mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

comment

Browse source
This commit is contained in:
Joey Hess 2017-02-20 14:49:03 -04:00
parent 221f62ea5e
commit 3488679a81
No known key found for this signature in database
GPG key ID: C910D9222512E3C7
1 changed files with 19 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
doc/bugs/S3_remote___8212___un-embedding_creds__63__/comment_1_336e1c2a5c2a367cba0ad74896b3895b._comment Normal file
View file

@ -0,0 +1,19 @@
[[!comment format=mdwn
username="joey"
subject="""comment 1"""
date="2017-02-20T18:38:16Z"
content="""
When you used embedcreds=yes, it *committed* the creds to the git-annex
branch of the git repository. For embedcreds=no to do anything useful,
it would need to remove that data from the git repository history.
Removing data from a git repository tends to involve rewriting commits and
forced pushes to all remotes, it's not a simple process and not ameanable
to automation. It will be much easier, and more secure, to go into S3
and generate new credentials, and revoke access to the old ones.
What `git annex enableremote` with `embedcreds=no` does do is prevent
any new creds from being embedded into the repository. Otherwise,
`git annex enableremote` will update the embedded creds
with whatever new ones are set in the environment when you run it.
"""]]