hanko 0.5.3

Keeps your Git allowed signers file up to date with signing keys configured on software development platforms like GitHub and GitLab.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141

export CI := env("CI", "false")
CHANGELOG_FILE := "CHANGELOG.md"
REPO_URL := "https://github.com/SRv6d/hanko"
COMPLETIONS_DIR := "assets/completions"
MANPAGES_DIR := "assets/manpages"

default: check-lockfile lint test

# Check if the lockfile is up to date
check-lockfile:
    cargo update -w --locked

# Lint code and check formatting
lint: lint-justfile
    cargo clippy --all-targets --all-features
    cargo fmt --all --check

lint-justfile:
    just --check --fmt --unstable

cov_output := if CI == "true" { "--lcov --output-path lcov.info" } else { "--summary-only" }

# Run tests
test $COV=CI: (_install_llvm_cov COV)
    {{ if COV == "true" { "cargo llvm-cov --all-features" + " " + cov_output } else { "cargo test --all-features" } }}

# Generate up to date shell completions
completions dir=COMPLETIONS_DIR:
    cargo xtask completions {{ dir }}

# Generate up to date manpages
manpages dir=MANPAGES_DIR:
    cargo xtask manpages {{ dir }}

# Create a release build for the specified target
release-build target:
    cargo build --release --locked --target {{ target }}

# Create the release archive for the specified target
release-archive target filename: (release-build target)
    #!/usr/bin/env bash
    set -euxo pipefail

    if [ "{{ os_family() }}" == "unix" ]; then
        DIR=$(mktemp -d)
    else
        DIR="${TEMP}/hanko-{{ uuid() }}"
        mkdir -p $DIR
    fi

    cp README.md LICENSE CHANGELOG.md {{ MANPAGES_DIR }}/* $DIR
    mkdir $DIR/completions
    cp {{ COMPLETIONS_DIR }}/* $DIR/completions
    cp target/{{ target }}/release/hanko $DIR

    if [ "{{ extension(filename) }}" == "gz" ]; then
        tar -czvf {{ filename }} -C $DIR .
    else
        cd $DIR && 7z a {{ join(justfile_directory(), filename) }} *
    fi

# Bump our version
bump-version $VERSION: _check_clean_working (_validate_semver VERSION) && (_changelog_add_version VERSION) (_bump_version_pr VERSION)
    #!/usr/bin/env bash
    set -euxo pipefail

    sed -i 's/^version = .*/version = "'$VERSION'"/g' Cargo.toml
    cargo update -w --offline

    git add Cargo.toml Cargo.lock
    git commit -m "Bump version to v{{ VERSION }}"

# Create a GitHub release containing the latest changes
release-latest-version version:
    #!/usr/bin/env bash
    set -euxo pipefail
    PREVIOUS_RELEASE=$(gh release list --json name,isLatest --jq '.[] | select(.isLatest)|.name')
    CURRENT_RELEASE="v{{ version }}"
    CHANGES=$(sed -n "/^## \[{{ version }}]/,/^## \[[0-9].*\]/ {//!p}" {{ CHANGELOG_FILE }})
    RELEASE_NOTES="
    ## What's Changed

    $CHANGES

    **Full Changelog**: {{ REPO_URL }}/compare/$PREVIOUS_RELEASE...$CURRENT_RELEASE
    "

    gh release create $CURRENT_RELEASE --latest --title $CURRENT_RELEASE --notes-file - <<< "$RELEASE_NOTES"

# Publish the crate
publish: _validate_version_tag
    cargo publish --no-verify

# Check that Git has a clean working directory
_check_clean_working:
    test -z "$(git status --porcelain)" || (echo "The working directory is not clean"; exit 1)

# Validate that the crate version matches that of the git tag
_validate_version_tag:
    #!/usr/bin/env bash
    set -euxo pipefail
    PROJECT_VERSION="$(grep -Po '(?<=^version = ").*(?=")' Cargo.toml)"
    GIT_TAG="$(git describe --exact-match --tags)"

    if [ ! $PROJECT_VERSION == ${GIT_TAG:1} ]; then
        echo Project version $PROJECT_VERSION does not match git tag $GIT_TAG
        exit 1
    fi

# Validate a version against SemVer
_validate_semver version:
    #!/usr/bin/env bash
    set -euxo pipefail
    if [[ ! "{{ version }}" =~ ^(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)(-((0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*)(\.(0|[1-9][0-9]*|[0-9]*[a-zA-Z-][0-9a-zA-Z-]*))*))?(\+([0-9a-zA-Z-]+(\.[0-9a-zA-Z-]+)*))?$ ]]; then
        echo Invalid SemVer {{ version }}
        exit 1
    fi

_install_llvm_cov $run:
    #!/usr/bin/env bash
    set -euxo pipefail

    if [ $run == true ] && [ $CI = false ]; then
        cargo install cargo-llvm-cov --locked
    fi

# Update the changelog with a new version
_changelog_add_version version filename=CHANGELOG_FILE:
    #!/usr/bin/env bash
    set -euxo pipefail
    PREV_VERSION=$(sed -n "/^\[unreleased\]:/ { n; s/^\[\([^]]*\)\].*/\1/p }" {{ filename }})

    sed -i "/^## \[Unreleased\]$/ { N; s/\n/\n\n## [{{ version }}] - {{ datetime('%Y-%m-%d') }}\n/ }" {{ filename }}
    sed -i "/^\[unreleased\]:/ s/v[0-9.]\+\b/v{{ version }}.../; /^\[unreleased\]:/ a\
    [{{ version }}]: {{ REPO_URL }}/compare/v$PREV_VERSION...v{{ version }}" {{ filename }}

    git add {{ filename }}
    git commit -m "Update {{ filename }}"

_bump_version_pr version:
    gh pr create --title "Bump version to v{{ version }}" --body ""