feat: load skate variables via 1password (#2525)

.env.1p.skate

@@ -0,0 +1,22 @@
+# MBTA Skate Secret Environment Variables
+_1P_VAULT="ptdh43ymoxcqcstjeinoev73yi"
+
+## Data URL's
+GTFS_URL="op://$_1P_VAULT/Skate Data URLs/GTFS_URL"
+BUSLOC_URL="op://$_1P_VAULT/Skate Data URLs/BUSLOC_URL"
+TRIP_UPDATES_URL="op://$_1P_VAULT/Skate Data URLs/TRIP_UPDATES_URL"
+SKATE_HASTUS_URL="op://$_1P_VAULT/Skate Data URLs/SKATE_HASTUS_URL"
+
+## Swiftly API
+SWIFTLY_REALTIME_VEHICLES_URL="op://$_1P_VAULT/Swiftly API/hostname"
+SWIFTLY_AUTHORIZATION_KEY="op://$_1P_VAULT/Swiftly API/credential"
+
+## Map Tileset URL's
+BASE_TILESET_URL="op://$_1P_VAULT/Skate Map Tileset URLs/BASE_TILESET_URL"
+SATELLITE_TILESET_URL="op://$_1P_VAULT/Skate Map Tileset URLs/SATELLITE_TILESET_URL"
+
+## AWS
+AWS_PLACE_INDEX="op://$_1P_VAULT/Skate AWS Resources/AWS_PLACE_INDEX"
+
+## Chromatic
+CHROMATIC_PROJECT_TOKEN="op://$_1P_VAULT/Chromatic Project Token/credential"

.envrc

@@ -1,2 +1,6 @@
 # Load user's local settings
 source_env_if_exists .envrc.private
+
+# Load Skate secrets from 1Password
+# https://github.com/tmatilai/direnv-1password/blob/14bbebceb40480ee5042879290e6d67e771753dc/1password.sh#L82
+direnv_load op run --env-file=.env.1p.skate -- direnv dump

.envrc.template

@@ -3,60 +3,53 @@
 ## Required Variables
 ## * These are the values you'll need to be prepared to update to run Skate locally
 
+## Erlang/OTP settings, pass "+MIscs 2048" to allocate enough memory for literals in your local dev environment
+export ERL_FLAGS="+MIscs 2048"
+
+## Authentication/authorization secret. Generate a value using mix phx.gen.secret
+export GUARDIAN_SECRET_KEY=$(mix phx.gen.secret)
+
+## Used for writing encrypted cookies. Generate a value using mix phx.gen.secret
+export SECRET_KEY_BASE=$(mix phx.gen.secret)
+
+## Postgres configuration: username, password, and hostname
+## * Your local Postgres server should go here
+# export POSTGRES_USERNAME=
+# export POSTGRES_PASSWORD=
+# export POSTGRES_HOSTNAME=
+
 ## URL of the [MBTA v3 API](https://github.com/mbta/api) for retrieving live train positions
-export API_URL=
+# export API_URL=
 
 ## Access key for the MBTA v3 API
 ## * Request your personal API key from [MBTA Realtime API](https://api-v3.mbta.com/)
-export API_KEY=
+# export API_KEY=
 
-## Postgres configuration: username, password, and hostname
-## * Your local Postgres server should go here
-export POSTGRES_USERNAME=
-export POSTGRES_PASSWORD=
-export POSTGRES_HOSTNAME=
+### The following variables are imported by 1Password in `.env.1p.skate`
 
 ## API key from [Swiftly Transitime API](https://swiftly-inc.stoplight.io/docs/realtime-standalone/YXBpOjI4NDM2MDU3-swiftly-api-reference)
-export SWIFTLY_AUTHORIZATION_KEY=
+# export SWIFTLY_AUTHORIZATION_KEY=
 
 ## Source of Swiftly vehicle data
-export SWIFTLY_REALTIME_VEHICLES_URL=
+# export SWIFTLY_REALTIME_VEHICLES_URL=
 
 ## Location of the GTFS zip file
-export GTFS_URL=
+# export GTFS_URL=
 
 ## Source of GTFS-realtime enhanced VehiclePositions json data file
-export BUSLOC_URL=
+# export BUSLOC_URL=
 
 ## Source of GTFS-realtime enhanced TripUpdates json data file (optional)
-export TRIP_UPDATES_URL=
-
-## Amazon Location Service place index to use for location search
-export AWS_PLACE_INDEX=
-
-## Erlang/OTP settings, pass "+MIscs 2048" to allocate enough memory for literals in your local dev environment
-export ERL_FLAGS="+MIscs 2048"
+# export TRIP_UPDATES_URL=
 
 ## Source of extended schedule data
 # export SKATE_HASTUS_URL=
 
-## Authentication/authorization secret. Generate a value using mix phx.gen.secret
-export GUARDIAN_SECRET_KEY=$(mix phx.gen.secret)
-
-## Used for writing encrypted cookies. Generate a value using mix phx.gen.secret
-export SECRET_KEY_BASE=$(mix phx.gen.secret)
+## Amazon Location Service place index to use for location search
+# export AWS_PLACE_INDEX=
 
 ## Optional Variables
 
-## Location of map tile images
-# export TILESET_URL=
-
-## URL for map tile images, including {x} {y} coordinate and {z} zoom level placeholders
-# export BASE_TILESET_URL=
-
-## URL for satellite map tile images, including {x} {y} coordinate and {z} zoom level placeholders
-# export SATELLITE_TILESET_URL=
-
 ## Used by Erlang (only required in production)
 # export RELEASE_COOKIE=
 
@@ -86,10 +79,21 @@ export SECRET_KEY_BASE=$(mix phx.gen.secret)
 # export BRIDGE_API_USERNAME
 # export BRIDGE_API_PASSWORD
 
-## Used for locally building (and eventually testing) Storybook and Snapshot tests
-## The project token can be found in Chromatic, (Manage > Configure > Project > Project Token)
-# export CHROMATIC_PROJECT_TOKEN=
-
 ## Open Route Service (API URL will usually be https://api.openrouteservice.org/; you can your API Key from the ORS console once you create an account)
 # export OPEN_ROUTE_SERVICE_API_URL=
 # export OPEN_ROUTE_SERVICE_API_KEY=
+
+### The following variables are imported by 1Password in `.env.1p.skate`
+
+## Location of map tile images
+# export TILESET_URL=
+
+## URL for map tile images, including {x} {y} coordinate and {z} zoom level placeholders
+# export BASE_TILESET_URL=
+
+## URL for satellite map tile images, including {x} {y} coordinate and {z} zoom level placeholders
+# export SATELLITE_TILESET_URL=
+
+## Used for locally building (and eventually testing) Storybook and Snapshot tests
+## The project token can be found in Chromatic, (Manage > Configure > Project > Project Token)
+# export CHROMATIC_PROJECT_TOKEN=

README.md

@@ -24,6 +24,14 @@ To avoid having to set these manually in your local development environment, [di
 
 The environment variables are documented in the [Skate `.envrc.template` file](.envrc.template).
 
+> [!NOTE]
+> Some of these configuration values are shared between Skate team members.
+> While there are still some values which are not shared and need to be configured in
+> `.envrc.private`, to facilitate easier setup and to reduce the amount of work done when cloning
+> for team members, the [`.envrc`](./.envrc) file is configured to source the shared
+> configuration values from 1Password using the 
+> [.env.1p.skate file](./.env.1p.skate) and the [1Password CLI](https://developer.1password.com/docs/cli/get-started/) (which you must also have on your system).
+
 Here are the values you'll need to be prepared to update to run Skate locally:
 * Your local Postgres server username and password
 * Your personal API key from [MBTA Realtime API](https://api-v3.mbta.com/); request one if you don't have one