Implement agebox flow in Makefile
This commit is contained in:
parent
97d66abd84
commit
d996397619
15
Makefile
15
Makefile
|
@ -10,3 +10,18 @@ build:
|
|||
|
||||
clean:
|
||||
rm -rf alpine-cloud-images/work
|
||||
|
||||
# Adds all tracked encrypted files to .gitignore as safety net
|
||||
age-add-gitignore:
|
||||
@for f in $$(yq eval .file_ids[] .ageboxreg.yml); do grep -qxF $$f .gitignore || echo $$f >> .gitignore; done
|
||||
|
||||
# Decrypts all secrets, which also removes the .agebox files locally and they show as "deleted" for now
|
||||
# This is a design choice of the agebox devs atm
|
||||
age-unseal:
|
||||
@agebox decrypt --all
|
||||
|
||||
# Encrypts all secrets, but compares the local unencrypted files with the decrypted content from the index first
|
||||
# If there are no diffs, just restore the agebox file from the index and delete the unaltered local unencrypted file
|
||||
# If there are changes re-encrypt
|
||||
age-seal:
|
||||
@for f in $$(yq eval .file_ids[] .ageboxreg.yml); do git restore $${f}.agebox; agebox cat $$f.agebox | diff - $$f && rm -f $$f || ( rm -f $$f.agebox; agebox encrypt $$f --public-keys .agekeys; ); done
|
||||
|
|
Loading…
Reference in New Issue
Block a user