.PHONY: default
default: check

# Ensures virtualenv is present
virtualenv_run:
	virtualenv --python python3 virtualenv_run
	./virtualenv_run/bin/pip install -r requirements.txt

# Alias for virtualenv_run
.PHONY: virtualenv
virtualenv: virtualenv_run

# Installs pre-commit hooks
.PHONY: install-hooks
install-hooks: virtualenv_run
	./virtualenv_run/bin/pre-commit install --install-hooks

# Checks files for encryption
.PHONY: check
check: virtualenv_run
	./virtualenv_run/bin/pre-commit run --all-files

# Creates a new secrets baseline
.secrets-baseline: virtualenv_run
	./virtualenv_run/bin/detect-secrets scan --exclude-secrets '(\$${.*}|from_env|fake|!secret)' > .secrets-baseline

# Audits secrets against baseline
.PHONY: secrets-audit
secrets-audit: virtualenv_run .secrets-baseline
	./virtualenv_run/bin/detect-secrets audit .secrets-baseline

# Updates secrets baseline
.PHONY: secrets-update
secrets-update: virtualenv_run .secrets-baseline
	./virtualenv_run/bin/detect-secrets scan --baseline .secrets-baseline