Script to store secrets to keyring (#63)

home/.chezmoiscripts/universal/run_onchange_after_05-envchain-import-secrets.tmpl

@@ -0,0 +1,27 @@
+{{- if and (ne .host.distro.family "windows") (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) -}}
+#!/usr/bin/env bash
+# @file Store Secrets in Keyring
+# @brief Stores secret environment variables into the System keyring
+# @description
+#     This script imports secret environment variables into the System keyring if `envchain` is installed.
+#     Secrets stored in the folder 'home/.chezmoitemplates/secrets' following the Install Doctor method are
+#     imported into the System keyring by this script. There is only one namespace called `default` where the
+#     secrets are stored. Executing `envchain default env` displays all the environment variables and their values.
+#
+#     ## Secrets
+#
+#     For more information about storing secrets like SSH keys and API keys, refer to our [Secrets documentation](https://install.doctor/docs/customization/secrets).
+
+{{ includeTemplate "universal/profile" }}
+{{ includeTemplate "universal/logg" }}
+
+### Import environment variables into `envchain`
+if command -v envchain > /dev/null; then
+    logg info 'Importing environment variables into the System keyring'
+    for file in {{ joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "*" }}; do
+        cat "$file" | chezmoi decrypt | envchain -s default "$(basename $file)" > /dev/null || logg info 'Importing "$(basename $file)" failed'
+    done
+else
+    logg info '`envchain` is not installed or it is not available in the PATH'
+fi
+{{ end -}}

software.yml

@@ -2647,7 +2647,7 @@ softwarePackages:
     _docs: https://github.com/sorah/envchain#usage
     _github: https://github.com/sorah/envchain
     _home: https://github.com/sorah/envchain
-    _name: envconsul
+    _name: envchain
     brew: envchain
     github: github.com/sorah/envchain
   _envchain:deps: