Commit graph

1394 commits

Author SHA1 Message Date
William Carroll
fd804c7b6f Path relative path to Elisp code for elisp-lint
CI is reporting a false negative because $@ is empty. This change should cause
elisp-lint to run on all of the Elisp in the wpc/ directory.
2020-08-31 12:37:31 +01:00
William Carroll
76b1bcd59a Drop support for wpc-java
1. I don't use this.
2. This is breaking CI because google-java-format cannot be found.
2020-08-31 12:22:58 +01:00
William Carroll
9065c575aa Prevent all-the-icons-install-fonts from running in CI
While I would like my CI build to closely resemble a non-CI build, supporting
the `all-the-icons-install-fonts` call is a low priority with a medium amount of
work required.
2020-08-31 12:08:30 +01:00
William Carroll
70d87eaf24 Drop support for wpgtk
I'd like to stabilize on using solarized-light.
2020-08-31 12:04:49 +01:00
William Carroll
7f4e23e431 Apply prefix arg to all-the-icons-install-fonts
This prevents the prompt, which blocks my CI build.
2020-08-31 12:03:38 +01:00
William Carroll
b5de71f1f9 Drop support for neotree
I don't use neotree anymore.
2020-08-31 12:03:18 +01:00
William Carroll
2c3dbe61b7 Remove keybinding logic from fonts.el
For two reasons:
1. I don't use these keybindings.
2. I'm trying to centralize all keybinding logic in keybindings.el.
2020-08-31 12:02:35 +01:00
William Carroll
453596adb2 Define constants/ci?
Create a top-level flag encoding whether or not Emacs is running in CI.
2020-08-31 12:02:04 +01:00
William Carroll
711820411c Delete {themes,wallpaper}.el
After my CI build for Emacs failed because the .local/share/wallpaper directory
was missing I had two options:
  A. include .local/share/wallpaper in default.nix, which is cumbersome
  B. drop support for managing system wallpaper from Emacs

I chose option B.
2020-08-31 11:53:32 +01:00
William Carroll
aa1b927ad2 Add xset to Emacs PATH
My CI failed after a call to xset resulted in a "file-missing Searching for
program" error.
2020-08-31 11:31:57 +01:00
William Carroll
a640e42e6a Prefer inherit pattern to import Nix dependencies
I'm starting to prefer the `inherit (builtins) path` pattern in my Nix
expressions. I know this is idiomatic, so even if I don't like it, I am trying
to learn to like it.
2020-08-31 11:31:00 +01:00
William Carroll
bb83c8a12c Delete unused Emacs packages
Cleaning things up...
2020-08-31 11:30:23 +01:00
William Carroll
e166e74c2c Allow configurable BRIEFCASE env var for CI
These were hard-coded as $HOME/BRIEFCASE, which won't work in CI, since CI runs
as the user buildkite-agent-socrates, whose $HOME directory doesn't exist.
2020-08-31 01:16:31 +01:00
William Carroll
8f46684c23 Attempting to avoid buildkite parse error
For more information, see here:
https://github.com/buildkite/agent/issues/584
2020-08-31 00:58:30 +01:00
William Carroll
3e23a86d0e Set Emacs line-spacing to 0
vterm.el has a bug because it uses `(window-body-height)` to compute the number
of lines it can render, but it doesn't account for `line-spacing`.
2020-08-31 00:49:07 +01:00
William Carroll
f3047cffc1 Surround subshell in 2x-quotes
This wasn't a bug; it's just good practice.
2020-08-31 00:48:30 +01:00
William Carroll
2715591c97 Call readTree on all top-level, visible directories in briefcase
Instead of manually maintaining the list of directories that I expose to
readTree, I'm using `builtins.readDir` to get a list of all non-hidden top-level
directories.
2020-08-28 18:14:22 +01:00
William Carroll
9c820e663f Restore "l" as evil-forward-char in magit-status-mode-map
Remap "l" -> "L"
2020-08-28 17:40:24 +01:00
William Carroll
78172233f8 Add build, lint Emacs steps to post-receive pipeline
TL;DR:
- Define runEmacsScript to emacs/default.nix for ci/pipelines/post-receive
- Write script.el to call (load init.el) and catch any errors
- Lint Elisp with gonewest818/elisp-lint

Also nice how Buildkite supports :gnu: emojis!
2020-08-27 18:29:48 +01:00
William Carroll
d67dbec7e8 Clean up emacs/default.nix
- Prefer prepending wpcDir, vendorDir to EMACSLOADPATH instead of using the
  --directory flag
- Remove --load ${wpcPackageEl} because init.el calls (require 'wpc-package)
- Surround $@ in 2x-quotes
2020-08-27 18:25:14 +01:00
William Carroll
a1a2f0bbbd Remove exported DEPOT env var from wpcarros-emacs
wpcarros-emacs no longer depends on this being set.
2020-08-27 17:31:25 +01:00
William Carroll
eb0e1d8c5d Prefer builtins.path
Following the advice of Domen's nix.dev anti-patterns, I'm preferring something
like...

```nix
builtins.path { path = /path/to/some.where; name = "some.where"; }
```

...to

```nix
/path/to/some/where
```

While the former is more verbose, it will fail to build when the path doesn't
exist, which I prefer.
2020-08-27 17:31:15 +01:00
William Carroll
ea0788fd62 Delete unused parts of bookmark.el
Trimming more fat.
2020-08-26 18:30:10 +01:00
William Carroll
8fef6c0408 Remove bookmark for <depot>
Since depot now support cs.tvl.fyi, I don't need this, and that is a *massive*
upgrade.
2020-08-25 14:20:46 +01:00
William Carroll
8eed16dc67 Replace calls to (getenv "BRIEFCASE") with constants/briefcase
I would prefer to define constants/briefcase in terms of `(getenv "BRIEFCASE")`
and assert that `(f-exists? (getenv "BRIEFCASE"))`, in one location:
constants.el
2020-08-25 14:19:19 +01:00
William Carroll
21ce27b0ca Prefer <leader>jb to <leader>jd for searching all of briefcase
Feels more natural...
2020-08-25 14:16:41 +01:00
William Carroll
504cf0daab Delete org-helpers
I'm trying to tidy things up, so I'm trying to apply some of the principles from
"Essentialism" to my Emacs configuration.
2020-08-25 14:15:58 +01:00
William Carroll
23a41528bb Remove unnecessary TODO
The Nix expression that builds `wpcarros-emacs` sets BRIEFCASE, so the .envrc
isn't relied on.
2020-08-25 14:02:32 +01:00
William Carroll
64afb11d60 Remove unnecessary code from wpc-nix.el
TL;DR:
- Prefer `(getenv "BRIEFCASE")` to `(f-expand "~/briefcase")`. I should audit my
  Emacs for references to ~/briefcase and replace those calls with `getenv`.
- Remove calls setting <nixpkgs> and <depot> and rely exclusively on <briefcase>
- Prefer ~/nixpkgs-channels to ~/nixpkgs.

Notes:
- I need a better way of calling `home-manager switch` that resides within my
  briefcase
2020-08-25 13:55:14 +01:00
William Carroll
7a1e56e7d1 Prefer simpler, more idiomatic project-find-function
This version avoids installed all of the custom `cl-defmethods` for a
`'monorepo` type and instead uses the existing `'transient`.
2020-08-24 11:19:47 +01:00
William Carroll
7ab86f5423 Abandon the pre-receive hook
I wanted Gitea to call Buildkite's pre-receive pipeline and either accept or
reject the incoming code depending on the outcome. The problem is that I can
only *create* builds from Gitea's pre-receive hook.

Now I'm left with two options:
1. run the lint-secrets step in post-receive
2. run `/nix/store/<hash>/git-secrets --scan-history $REPO_PATH` in Gitea

As far as I can tell, I cannot define Gitea hooks in Nix, which is unfortunate;
otherwise, option 2 would appeal more.

I'm doing option one for now.
2020-08-22 23:27:44 +01:00
William Carroll
4241339963 Define Buildkite pipelines corresponding to git server hooks
I think maintaining a 1:1 correspondence with the git server hook makes sense
right now. Let's try it out!
2020-08-22 23:27:44 +01:00
William Carroll
098ca0da15 Ensure that the build step "depends on" the lint step
This way, if the lint step fails, the build step doesn't run. Nice!
2020-08-22 23:27:44 +01:00
William Carroll
3f9352b118 Remove --add-provider step from briefcase lint
So it turns out that I was wrong and that .git/config is stateful. Multiple
calls to --add-provider will append the same provider each time...

Instead I'm defining secret-patterns.txt and version-controlling it.

Then:
- dev-side: I'm adding `providers = cat ci/secret-patterns.txt` to .git/config
- ci-side:  I'm adding `providers = cat ci/secret-patterns.txt` to .git/config

Unfortunately this is ad-hoc configuration ci-side, which I would like to
avoid. The good news is that my pre-commit hooks and failures from git-secrets
should now align with my CI, since they're both reading from
secret-patterns.txt. One step backwards... two steps forwards?
2020-08-22 23:27:44 +01:00
William Carroll
92fa785e75 Call --add-provider during lint stage
I'm also `cat .git/config` because I think the Buildkite destroys the
.git/config file for each build, but I want to verify that. If it does, I prefer
that because it seems to share the spirit of the "Destroy Your Darlings" essay.
2020-08-22 23:27:44 +01:00
William Carroll
aeeaed605e Log git information during briefcase's lint stage
I would like to find out what the state of the repo is during pre-receive hook.
2020-08-22 23:27:44 +01:00
William Carroll
0644e1f740 Replace build badge
Changed pipelines = new badge.
2020-08-22 23:27:44 +01:00
William Carroll
fa645acf5c Prefer :nix: emoji
Buildkite support language extensions as emojis!
2020-08-21 14:00:11 +01:00
William Carroll
36399df006 Use emojis for build, lint steps
Y'know... the important stuff
2020-08-21 13:51:47 +01:00
William Carroll
fd626d907e Remove debugging information
Problem: my dev machine returns a different value for `git config --get-all
secrets.patterns` than my CI machine... I ran `git-secrets --register-aws` to
get additional coverage, but it's still not the same. I created an issue on the
git-secrets GH repo to get better troubleshooting advice, but I don't need the
logging info. anymore, so I'm removing it.
2020-08-21 12:31:03 +01:00
William Carroll
56e4d9f9b5 Debugging briefcase pipeline
Somehow `git-secrets --scan-history` is exiting non-zero, when I don't think it
should. Logging some environment information to get a better idea of what's
going on.
2020-08-21 11:25:16 +01:00
William Carroll
f53b08e4a0 Call --scan-history
My current pipeline is succeeding with a false-positive. After this change, it
should return a true-negative.
2020-08-21 11:22:52 +01:00
William Carroll
3f3cba7c32 Define BuildKite pipelines in Nix
After a handful of failed attempts to run lint-secrets.sh due to a missing
`git-secrets` executable on my git server, I decided that now was a good time to
use Nix to define my BuildKite pipelines.

TL;DR:
- Delete ci/scripts directory
- Define ci/pipelines/{briefcase,socrates}.nix

Outside of this repository:
- I logged into my admin account at git.wpcarro.dev and changed my Gitea
  post-receive hook to trigger the briefcase pipeline
- I logged into my BuildKite account, deleted my build-briefcase pipeline,
  created a new briefcase pipeline that called:

  ```shell
  nix-build -A ci.pipelines.briefcase -o briefcase.yaml
  buildkite-agent pipeline upload briefcase.yaml
  ```

One day I will audit all of my ad-hoc, non-mono-repo activity (like the steps I
listed above) and attempt to fit everything herein... one step at a time,
though!
2020-08-21 11:12:57 +01:00
William Carroll
13daa560ba Testing new CI lint-secrets step
Adding a fake secret to test to the new CI build step. I'm not sure I expect
this to fail the step because it relies on a pattern that I defined in
.git/config... let's see!
2020-08-20 23:32:16 +01:00
William Carroll
5b6862ea39 Call git secret hide whenever //secrets.json is saved
Having `git secret hide` as a pre-commit hook doesn't make much sense to me. I
will detail why when/if I write a blog post on briefcase's secret mgt setup.

The problem is, if I change secrets.json and then run `git status`, I won't see
any pending changes. This is because secrets.json is gitignore'd. If I run `git
secret hide` everytime I save secrets.json, I can rest assured that my `git
status` will be consistent with any updates to secrets.json.
2020-08-20 18:41:39 +01:00
William Carroll
17c68d654b Prefer reading secrets.json to using pass show
I'm attempting to maintain a top-level secrets.json that defines all of the
sensitive data that I'd like to version-control without exposing everything in
cleartext to the world. To that end, I'm using `git secret`, which will use
`gpg` to encrypt secrets.json everytime I call `git secret hide` and decrypt
everytime I call `git secret reveal`.

I'm going to try this until I don't like it anymore... if that day comes...

I should write a blog post about my setup to solicit useful feedback and share
my ideas with others.
2020-08-20 18:31:37 +01:00
William Carroll
392832a1ca Testing git-secret
Adding a dummy, top-level secrets.json file using `git-secret`. It might be nice
to have a mono-secrets file in json because then I can use it with `jq` like:

```shell
$ jq '.secret' --join-output < ~/briefcase/secrets.json
```
2020-08-20 14:50:53 +01:00
William Carroll
d71776a9ae Remove 2x-newlines from .gitignore
I saw an issue on GitHub that claims that git-secret doesn't like 2x-newlines in
.gitignore files. Let's see if that helps...
2020-08-20 12:18:35 +01:00
William Carroll
cbaf74de0e Setup git-secret
This morning I'm attempting to secure my monorepo. How?

- `git secret`:  DONE: To version-control sensitive data
- `git secrets`: TODO: Lint code for sensitive data

I will probably update the CI to call `git secrets --scan` or some similar
command to fail when that exists non-zero. I have much to learn, but doing is
the best way to learn it.
2020-08-20 11:53:14 +01:00
William Carroll
4d8ce34a7e Simplify EXWM init hook
Anytime something before or during window-manager.el fails to evaluate,
I lose the ability to type, but I *can* still click.

@tazjin recommended that I use the mouse to cycle to the *Warnings*
buffer, which led me to another bug in a series of bugs that I'm
uncovering: ~/briefcase/org didn't exist.

A simple mistake like this should break my WM startup, so I decided to
remove most of my init hook logic.
2020-08-20 11:26:32 +01:00