murk-cli 0.5.10

Encrypted secrets manager for developers — one file, age encryption, git-friendly
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161

name: CI

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

permissions: read-all

env:
  CARGO_TERM_COLOR: always

jobs:
  lint:
    name: Lint
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@631a55b12751854ce901bb631d5902ceb48146f7 # stable
        with:
          components: rustfmt, clippy
      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2
      - run: cargo fmt --check
      - run: cargo clippy --all-features -- -D warnings
      - uses: EmbarkStudios/cargo-deny-action@175dc7fd4fb85ec8f46948fb98f44db001149081 # v2
      - uses: taiki-e/install-action@f092c064826410a38929a5791d2c0225b94432fe # cargo-audit
        with:
          tool: cargo-audit
      - run: cargo audit --ignore RUSTSEC-2023-0071
      - name: Check version parity (Cargo.toml vs node/package.json)
        run: |
          cargo_ver=$(sed -n 's/^version = "\(.*\)"/\1/p' Cargo.toml | head -1)
          node_ver=$(sed -n 's/.*"version": "\(.*\)".*/\1/p' node/package.json | head -1)
          if [ "$cargo_ver" != "$node_ver" ]; then
            echo "::error::Version mismatch: Cargo.toml=$cargo_ver node/package.json=$node_ver"
            exit 1
          fi

  test:
    name: Test (${{ matrix.os }})
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest, windows-latest]
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@631a55b12751854ce901bb631d5902ceb48146f7 # stable
      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2
      - uses: taiki-e/install-action@f092c064826410a38929a5791d2c0225b94432fe # nextest
      - run: cargo nextest run --all-features --profile ci
      - uses: codecov/test-results-action@0fa95f0e1eeaafde2c782583b36b28ad0d8c77d3 # v1
        if: always()
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          files: target/nextest/ci/junit.xml

  test-gate:
    name: Test
    runs-on: ubuntu-latest
    needs: test
    if: always()
    steps:
      - run: |
          if [[ "${{ needs.test.result }}" != "success" ]]; then
            echo "Test matrix failed"
            exit 1
          fi

  coverage:
    name: Coverage
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@631a55b12751854ce901bb631d5902ceb48146f7 # stable
      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2
      - uses: taiki-e/install-action@f092c064826410a38929a5791d2c0225b94432fe # cargo-llvm-cov
        with:
          tool: cargo-llvm-cov
      - run: cargo llvm-cov --codecov --output-path codecov.json -- --test-threads=1
      - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v5
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          files: codecov.json
          fail_ci_if_error: false

  demo-test:
    name: VHS Dress Rehearsal
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@631a55b12751854ce901bb631d5902ceb48146f7 # stable
      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2
      - run: sudo apt-get install -y direnv
      - run: make test-demos

  vhs-build:
    name: VHS Build Binary
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main'
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: dtolnay/rust-toolchain@631a55b12751854ce901bb631d5902ceb48146f7 # stable
      - uses: Swatinem/rust-cache@c19371144df3bb44fab255c43d04cbc2ab54d1c4 # v2
      - run: rustup target add x86_64-unknown-linux-musl
      - run: sudo apt-get install -y musl-tools
      - run: cargo build --release --target x86_64-unknown-linux-musl
      - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
        with:
          name: murk-musl
          path: target/x86_64-unknown-linux-musl/release/murk
          retention-days: 1

  vhs-record:
    name: VHS (${{ matrix.tape }})
    needs: vhs-build
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main'
    strategy:
      fail-fast: false
      matrix:
        tape: [hero, team, offboard, eve, recovery, github, direnv, mallory, ssh]
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
        with:
          name: murk-musl
          path: target/x86_64-unknown-linux-musl/release/
      - run: chmod +x target/x86_64-unknown-linux-musl/release/murk
      - name: Build VHS image with git and direnv
        run: |
          echo 'FROM ghcr.io/charmbracelet/vhs
          RUN apt-get update --allow-releaseinfo-change && apt-get install -y --no-install-recommends git direnv && rm -rf /var/lib/apt/lists/*' | docker build -t vhs-git -
      - name: Record tape
        run: docker run --rm -v $PWD:/vhs -e PATH="/vhs/target/x86_64-unknown-linux-musl/release:$PATH" vhs-git demo/${{ matrix.tape }}.tape
      - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
        with:
          name: gif-${{ matrix.tape }}
          path: demo/${{ matrix.tape }}.gif
          retention-days: 1

  vhs:
    name: VHS
    needs: vhs-record
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main'
    permissions:
      contents: write
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
      - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
        with:
          pattern: gif-*
          merge-multiple: true
          path: demo/
      - uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          publish_dir: ./demo
          publish_branch: demo
          keep_files: true