chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add some commands to read secret

Browse source 
values
This commit is contained in:
Chris Kruining 2025-10-27 11:34:11 +01:00
parent 334c0b54cc
commit e92f2cf82c
No known key found for this signature in database
GPG key ID: EB894A3560CCCAD2
2 changed files with 9 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.just/vars.just
View file

@ -1,5 +1,6 @@
base_path := invocation_directory() / "systems/x86_64-linux" base_path := invocation_directory() / "systems/x86_64-linux"
sops := "nix shell nixpkgs#sops --command sops" sops := "nix shell nixpkgs#sops --command sops"
yq := "nix shell nixpkgs#yq --command yq"
@_default: @_default:
just --list just --list
@ -19,6 +20,9 @@ list machine:
echo "Done" echo "Done"
@get machine key:
{{ sops }} decrypt {{ base_path }}/{{ machine }}/secrets.yml | {{ yq }} ".$(echo "{{ key }}" | sed -E 's/\//./g')"
@remove machine key: @remove machine key:
{{ sops }} unset {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" {{ sops }} unset {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')"

4
.justfile
View file

@ -16,3 +16,7 @@ mod machine '.just/machine.just'
nix flake update nix flake update
git commit -m 'chore: update dependencies' -- ./flake.lock > /dev/null git commit -m 'chore: update dependencies' -- ./flake.lock > /dev/null
echo "Done" echo "Done"
[doc('Introspection on flake output')]
@select key:
nix eval --json .#{{ key }} | jq .