-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathnodejs-env.mk
90 lines (77 loc) · 3.34 KB
/
nodejs-env.mk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
ifndef _MK_NODEJS_ENV_MK_
_MK_NODEJS_ENV_MK_ := 1
#$(info ---> .make/nodejs-env.mk)
ifndef GIT_ROOT
GIT_ROOT := $(shell git rev-parse --show-toplevel 2>/dev/null)
endif
ifndef MK_DIR
MK_DIR := $(GIT_ROOT)/.make
endif
include $(MK_DIR)/nodejs.mk
include $(MK_DIR)/sops.mk
NODEJS_ENV_LOCAL := $(GIT_ROOT)/.env.local
NODEJS_ENV_LOCAL_ENCRYPTED := $(SOPS_KEYS_DIR)/env.local
#$(info NODEJS_ENV_LOCAL_ENCRYPTED=$(NODEJS_ENV_LOCAL_ENCRYPTED))
.PHONY: nodejs-env-check
nodejs-env-check: nodejs-check $(NODEJS_ENV_LOCAL)
#
# Generate a template file for the .sops/<your-org>/env.local file and then encrypt it using sops.
# This file should be edited manually by executing "gmake nodejs-env-edit" which will a) encrupt the file
# using sops in place and b) will get copied in decrypted form to .env.local in the project root directory.
#
$(NODEJS_ENV_LOCAL_ENCRYPTED):
@echo "Creating $@ (encrypted)"
@echo "# Generated by $(MAKE) nodejs-env-encrypt" > $@
@echo "EKG_BASE_INTERNAL=http://127.0.0.1:7879" > $@
@echo "EKG_ID_BASE_INTERNAL=http://127.0.0.1:7879/id" > $@
@echo "EKG_GRAPH_BASE_INTERNAL=http://127.0.0.1:7879/graph" > $@
@echo "EKG_ONTOLOGY_BASE_INTERNAL=http://127.0.0.1:7879/ontology" > $@
@echo "#" >> $@
@echo "EKG_BASE_EXTERNAL=http://localhost:3000" >> $@
@echo "EKG_ID_BASE_EXTERNAL=http://localhost:3000/id" >> $@
@echo "EKG_GRAPH_BASE_EXTERNAL=http://localhost:3000/graph" >> $@
@echo "EKG_ONTOLOGY_BASE_EXTERNAL=http://localhost:3000/ontology" >> $@
@echo "#" >> $@
@echo "EKG_API_BASE=http://localhost:3000/api" >> $@
@echo "#" >> $@
@echo "EKG_SPARQL_LOADER_ENDPOINT=http://127.0.0.1:7879/update" >> $@
@echo "EKG_SPARQL_HEALTH_ENDPOINT=http://127.0.0.1:7879" >> $@
@echo "EKG_SPARQL_QUERY_ENDPOINT=http://127.0.0.1:7879/query" >> $@
@echo "EKG_SPARQL_UPDATE_ENDPOINT=http://127.0.0.1:7879/update" >> $@
@echo "#" >> $@
@echo "NODE_OPTIONS=--trace-deprecation --no-deprecation" >> $@
@echo "#" >> $@
@echo "NEXTAUTH_SECRET=secret" >> $@
@echo "NEXTAUTH_URL=http://localhost:3000" >> $@
@echo "#" >> $@
@echo "AZURE_AD_CLIENT_ID=client-id" >> $@
@echo "AZURE_AD_CLIENT_SECRET=secret" >> $@
@echo "AZURE_AD_TENANT_ID=tenant-id" >> $@
@echo "#" >> $@
@echo "GITHUB_OAUTH_ID=oauth-id" >> $@
@echo "GITHUB_OAUTH_SECRET=oauth-secret" >> $@
@echo "#" >> $@
@echo "GOOGLE_CLIENT_ID=client-id" >> $@
@echo "GOOGLE_CLIENT_SECRET=client-secret" >> $@
@echo "GOOGLE_ALLOWED_DOMAINS=ekgf.org,omg.org,agnos.ai,dataroad.com" >> $@
@cat $@
@cd $(@D) && set -x ; $(SOPS_BIN) --in-place --encrypt $@
.PHONY: nodejs-env-encrypt
nodejs-env-encrypt: $(NODEJS_ENV_LOCAL_ENCRYPTED)
$(NODEJS_ENV_LOCAL): $(SOPS_BIN) $(NODEJS_ENV_LOCAL_ENCRYPTED)
@printf "Decrypting $(blue)$(NODEJS_ENV_LOCAL_ENCRYPTED)$(normal) to $(green)$@$(normal):\n"
@$(SOPS_BIN) --decrypt $(NODEJS_ENV_LOCAL_ENCRYPTED) > $@
.PHONY: nodejs-env-decrypt
nodejs-env-decrypt: $(NODEJS_ENV_LOCAL)
#
# Edit the .sops/<your-org>/env.local file using sops (and vi) and then decrypt that file as .env.local in the
# project root directory (assuming you will not commit that .env.local file to git of course because it contains
# unencrypted secrets).
#
.PHONY: nodejs-env-edit
nodejs-env-edit: $(SOPS_BIN) $(NODEJS_ENV_LOCAL_ENCRYPTED)
@echo "Editing $(NODEJS_ENV_LOCAL_ENCRYPTED)"
-@$(SOPS_BIN) $(NODEJS_ENV_LOCAL_ENCRYPTED)
$(MAKE) nodejs-env-decrypt
#$(info <--- .make/nodejs-env.mk)
endif # _MK_NODEJS_ENV_MK_