-
Notifications
You must be signed in to change notification settings - Fork 1
/
Taskfile.yaml
116 lines (114 loc) · 3.71 KB
/
Taskfile.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
# yaml-language-server: $schema=https://taskfile.dev/schema.json
version: 3
vars:
EJSON_KEY_ID: 6bf53a356a4b8abbc9a41ae2912787e56853e211653bb23d5da4a87ba6c9df6f
tasks:
default:
cmds:
- task: secrets
- task: checksum
validate-secrets:
desc: Checks and reports invalid secret references in the ejson template.
cmd: >-
gron .ejson/secrets.tmpl.json
| grep "op://"
| sed 's/[";]//g'
| xargs -P 0 -I% bash -c 'echo "%" | op inject > /dev/null || echo %'
checksum:
desc: Update the saved checksum in the password vault.
method: timestamp
cmd: >-
op item edit
"ejson payload"
"task checksum=$(cat .task/checksum/secrets)" || true
sources:
- .task/checksum/secrets
secrets:
vars:
SOURCE: .ejson/secrets.tmpl.json
TARGET: .ejson/secrets.json
cmds:
- op inject -f -i {{ .SOURCE | q }} -o {{ .TARGET | q }} || true
- ejson encrypt .ejson/secrets.json
- op document edit "ejson payload" .ejson/secrets.json || true
deps:
- key:Personal/ejson/password:{{ .EJSON_KEY_ID }}
sources:
- '{{ .SOURCE }}'
generates:
- '{{ .TARGET }}'
key:
desc: Extracts a local of the ejson key.
deps:
- key:Personal/ejson/password:{{ .EJSON_KEY_ID }}
key:*:*:
label: key:{{ index .MATCH 0 }}:{{ index .MATCH 1 }}
vars:
REF: 'op://{{ index .MATCH 0 }}'
TARGET: '{{ joinPath .EJSON_KEYDIR (index .MATCH 1) }}'
cmds:
- mkdir -p {{ .EJSON_KEYDIR | q }}
- >-
op read --force --no-newline
--file-mode 0600
--out-file {{ .TARGET | q }}
{{ .REF | q }}
status:
- test -f {{ .TARGET | q }}
context:missing:
desc: Lists entries in the repository that aren't in any context.
cmd:
task: context:default
vars:
COMM_ARGS: "-23"
context:cleanup:
desc: Lists entries in a context that don't exist in the repository anymore.
cmd:
task: context:default
vars:
COMM_ARGS: "-13"
context:default:
internal: true
silent: true
vars:
COMM_ARGS: '{{ .COMM_ARGS | default "" }}'
TMPDIR:
sh: mktemp -d
REPOSITORY_FILES_PATH: '{{ joinPath .TMPDIR "repository-files" }}'
CONTEXT_FILES_PATH: '{{ joinPath .TMPDIR "context-files" }}'
cmds:
- defer: rm -rf {{ .TMPDIR | q }}
- >-
find {{ .ROOT_DIR | q }}
-not -path '*/.direnv/*'
-not -path '*/.DS_Store'
-not -path '*/.ejson/keys/*'
-not -path '*/.ejson/secrets.json'
-not -path '*/.git/*'
-not -path '*/.task/checksum/*'
-not -path '*/.task/timestamp/*'
-not -path '*/.tmp/*'
-not -path '*/fish/*bass*'
-not -path '*/fish/*fzf*'
-not -path '*/fish/*nvm*'
-not -path '*/fish/completions/kubectl*'
-type f
| sed "s|{{ .ROOT_DIR }}/||g"
| sort -u > {{ .REPOSITORY_FILES_PATH | q }}
- >-
jq -r '.contexts
| to_entries
| .[].value[]' {{ joinPath .ROOT_DIR ".vscode" "contexts.json" | q }}
| sort -u > {{ .CONTEXT_FILES_PATH | q }}
- comm {{ .COMM_ARGS }} {{ .REPOSITORY_FILES_PATH | q }} {{ .CONTEXT_FILES_PATH | q }}
macos:fix:
desc: Applies cleanup commands to solve system preference problems in MacOS.
summary: >-
Removes system preferences files to try and solve a mysterious issue where
the System Settings app stops loading. The logs are as good as none.
cmds:
- rm ~/Library/Preferences/com.apple.systempreferences.plist || true
- rm ~/Library/Application\ Scripts/com.apple.systempreferences.* || true
- rm ~/Library/Group\ Containers/com.apple.systempreferences.* || true
- rm ~/Library/Caches/com.apple.systempreferences || true
- sudo rm -rfv /Library/Caches/com.apple.iconservices.store