Skip to content

amber: init at 0.1.1#138159

Merged
figsoda merged 3 commits intoNixOS:masterfrom
psibi:add-amber
Sep 20, 2021
Merged

amber: init at 0.1.1#138159
figsoda merged 3 commits intoNixOS:masterfrom
psibi:add-amber

Conversation

@psibi
Copy link
Member

@psibi psibi commented Sep 16, 2021

Motivation for this change

This tools allows for easily managing secrets in a repo. Tested it locally on a NixOS machine:

❯ amber
amber 0.1.1
Utility to store encrypted secrets in version trackable plain text files

USAGE:
    amber [FLAGS] [OPTIONS] <SUBCOMMAND>

FLAGS:
    -h, --help        Prints help information
        --unmasked    Disable masking of secret values during exec
    -v, --verbose     Turn on verbose output
    -V, --version     Prints version information

OPTIONS:
        --amber-yaml <amber-yaml>    amber.yaml file location [env: AMBER_YAML=] [default:
                                     amber.yaml]

SUBCOMMANDS:
    encrypt     Add or update a secret
    exec        Run a command with all of the secrets set as environment variables
    generate    Generate a new strong secret value, and add it to the repository
    help        Prints this message or the help of the given subcommand(s)
    init        Initialize a new directory
    print       Print all of the secrets
    remove      Remove a secret
Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • 21.11 Release Notes (or backporting 21.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux. labels Sep 16, 2021
figsoda
figsoda suggested changes Sep 16, 2021
View reviewed changes
Copy link
Member

@figsoda figsoda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

package is not added to all-packages.nix, also commit message should be amber-secret: init at 0.1.1

SuperSandro2000
SuperSandro2000 reviewed Sep 16, 2021
View reviewed changes
@ofborg ofborg bot added 8.has: package (new) This PR adds a new package 11.by: package-maintainer This PR was created by a maintainer of all the package it changes. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. and removed 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux. labels Sep 17, 2021
figsoda
figsoda approved these changes Sep 17, 2021
View reviewed changes
Copy link
Member

@figsoda figsoda left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe the file name should be amber-secret instead of amber? otherwise lgtm

@psibi
Copy link
Member Author

psibi commented Sep 17, 2021

Thanks @figsoda for the review!

maybe the file name should be amber-secret instead of amber?

I can change that if you feel strongly. But the reason I have kept it as amber is because:

  • amber is the name of the project
  • I'm using amber-secret because there is already another package named amber in the nixpkgs repo.

@figsoda
Copy link
Member

figsoda commented Sep 17, 2021

fair enough

@figsoda
Copy link
Member

figsoda commented Sep 18, 2021

darwin build failed, i think you need CoreFoundation and Security in buildInputs, inherited from darwin.apple_sdk.frameworks inside all-packages.nix

@figsoda
Copy link
Member

figsoda commented Sep 20, 2021

@ofborg build amber-secret

@figsoda
Copy link
Member

figsoda commented Sep 20, 2021

Result of nixpkgs-review pr 138159 run on x86_64-linux 1

1 package built:
  • amber-secret

@figsoda figsoda merged commit 23acc56 into NixOS:master Sep 20, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SuperSandro2000 SuperSandro2000 SuperSandro2000 left review comments

+1 more reviewer

@figsoda figsoda figsoda approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

8.has: package (new) This PR adds a new package 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-darwin: 1 This PR causes 1 package to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-linux: 1 This PR causes 1 package to rebuild on Linux. 11.by: package-maintainer This PR was created by a maintainer of all the package it changes.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@psibi @figsoda @SuperSandro2000