From 88378cbfa73d5714095b4660f989b97ac1f935d8 Mon Sep 17 00:00:00 2001 From: Deeman Date: Thu, 26 Feb 2026 20:27:35 +0100 Subject: [PATCH] chore: add secrets-encrypt-dev/prod targets to match template --- Makefile | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 3939376..2e11d36 100644 --- a/Makefile +++ b/Makefile @@ -4,7 +4,8 @@ SOPS_DOTENV := sops --input-type dotenv --output-type dotenv .PHONY: help dev init-landing-seeds css-build css-watch \ secrets-decrypt-dev secrets-decrypt-prod \ - secrets-edit-dev secrets-edit-prod + secrets-edit-dev secrets-edit-prod \ + secrets-encrypt-dev secrets-encrypt-prod help: @echo "Available targets:" @@ -16,6 +17,8 @@ help: @echo " secrets-decrypt-prod Decrypt .env.prod.sops → .env" @echo " secrets-edit-dev Edit .env.dev.sops in \$$EDITOR" @echo " secrets-edit-prod Edit .env.prod.sops in \$$EDITOR" + @echo " secrets-encrypt-dev Encrypt .env (plaintext) → .env.dev.sops" + @echo " secrets-encrypt-prod Encrypt .env (plaintext) → .env.prod.sops" # ── Dev environment ─────────────────────────────────────────────────────────── @@ -43,8 +46,11 @@ css-watch: bin/tailwindcss $(TAILWIND) -i web/src/padelnomics/static/css/input.css -o web/src/padelnomics/static/css/output.css --watch # ── Secrets (SOPS + age) ───────────────────────────────────────────────────── +# Requires: sops (https://github.com/getsops/sops) + age (https://github.com/FiloSottile/age) +# Keys config: .sops.yaml # .env.*.sops files use dotenv format but sops can't infer from the extension, # so we pass --input-type / --output-type explicitly. +# Encrypted files are safe to commit to git. secrets-decrypt-dev: $(SOPS_DOTENV) --decrypt .env.dev.sops > .env @@ -59,3 +65,11 @@ secrets-edit-dev: secrets-edit-prod: $(SOPS_DOTENV) .env.prod.sops + +secrets-encrypt-dev: + $(SOPS_DOTENV) --encrypt --in-place .env.dev.sops + @echo "Encrypted .env.dev.sops (commit this file)" + +secrets-encrypt-prod: + $(SOPS_DOTENV) --encrypt --in-place .env.prod.sops + @echo "Encrypted .env.prod.sops (commit this file)"