kamal_generate_secrets

#!/usr/bin/env ruby
# Run this file to generate `.kamal/secrets`.

# List of secrets to generate
# Either:
#   - String: the secret name
#   - Array: [secret_name, note_id]
secrets = [
  ["RAPIDRX_POSTGRESQL_PASSWORD", "RAPIDRX_DEV_POSTGRESQL_PASSWORD"],
  "RAPIDRX_KAMAL_REGISTRY_PASSWORD"
]

###########################################################################

script_dir = File.expand_path(File.dirname(__FILE__))
Dir.chdir(script_dir)
output_file = File.expand_path(".kamal/secrets")

require 'mkmf'
# Make the MakeMakefile logger write file output to null.
# Probably requires ruby >= 1.9.3
module MakeMakefile::Logging
  @logfile = File::NULL
end

if not find_executable 'bw'
  raise ArgumentError, "Bitwarden CLI (bw) binary missing, install it from https://www.npmjs.com/package/@bitwarden/cli"
end

@session_token = ENV['BW_SESSION']
if @session_token.nil? || @session_token.empty?
  puts "Please unlock your BitWarden account"
  if (@session_token=`bw unlock --raw`.strip) == "" 
    raise ArgumentError, "Please login to Bitwarden using 'bw login'"
  end
end

# puts "Session token: #{@session_token}"

def bw_get(var_name, note_id = nil)
  note_id = var_name if note_id.nil?

  puts "Getting \"#{var_name}\" from BitWarden note id=\"#{note_id}\""
  password = `bw get notes #{note_id} --session #{@session_token}`
  "#{var_name}=\"#{password}\""
end

def bw_get_all(secrets)
  secrets.map do |secret|
    if secret.is_a?(String)
      bw_get(secret)
    elsif secret.is_a?(Array) && secret.length == 2
      bw_get(secret[0], secret[1])
    else 
      raise ArgumentError, "Invalid secret: #{secret}"
    end
  end.join("\n")
end  

output = <<EOF
# Generated by `#{__FILE__}` on #{Time.now}
#{bw_get_all(secrets)}
EOF

# Make the directory if it doesn't exist
FileUtils.mkdir_p(File.dirname(output_file))

File.write(output_file, output)
puts "Secrets written to '#{output_file}'"