feat(bin): age tools (#20)

* wip: ae for encryption, ad for decryption
* feat: finished ad and ae, created a for both uses

.pre-commit-config.yaml

@@ -48,7 +48,7 @@ repos:
       - id: actionlint
 
   - repo: https://github.com/renovatebot/pre-commit-hooks
-    rev: 39.82.1
+    rev: 39.82.3
     hooks:
       - id: renovate-config-validator
 

base/tool-versions

@@ -1,27 +1,21 @@
 asdf-plugin-manager 1.4.0
-golang 1.23.3
-ruby 3.3.4
+golang 1.23.4
 rust 1.82.0
 direnv 2.35.0
 fd 10.2.0
 1password-cli 2.30.3
-age 1.2.0
+age 1.2.1
 bottom 0.10.2
 dotenv-linter 3.3.0
 editorconfig-checker 2.8.0
-github-cli 2.61.0
+github-cli 2.64.0
 hadolint 2.12.0
-kubectl 1.31.2
+kubectl 1.32.0
 pre-commit 4.0.1
 ripgrep 14.1.1
 shellcheck 0.10.0
 shfmt 3.10.0
 terragrunt 0.68.8
-tf-summarize 0.3.13
+tf-summarize 0.3.14
 yamllint 1.35.1
-yq 4.44.3
-bats 1.11.0
-gitleaks 8.18.4
-delta 0.18.1
-eza 0.20.8
-sops 3.9.1
+yq 4.44.6

config/asdf/plugin-versions

@@ -1,27 +1,20 @@
 1password-cli         https://github.com/NeoHsu/asdf-1password-cli.git            f5d5aab
 age                   https://github.com/threkk/asdf-age.git                      396bdf6
 asdf-plugin-manager   https://github.com/asdf-community/asdf-plugin-manager.git   b5862c1
-bats                  https://github.com/timgluz/asdf-bats.git                    299551f
-bottom                https://github.com/carbonteq/asdf-btm.git                   fd8a55a
-delta                 https://github.com/andweeb/asdf-delta.git                   501318b
 direnv                https://github.com/asdf-community/asdf-direnv.git           6ff3dbe
 dotenv-linter         https://github.com/wesleimp/asdf-dotenv-linter.git          1369f53
 editorconfig-checker  https://github.com/gabitchov/asdf-editorconfig-checker.git  585c1d5
-eza                   https://github.com/lwiechec/asdf-eza.git                    11f578d
 fd                    https://gitlab.com/wt0f/asdf-fd.git                         17d56e0
 github-cli            https://github.com/bartlomiejdanek/asdf-github-cli.git      e0605b7
-gitleaks              https://github.com/jmcvetta/asdf-gitleaks.git               0cc0d7e
 golang                https://github.com/asdf-community/asdf-golang.git           e2527a3
-hadolint              https://github.com/devlincashman/asdf-hadolint.git          335e230
+hadolint              https://github.com/devlincashman/asdf-hadolint.git          c8eb88b
 kubectl               https://github.com/asdf-community/asdf-kubectl.git          2fb3b57
 pre-commit            https://github.com/jonathanmorley/asdf-pre-commit.git       26bfc42
 ripgrep               https://gitlab.com/wt0f/asdf-ripgrep.git                    e836665
-ruby                  https://github.com/asdf-vm/asdf-ruby.git                    194fe45
 rust                  https://github.com/code-lever/asdf-rust.git                 95acf4f
 shellcheck            https://github.com/luizm/asdf-shellcheck.git                66200ff
 shfmt                 https://github.com/luizm/asdf-shfmt.git                     a42c5ff
-sops                  https://github.com/feniix/asdf-sops.git                     5c7a2fb
-terragrunt            https://github.com/ohmer/asdf-terragrunt.git                4a6651a
+terragrunt            https://github.com/ohmer/asdf-terragrunt.git                29f2935
 tf-summarize          https://github.com/adamcrews/asdf-tf-summarize.git          880ad26
-yamllint              https://github.com/ericcornelissen/asdf-yamllint.git        bc2813e
+yamllint              https://github.com/ericcornelissen/asdf-yamllint.git        e4cfb17
 yq                    https://github.com/sudermanjr/asdf-yq.git                   772992f

config/git/config

@@ -11,3 +11,5 @@
 [include]
   path = ~/.config/git/overrides/config
 
+[advice]
+  detachedHead = false

local/bin/a

@@ -0,0 +1,184 @@
+#!/usr/bin/env bash
+# A script for encrypting and decrypting files or directories with age and SSH keys
+
+VERSION="1.0.0"
+
+# Default ENV values
+KEYS_FILE="${AGE_KEYSFILE:-$HOME/.ssh/keys.txt}"
+KEYS_SOURCE="${AGE_KEYSSOURCE:-https://github.com/ivuorinen.keys}"
+LOG_FILE="${AGE_LOGFILE:-$HOME/.cache/a.log}"
+
+VERBOSE=false
+
+# Parse flags for verbosity
+for arg in "$@"; do
+  if [[ "$arg" == "-v" || "$arg" == "--verbose" ]]; then
+    VERBOSE=true
+    break
+  fi
+done
+
+# Ensure log directory and file exist with correct permissions
+prepare_log_file() {
+  local log_dir
+  log_dir=$(dirname "$LOG_FILE")
+
+  # Create log directory if it does not exist
+  if [[ ! -d "$log_dir" ]]; then
+    mkdir -p "$log_dir"
+  fi
+
+  # Create log file if it does not exist
+  if [[ ! -f "$LOG_FILE" ]]; then
+    touch "$LOG_FILE"
+  fi
+
+  # Set permissions to 0600
+  chmod 0600 "$LOG_FILE"
+}
+
+prepare_log_file
+
+# Logging function
+log_message() {
+  local message="$1"
+  echo "$(date +'%Y-%m-%d %H:%M:%S') - $message" >> "$LOG_FILE"
+
+  # Print to user if verbose flag is set
+  if [[ "$VERBOSE" == true ]]; then
+    echo "$message"
+  fi
+}
+
+# Function to print usage
+print_help() {
+  cat <<EOF
+Usage: a [command] [file_or_directory] [options]
+
+Commands:
+  e, enc, encrypt      Encrypt the specified file or directory
+  d, dec, decrypt      Decrypt the specified file or directory
+  help, --help         Show this help message
+  version, --version   Show version information
+
+Options:
+  -v, --verbose        Print log messages to console in addition to writing to log file
+
+Environment Variables:
+  AGE_KEYSFILE         Path to the SSH keys file (default: $HOME/.ssh/keys.txt)
+  AGE_KEYSSOURCE       URL to fetch SSH keys if keys file does not exist
+  AGE_LOGFILE          Path to the log file (default: $HOME/.cache/a.log)
+
+Examples:
+  Encrypt a file:
+    a e file.txt
+
+  Encrypt a directory:
+    a e /path/to/directory
+
+  Decrypt a file:
+    a d file.txt.age
+
+  Specify a custom keys file:
+    AGE_KEYSFILE=/path/to/keys.txt a e file.txt
+
+  Specify a custom keys source and log file:
+    AGE_KEYSSOURCE=https://example.com/keys.txt AGE_LOGFILE=/tmp/a.log a d file.txt.age
+EOF
+}
+
+# Function to print version
+print_version() {
+  echo "a version $VERSION"
+  echo "Created by Ismo Vuorinen <https://github.com/ivuorinen>"
+}
+
+# Function to fetch keys if missing
+fetch_keys_if_missing() {
+  if [[ ! -f "$KEYS_FILE" ]]; then
+    log_message "Keys file '$KEYS_FILE' not found. Attempting to fetch from $KEYS_SOURCE..."
+    mkdir -p "$(dirname "$KEYS_FILE")"
+    curl -s "$KEYS_SOURCE" -o "$KEYS_FILE"
+
+    if [[ $? -ne 0 || ! -s "$KEYS_FILE" ]]; then
+      log_message "Error: Failed to fetch keys from $KEYS_SOURCE"
+      exit 1
+    fi
+
+    chmod 0400 "$KEYS_FILE"
+    log_message "Keys file fetched and permissions set to 0400."
+  fi
+}
+
+# Function to encrypt files or directories
+encrypt_file_or_directory() {
+  local file="$1"
+  if [[ -d "$file" ]]; then
+    for f in "$file"/*; do
+      encrypt_file_or_directory "$f"
+    done
+  elif [[ -f "$file" ]]; then
+    fetch_keys_if_missing
+    local output_file="${file}.age"
+    age -R "$KEYS_FILE" "$file" >"$output_file"
+    if [[ $? -eq 0 ]]; then
+      log_message "File encrypted successfully: $output_file"
+    else
+      log_message "Error: Failed to encrypt file '$file'."
+      exit 1
+    fi
+  fi
+}
+
+# Function to decrypt files or directories
+decrypt_file_or_directory() {
+  local file="$1"
+  if [[ -d "$file" ]]; then
+    for f in "$file"/*.age; do
+      decrypt_file_or_directory "$f"
+    done
+  elif [[ -f "$file" ]]; then
+    fetch_keys_if_missing
+    local output_file="${file%.age}"
+    age -d -i "$KEYS_FILE" "$file" >"$output_file"
+    if [[ $? -eq 0 ]]; then
+      log_message "File decrypted successfully: $output_file"
+    else
+      log_message "Error: Failed to decrypt file '$file'."
+      exit 1
+    fi
+  fi
+}
+
+# Main logic
+case "$1" in
+  e|enc|encrypt)
+    if [[ $# -lt 2 ]]; then
+      log_message "Error: No file or directory specified for encryption."
+      print_help
+      exit 1
+    fi
+    encrypt_file_or_directory "$2"
+    ;;
+  d|dec|decrypt)
+    if [[ $# -lt 2 ]]; then
+      log_message "Error: No file or directory specified for decryption."
+      print_help
+      exit 1
+    fi
+    decrypt_file_or_directory "$2"
+    ;;
+  help|--help)
+    print_help
+    ;;
+  version|--version)
+    print_version
+    ;;
+  *)
+    log_message "Error: Unknown command '$1'"
+    print_help
+    exit 1
+    ;;
+esac
+
+# vim: ft=bash:syn=sh:ts=2:sw=2:et:ai:nowrap

local/bin/ad

@@ -0,0 +1,62 @@
+#!/usr/bin/env bash
+# age decrypt file with github keys
+
+# Use ENV or default values for keys file and source
+KEYS_FILE="${AGE_KEYSFILE:-$HOME/.ssh/keys.txt}"
+KEYS_SOURCE="${AGE_KEYSSOURCE:-https://github.com/ivuorinen.keys}"
+
+# Check for required commands
+if ! command -v age &>/dev/null; then
+  echo "Error: age is not installed. Please install it to continue."
+  exit 1
+fi
+
+if ! command -v curl &>/dev/null; then
+  echo "Error: curl is not installed. Please install it to continue."
+  exit 1
+fi
+
+# Ensure a file is provided
+if [[ $# -lt 1 ]]; then
+  echo "Usage: $0 <file-to-decrypt>"
+  exit 1
+fi
+
+FILE="$1"
+if [[ ! -f "$FILE" ]]; then
+  echo "Error: File '$FILE' does not exist."
+  exit 1
+fi
+
+
+# Check if keys file exists, otherwise fetch it
+if [[ ! -f "$KEYS_FILE" ]]; then
+  echo "Keys file '$KEYS_FILE' not found. Attempting to fetch from $KEYS_SOURCE..."
+
+  # Create the directory if it doesn't exist
+  mkdir -p "$(dirname "$KEYS_FILE")"
+
+  # Fetch the keys and save to the file
+  curl -s "$KEYS_SOURCE" -o "$KEYS_FILE"
+
+  if [[ $? -ne 0 || ! -s "$KEYS_FILE" ]]; then
+    echo "Error: Failed to fetch keys from $KEYS_SOURCE"
+    exit 1
+  fi
+
+  # Set permissions to 0400
+  chmod 0400 "$KEYS_FILE"
+  echo "Keys file fetched and permissions set to 0400."
+fi
+
+# Decrypt the file
+OUTPUT_FILE="${FILE%.age}"
+age -d -i "$KEYS_FILE" "$FILE" >"$OUTPUT_FILE"
+
+if [[ $? -eq 0 ]]; then
+  echo "File decrypted successfully: $OUTPUT_FILE"
+else
+  echo "Error: Failed to decrypt file."
+  exit 1
+fi
+

local/bin/ae

@@ -0,0 +1,60 @@
+#!/usr/bin/env bash
+# age encrypt file with github keys
+
+# Use ENV or default values for keys file and source
+KEYS_FILE="${AGE_KEYSFILE:-$HOME/.ssh/keys.txt}"
+KEYS_SOURCE="${AGE_KEYSSOURCE:-https://github.com/ivuorinen.keys}"
+
+# Check for required commands
+if ! command -v age &>/dev/null; then
+  echo "Error: age is not installed. Please install it to continue."
+  exit 1
+fi
+
+if ! command -v curl &>/dev/null; then
+  echo "Error: curl is not installed. Please install it to continue."
+  exit 1
+fi
+
+# Ensure a file is provided
+if [[ $# -lt 1 ]]; then
+  echo "Usage: $0 <file-to-encrypt>"
+  exit 1
+fi
+
+FILE="$1"
+if [[ ! -f "$FILE" ]]; then
+  echo "Error: File '$FILE' does not exist."
+  exit 1
+fi
+
+# Check if keys file exists, otherwise fetch it
+if [[ ! -f "$KEYS_FILE" ]]; then
+  echo "Keys file '$KEYS_FILE' not found. Attempting to fetch from $KEYS_SOURCE..."
+
+  # Create the directory if it doesn't exist
+  mkdir -p "$(dirname "$KEYS_FILE")"
+
+  # Fetch the keys and save to the file
+  curl -s "$KEYS_SOURCE" -o "$KEYS_FILE"
+
+  if [[ $? -ne 0 || ! -s "$KEYS_FILE" ]]; then
+    echo "Error: Failed to fetch keys from $KEYS_SOURCE"
+    exit 1
+  fi
+
+  # Set permissions to 0400
+  chmod 0400 "$KEYS_FILE"
+  echo "Keys file fetched and permissions set to 0400."
+fi
+
+# Encrypt the file
+OUTPUT_FILE="${FILE}.age"
+age -R "$KEYS_FILE" "$FILE" >"$OUTPUT_FILE"
+
+if [[ $? -eq 0 ]]; then
+  echo "File encrypted successfully: $OUTPUT_FILE"
+else
+  echo "Error: Failed to encrypt file."
+  exit 1
+fi

local/bin/dfm

@@ -169,7 +169,7 @@ section_install()
       ;;
     asdf)
       msg "Installing asdf..."
-      bash "$DOTFILES/scripts/install-asdf.sh both" \
+      $0 asdf plugins-add \
         && msg_yay "asdf installed!"
       ;;
     cargo)
@@ -371,21 +371,111 @@ section_asdf()
 {
   USAGE_PREFIX="$SCRIPT asdf <command>"
   MENU=(
-    "install:Install asdf"
     "current:Show asdf current versions"
     "global:Show asdf global versions"
     "installed:Show asdf installed versions"
     "local:Show asdf local versions"
+    "plugins-add:Add and update direnv and asdf-plugin-manager, and all other plugins"
+    "plugins-update:Update all asdf plugins"
+    "reset:Reset asdf plugins"
     "versions:Show asdf versions"
     "where:Show asdf where"
     "which:Show asdf which"
   )
 
   case "$1" in
-    install)
-      msg "Installing asdf..."
-      bash "$DOTFILES/scripts/install-asdf.sh both" \
-        && msg_yay "asdf installed!"
+    plugins-update)
+      APM_BIN="$(asdf where asdf-plugin-manager)/bin/asdf-plugin-manager"
+
+      msgr run "Updating all asdf plugins"
+      $APM_BIN update-all
+      $APM_BIN export > "$ASDF_PLUGIN_MANAGER_PLUGIN_VERSIONS_FILENAME"
+      msgr run_done "Updated all plugins"
+      ;;
+    plugins-add)
+      X_GH_BIN="$DOTFILES/local/bin/x-gh-get-latest-version"
+      LATEST_APM="$($X_GH_BIN asdf-community/asdf-plugin-manager | sed 's/^v//')"
+      LATEST_DIRENV="$($X_GH_BIN asdf-community/asdf-direnv)"
+      PLUGIN_VERSIONS="$DOTFILES/config/asdf/plugin-versions"
+      APM_BIN="$HOME/.local/bin/asdf/shims/asdf-plugin-manager"
+
+      msgr run "Adding and updating direnv and asdf-plugin-manager"
+      asdf plugin add direnv https://github.com/asdf-community/asdf-direnv.git
+      asdf global direnv "$LATEST_DIRENV"
+      asdf install direnv "$LATEST_DIRENV"
+
+      asdf plugin add asdf-plugin-manager https://github.com/asdf-community/asdf-plugin-manager.git
+      asdf global asdf-plugin-manager "$LATEST_APM"
+      asdf install asdf-plugin-manager "$LATEST_APM"
+      asdf reshim
+      msgr run_done "direnv and asdf-plugin-manager added and updated"
+
+      msgr run "Reset plugin-versions file to the original using git"
+      if git ls-files --error-unmatch "$PLUGIN_VERSIONS" > /dev/null 2>&1; then
+        git checkout -- "$PLUGIN_VERSIONS"
+      fi
+      msgr run_done "Reset plugin-versions file"
+
+      msgr run "Adding all plugins with asdf-plugin-manager"
+      "$APM_BIN" add-all
+      msgr run_done "Added all plugins with asdf-plugin-manager"
+
+      msgr run "Install all plugins"
+      PLUGINS=$($APM_BIN list | awk -F ' ' '{print $1}' | sort)
+      for P in $PLUGINS; do
+        msgr run "Installing $P"
+        asdf install "$P" latest
+        asdf global "$P" latest
+      done
+
+
+      msgr run_done "Installed all plugins"
+
+      msgr run "Reshimming"
+      asdf reshim
+      msgr run_done "Reshimmed"
+      ;;
+    plugins-remove)
+      PLUGIN_VERSIONS="$DOTFILES/config/asdf/plugin-versions"
+
+      msgr run "Remove installed plugins"
+      INSTALLED_ASDF_PLUGINS=$(asdf list | grep -vE "direnv|asdf-plugin-manager" | grep -v "^ ")
+      for P in $INSTALLED_ASDF_PLUGINS; do
+        asdf plugin remove "$P"
+        msgr nested_done "Removed $P"
+      done
+
+      msgr run "Reset plugin-versions file to the original using git"
+      if git ls-files --error-unmatch "$PLUGIN_VERSIONS" > /dev/null 2>&1; then
+        git checkout -- "$PLUGIN_VERSIONS"
+      fi
+      msgr run_done "Reset plugin-versions file"
+
+      msgr run_done "Remove plugins done!"
+      ;;
+    reset)
+      APM_BIN="$(asdf where asdf-plugin-manager)/bin/asdf-plugin-manager"
+
+      msgr run "Get currently installed plugins, remove those that are not defined"
+      $0 asdf plugins-remove
+      $0 asdf plugins-add
+      $0 asdf fixtoolversions
+      asdf reshim
+      msgr yay "Reset asdf plugins done!"
+      ;;
+    fixtoolversions)
+      ASDF_TOOL_VERSIONS_FILE="$DOTFILES/base/tool-versions"
+      ASDF_TOOL_FILE_PLUGINS=$(awk '{print $1 " " $2}' "$ASDF_TOOL_VERSIONS_FILE")
+      APM_BIN="$(asdf where asdf-plugin-manager)/bin/asdf-plugin-manager"
+
+      msgr run "Loading $ASDF_TOOL_VERSIONS_FILE and collecting installed"
+      ASDF_PLUGINS_DEFINED=$($APM_BIN list | awk -F ' ' '{print $1}')
+
+      echo "$ASDF_TOOL_FILE_PLUGINS" | \
+        grep -Fxv -f <(echo "$ASDF_PLUGINS_DEFINED") > tmp && \
+        mv tmp "$ASDF_TOOL_VERSIONS_FILE"
+
+      msgr run_done "Fixed $ASDF_TOOL_VERSIONS_FILE"
       ;;
     current)
       asdf current