spencer/envr
1
0
Fork 0
mirror of https://github.com/sbrow/envr.git synced 2025-12-29 15:47:38 -05:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: spencer:cbd74f387e2e330b2557d07dd82ba05cc91300ac
Branches Tags
spencer:main
spencer:v0.2.0 spencer:v0.1.1 spencer:v0.1.0
...
compare: spencer:5eaf691dcd7719e0236f358a2f2e2a2e2c626466
Branches Tags
spencer:main
spencer:v0.2.0 spencer:v0.1.1 spencer:v0.1.0

10 Commits
cbd74f387e ... 5eaf691dcd

Author SHA1 Message Date
Spencer Brower
5eaf691dcd refactor(db): Removed the need to pass CloseMode to Db.Close. 2025-11-07 14:43:30 -05:00
Spencer Brower
1a3172dc6f docs: Updated comments on SshKeyPair. 2025-11-07 12:19:29 -05:00
Spencer Brower
66b113049b refactor: Removed TODOs. 2025-11-07 11:51:11 -05:00
Spencer Brower
169653d756 feat(init): Added a --force flag for overwriting an existing config. 2025-11-07 11:48:36 -05:00
Spencer Brower
8074f7ae6d feat(sync): Now checks files for mismatched hashes before replacing. 2025-11-07 11:38:58 -05:00
Spencer Brower
9a729e6e2a docs: Removed old TODO. 2025-11-07 11:16:27 -05:00
Spencer Brower
0fef74a9bb refactor!: Dir is no longer stored in the database. 
BREAKING CHANGE: Dir is now derived from Path rather than stored in the
DB. Your DB will need to be updated.
 2025-11-07 11:12:29 -05:00
Spencer Brower
38a6776b31 chore: remotes now get unmarshalled from the database. 2025-11-07 10:54:54 -05:00
Spencer Brower
15be62b5a2 feat(config): The default config now filters out more junk. 
This includes `.envrc` files, `.local/`, `node_modules`, and `vendor`.
 2025-11-07 10:44:55 -05:00
Spencer Brower
f43705cd53 feat(scan)!: Added support for multiple exports. 
BREAKING CHANGE: The config value `scan.Exclude` is now a list rather than a string.
 2025-11-07 10:41:46 -05:00
14 changed files with 126 additions and 75 deletions
Expand all files Collapse all files

42
app/config.go
View File

@@ -18,6 +18,7 @@ type Config struct {
ScanConfig scanConfig `json:"scan"`
}
// Used by age to encrypt and decrypt the database.
type SshKeyPair struct {
Private string `json:"private"` // Path to the private key file
Public string `json:"public"` // Path to the public key file
@@ -25,9 +26,8 @@ type SshKeyPair struct {
type scanConfig struct {
// TODO: Support multiple matchers
Matcher string `json:"matcher"`
// TODO: Support multiple excludes
Exclude string `json:"exclude"`
Matcher string `json:"matcher"`
Exclude []string `json:"exclude"`
Include []string `json:"include"`
}
@@ -48,7 +48,12 @@ func NewConfig(privateKeyPaths []string) Config {
Keys: keys,
ScanConfig: scanConfig{
Matcher: "\\.env",
Exclude: "*.envrc",
Exclude: []string{
"*\\.envrc",
"\\.local/",
"node_modules",
"vendor",
},
Include: []string{"~"},
},
}
@@ -109,6 +114,25 @@ func (c *Config) Save() error {
return os.WriteFile(configPath, data, 0644)
}
// buildFdArgs builds the fd command arguments with multiple exclude patterns
func (c Config) buildFdArgs(searchPath string, includeIgnored bool) []string {
args := []string{"-a", c.ScanConfig.Matcher}
// Add exclude patterns
for _, exclude := range c.ScanConfig.Exclude {
args = append(args, "-E", exclude)
}
if includeIgnored {
args = append(args, "-HI")
} else {
args = append(args, "-H")
}
args = append(args, searchPath)
return args
}
// Use fd to find all ignored .env files that match the config's parameters
func (c Config) scan() (paths []string, err error) {
searchPaths, err := c.searchPaths()
@@ -119,7 +143,7 @@ func (c Config) scan() (paths []string, err error) {
for _, searchPath := range searchPaths {
// Find all files (including ignored ones)
fmt.Printf("Searching for all files in \"%s\"...\n", searchPath)
allCmd := exec.Command("fd", "-a", c.ScanConfig.Matcher, "-E", c.ScanConfig.Exclude, "-HI", searchPath)
allCmd := exec.Command("fd", c.buildFdArgs(searchPath, true)...)
allOutput, err := allCmd.Output()
if err != nil {
return paths, err
@@ -132,7 +156,7 @@ func (c Config) scan() (paths []string, err error) {
// Find unignored files
fmt.Printf("Search for unignored fies in \"%s\"...\n", searchPath)
unignoredCmd := exec.Command("fd", "-a", c.ScanConfig.Matcher, "-E", c.ScanConfig.Exclude, "-H", searchPath)
unignoredCmd := exec.Command("fd", c.buildFdArgs(searchPath, false)...)
unignoredOutput, err := unignoredCmd.Output()
if err != nil {
return []string{}, err
@@ -184,8 +208,7 @@ func (c Config) searchPaths() (paths []string, err error) {
return paths, nil
}
// TODO: Should this be private?
func (s SshKeyPair) Identity() (age.Identity, error) {
func (s SshKeyPair) identity() (age.Identity, error) {
sshKey, err := os.ReadFile(s.Private)
if err != nil {
return nil, fmt.Errorf("failed to read SSH key: %w", err)
@@ -199,8 +222,7 @@ func (s SshKeyPair) Identity() (age.Identity, error) {
return id, nil
}
// TODO: Should this be private?
func (s SshKeyPair) Recipient() (age.Recipient, error) {
func (s SshKeyPair) recipient() (age.Recipient, error) {
sshKey, err := os.ReadFile(s.Public)
if err != nil {
return nil, fmt.Errorf("failed to read SSH key: %w", err)

59
app/db.go
View File

@@ -13,19 +13,12 @@ import (
_ "modernc.org/sqlite"
)
// CloseMode determines whether or not the in-memory DB should be saved to disk
// before closing the connection.
type CloseMode int
const (
ReadOnly CloseMode = iota
Write
)
type Db struct {
db *sql.DB
cfg Config
features *AvailableFeatures
// If true, the database will be saved to disk before closing
changed bool
}
func Open() (*Db, error) {
@@ -37,7 +30,7 @@ func Open() (*Db, error) {
if _, err := os.Stat("/home/spencer/.envr/data.age"); err != nil {
// Create a new DB
db, err := newDb()
return &Db{db, *cfg, nil}, err
return &Db{db, *cfg, nil, true}, err
} else {
// Open the existing DB
tmpFile, err := os.CreateTemp("", "envr-*.db")
@@ -59,7 +52,7 @@ func Open() (*Db, error) {
restoreDB(tmpFile.Name(), memDb)
return &Db{memDb, *cfg, nil}, nil
return &Db{memDb, *cfg, nil, false}, nil
}
}
@@ -72,7 +65,6 @@ func newDb() (*sql.DB, error) {
} else {
_, err := db.Exec(`create table envr_env_files (
path text primary key not null
, dir text not null
, remotes text -- JSON
, sha256 text not null
, contents text not null
@@ -108,7 +100,7 @@ func decryptDb(tmpFilePath string, keys []SshKeyPair) error {
identities := make([]age.Identity, 0, len(keys))
for _, key := range keys {
id, err := key.Identity()
id, err := key.identity()
if err != nil {
return err
@@ -150,23 +142,27 @@ func restoreDB(path string, destDB *sql.DB) error {
// Returns all the EnvFiles present in the database.
func (db *Db) List() (results []EnvFile, err error) {
rows, err := db.db.Query("select * from envr_env_files")
rows, err := db.db.Query("select path, remotes, sha256, contents from envr_env_files")
if err != nil {
return nil, err
}
defer rows.Close()
var envFile EnvFile
var remotesJson []byte
for rows.Next() {
var envFile EnvFile
var remotesJSON string
err := rows.Scan(&envFile.Path, &envFile.Dir, &remotesJSON, &envFile.Sha256, &envFile.contents)
err := rows.Scan(&envFile.Path, &remotesJson, &envFile.Sha256, &envFile.contents)
if err != nil {
return nil, err
}
// TODO: unmarshal remotesJSON into envFile.remotes
// Populate Dir from Path
envFile.Dir = filepath.Dir(envFile.Path)
if err := json.Unmarshal(remotesJson, &envFile.Remotes); err != nil {
return nil, err
}
results = append(results, envFile)
}
@@ -178,10 +174,10 @@ func (db *Db) List() (results []EnvFile, err error) {
return results, nil
}
func (db *Db) Close(mode CloseMode) error {
func (db *Db) Close() error {
defer db.db.Close()
if mode == Write {
if db.changed {
// Create tmp file
tmpFile, err := os.CreateTemp("", "envr-*.db")
if err != nil {
@@ -197,6 +193,8 @@ func (db *Db) Close(mode CloseMode) error {
if err := encryptDb(tmpFile.Name(), db.cfg.Keys); err != nil {
return err
}
db.changed = false
}
return nil
@@ -242,7 +240,7 @@ func encryptDb(tmpFilePath string, keys []SshKeyPair) error {
recipients := make([]age.Recipient, 0, len(keys))
for _, key := range keys {
recipient, err := key.Recipient()
recipient, err := key.recipient()
if err != nil {
return err
@@ -278,14 +276,16 @@ func (db *Db) Insert(file EnvFile) error {
// Insert into database
_, err = db.db.Exec(`
INSERT OR REPLACE INTO envr_env_files (path, dir, remotes, sha256, contents)
VALUES (?, ?, ?, ?, ?)
`, file.Path, file.Dir, string(remotesJSON), file.Sha256, file.contents)
INSERT OR REPLACE INTO envr_env_files (path, remotes, sha256, contents)
VALUES (?, ?, ?, ?)
`, file.Path, string(remotesJSON), file.Sha256, file.contents)
if err != nil {
return fmt.Errorf("failed to insert env file: %w", err)
}
db.changed = true
return nil
}
@@ -293,12 +293,15 @@ func (db *Db) Insert(file EnvFile) error {
func (db *Db) Fetch(path string) (envFile EnvFile, err error) {
var remotesJSON string
row := db.db.QueryRow("SELECT path, dir, remotes, sha256, contents FROM envr_env_files WHERE path = ?", path)
err = row.Scan(&envFile.Path, &envFile.Dir, &remotesJSON, &envFile.Sha256, &envFile.contents)
row := db.db.QueryRow("SELECT path, remotes, sha256, contents FROM envr_env_files WHERE path = ?", path)
err = row.Scan(&envFile.Path, &remotesJSON, &envFile.Sha256, &envFile.contents)
if err != nil {
return EnvFile{}, fmt.Errorf("failed to fetch env file: %w", err)
}
// Populate Dir from Path
envFile.Dir = filepath.Dir(envFile.Path)
if err = json.Unmarshal([]byte(remotesJSON), &envFile.Remotes); err != nil {
return EnvFile{}, fmt.Errorf("failed to unmarshal remotes: %w", err)
}
@@ -322,6 +325,8 @@ func (db *Db) Delete(path string) error {
return fmt.Errorf("no file found with path: %s", path)
}
db.changed = true
return nil
}

57
app/env_file.go
View File

@@ -10,7 +10,8 @@ import (
)
type EnvFile struct {
Path string
Path string
// Dir is derived from Path, and is not stored in the database.
Dir string
Remotes []string // []string
Sha256 string
@@ -95,25 +96,47 @@ func getGitRemotes(dir string) []string {
return remotes
}
// Install the file into the file system
// Install the file into the file system. If the file already exists,
// it will be overwritten.
func (file EnvFile) Restore() error {
// TODO: Handle restores more cleanly
// Ensure the directory exists
if _, err := os.Stat(file.Dir); err != nil {
return fmt.Errorf("directory missing")
}
// Check if file already exists
// TODO: Duplicate work is being done when called from the Sync function.
if _, err := os.Stat(file.Path); err == nil {
return fmt.Errorf("file already exists: %s", file.Path)
// file already exists
// Read existing file and calculate its hash
existingContents, err := os.ReadFile(file.Path)
if err != nil {
return fmt.Errorf("failed to read existing file for hash comparison: %w", err)
}
hash := sha256.Sum256(existingContents)
existingSha := fmt.Sprintf("%x", hash)
if existingSha == file.Sha256 {
return fmt.Errorf("file already exists: %s", file.Path)
} else {
if err := os.WriteFile(file.Path, []byte(file.contents), 0644); err != nil {
return fmt.Errorf("failed to write file: %w", err)
}
return nil
}
} else {
// file doesn't exist
// Ensure the directory exists
if _, err := os.Stat(file.Dir); err != nil {
return fmt.Errorf("directory missing")
}
// Write the contents to the file
if err := os.WriteFile(file.Path, []byte(file.contents), 0644); err != nil {
return fmt.Errorf("failed to write file: %w", err)
}
return nil
}
// Write the contents to the file
if err := os.WriteFile(file.Path, []byte(file.contents), 0644); err != nil {
return fmt.Errorf("failed to write file: %w", err)
}
return nil
}
// Try to reconcile the EnvFile with the filesystem.
@@ -150,7 +173,7 @@ func (file *EnvFile) Sync() (result EnvFileSyncResult, err error) {
}
}
// Update the EnvFile using the file system
// Update the EnvFile using the file system.
func (file *EnvFile) Backup() error {
// Read the contents of the file
contents, err := os.ReadFile(file.Path)

2
cmd/backup.go
View File

@@ -27,7 +27,7 @@ var backupCmd = &cobra.Command{
if err != nil {
return err
} else {
defer db.Close(app.Write)
defer db.Close()
record := app.NewEnvFile(path)
if err := db.Insert(record); err != nil {

2
cmd/check.go
View File

@@ -38,7 +38,7 @@ var checkCmd = &cobra.Command{
if err != nil {
return fmt.Errorf("failed to open database: %w", err)
}
defer db.Close(app.ReadOnly)
defer db.Close()
// Check if the path is a file or directory
info, err := os.Stat(absPath)

2
cmd/deps.go
View File

@@ -19,7 +19,7 @@ The check command reports on which binaries are available and which are not.`,
if err != nil {
return err
} else {
defer db.Close(app.ReadOnly)
defer db.Close()
features := db.Features()
table := tablewriter.NewWriter(os.Stdout)

19
cmd/init.go
View File

@@ -11,11 +11,9 @@ import (
"github.com/spf13/cobra"
)
// TODO: Add --force (-f) flag.
var initCmd = &cobra.Command{
Use: "init",
DisableFlagsInUseLine: true,
Short: "Set up envr",
Use: "init",
Short: "Set up envr",
Long: `The init command generates your initial config and saves it to
~/.envr/config in JSON format.
@@ -23,11 +21,10 @@ During setup, you will be prompted to select one or more ssh keys with which to
encrypt your databse. **Make 100% sure** that you have **a remote copy** of this
key somewhere, otherwise your data could be lost forever.`,
RunE: func(cmd *cobra.Command, args []string) error {
force, _ := cmd.Flags().GetBool("force")
config, _ := app.LoadConfig()
if config != nil {
return fmt.Errorf("You have already initialized envr")
} else {
if config == nil || force {
keys, err := selectSSHKeys()
if err != nil {
return fmt.Errorf("Error selecting SSH keys: %v", err)
@@ -43,13 +40,17 @@ key somewhere, otherwise your data could be lost forever.`,
}
fmt.Printf("Config initialized with %d SSH key(s). You are ready to use envr.\n", len(keys))
return nil
} else {
return fmt.Errorf(`You have already initialized envr.
Run again with the --force flag if you want to reinitialize.
`)
}
return nil
},
}
func init() {
initCmd.Flags().BoolP("force", "f", false, "Overwrite an existing config")
rootCmd.AddCommand(initCmd)
}

2
cmd/list.go
View File

@@ -24,7 +24,7 @@ var listCmd = &cobra.Command{
if err != nil {
return err
}
defer db.Close(app.ReadOnly)
defer db.Close()
rows, err := db.List()
if err != nil {

2
cmd/remove.go
View File

@@ -25,7 +25,7 @@ var removeCmd = &cobra.Command{
if err != nil {
return err
} else {
defer db.Close(app.Write)
defer db.Close()
if err := db.Delete(path); err != nil {
return err
} else {

2
cmd/restore.go
View File

@@ -27,7 +27,7 @@ var restoreCmd = &cobra.Command{
if err != nil {
return err
} else {
defer db.Close(app.ReadOnly)
defer db.Close()
record, err := db.Fetch(path)
if err != nil {

4
cmd/scan.go
View File

@@ -57,7 +57,7 @@ var scanCmd = &cobra.Command{
// Close database with write mode to persist changes
if addedCount > 0 {
err = db.Close(app.Write)
err = db.Close()
if err != nil {
return fmt.Errorf("Error saving changes: %v\n", err)
} else {
@@ -65,7 +65,7 @@ var scanCmd = &cobra.Command{
return nil
}
} else {
err = db.Close(app.ReadOnly)
err = db.Close()
if err != nil {
return fmt.Errorf("Error closing database: %v\n", err)
}

2
cmd/sync.go
View File

@@ -19,7 +19,7 @@ var syncCmd = &cobra.Command{
if err != nil {
return err
} else {
defer db.Close(app.Write)
defer db.Close()
files, err := db.List()
if err != nil {

5
docs/cli/envr_init.md
View File

@@ -12,13 +12,14 @@ encrypt your databse. **Make 100% sure** that you have **a remote copy** of this
key somewhere, otherwise your data could be lost forever.
```
envr init
envr init [flags]
```
### Options
```
-h, --help help for init
-f, --force Overwrite an existing config
-h, --help help for init
```
### SEE ALSO

1
main.go
View File

@@ -2,7 +2,6 @@ package main
import "github.com/sbrow/envr/cmd"
// TODO: `envr check` command that looks in cwd and tells you if it's backed up or not.
func main() {
cmd.Execute()
}