Allow `chezmoi apply` to change the scope of application.

Question

Allow `chezmoi apply` to change the scope of application.

Closed this issue 2 months ago · 1 comments

Is your feature request related to a problem? Please describe.

When I want to run tests on dotfiles repositories using GitHub Actions, I have a problem that I can't run tests without logging in to 1Password CLI, etc. if I run chezmoi apply as is.

In GitHub Actions, we do not want to log in to anything that handles sensitive information, such as the 1Password CLI.

I want to be able to control with Flag when chezmoi apply is executed.

Describe the solution you'd like

Add a Flag to chezmoi apply to control whether or not sensitive information such as 1Password CLI is applied.

Answer 1 · 2024-04-08T14:30:04.000Z

A flag won't be added for this (see #3657, #3202, and #2888).

There are suggestions in those threads and in #2375 and #2574 which can assist you with approaches for this. One is to use either an environment variable in your templates that can only be set in CI ($CI,$GITHUB_REF, etc. are good candidates): {{ if not (env "CI") }}{{/* things requiring secrets */}}{{ end }} and/or exclude entire files from chezmoi with .chezmoiignore.tmpl.