NAME.gcrypt-participants)"
fi
echo " SSH key: $SSH_KEY_PATH"
echo " GPG keyring: $GPG_HOME"
echo " To view keys: "
echo " Git SSH Key: $(sudo cat "$SSH_PUB_PATH")"
echo " GPG Key: gpg --list-secret-keys $REMOTE_NAME \"<$CURRENT_EMAIL>\""
echo " To export keys: "
echo " Public key: sudo gpg --export -a \"$TARGET_UID\" > /mnt/c/public.key"
echo " Private Key: sudo gpg --export-secret-keys -a \"$TARGET_UID\" > /mnt/c/private.key"
echo " View both keys: sudo cat /mnt/c/private.key && cat /mnt/c/public.key"
if [ "$RESET_FLAG" = true ]; then
echo " Reset mode: ✅ Enabled"
fi
echo ""
echo "🚀 To push later: git push $REMOTE_NAME $DEFAULT_BRANCH"
echo "════════════════════════════════════════════════════════"
cd $SRC
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment