Fix Docker and add new Android sources

docs/customization/secrets.md

@@ -178,6 +178,7 @@ Unless otherwise specified in the description column, all of the variables in th
 | `CLOUDFLARE_TEAMS_ORG`           | The organization name used to connect to CloudFlare WARP Teams Zero Trust automatically. Used to populate the `organization` value referenced on [this page](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/deployment/mdm-deployment/). _Can only be passed in as environment variable or hardcoded into `home/.chezmoi.yaml.tmpl`_                         |
 | `CLOUDSDK_CORE_PROJECT`          | Injected into `~/.config/shell/private.sh` and saved in your Chezmoi configuration. _Can only be passed in as environment variable or hardcoded into `home/.chezmoi.yaml.tmpl`._                                                                                                                                                                                                                |
 | `DIGITALOCEAN_ACCESS_TOKEN`      | DigitalOcean personal access token (generated via the [Applications & API > Personal access tokens section](https://cloud.digitalocean.com/account/api/tokens)). Used to connect to DigitalOcean-hosted Kubernetes cluster.                                                                                                                                                                     |
+| `DOCKERHUB_USER` | DockerHub username which is used in combination with the `DOCKERHUB_TOKEN` to headlessly authenticate Docker Desktop with DockerHub |
 | `DOCKERHUB_TOKEN`                | DockerHub API token stored in `~/.config/shell/private.sh` so developer API keys can be loaded by running `source "~/.config/shell/private.sh"`.                                                                                                                                                                                                                                                |
 | `ELEVENLABS_API_KEY`             | API key for ElevenLabs which is used by [ShortGPT](https://github.com/RayVentura/ShortGPT)                                                                                                                                                                                                                                                                                                      |
 | `FULL_NAME`                      | Your full name used in things like the Git config and NPM config. This can be passed in as an environment variable or hardcoded into the `home/.chezmoi.yaml.tmpl` file.                                                                                                                                                                                                                        |

docs/scripts/before/run_onchange_before_11-install-docker.sh.tmpl.md

@@ -54,7 +54,8 @@ if [ -d /Applications ] && [ -d /System ]; then
         logg info 'Docker appears to be installed already'
     fi
     logg info 'Opening the Docker for Desktop app so that the Docker engine starts running'
-    open --background -a Docker
+    # Note: At one point `--install-privileged-components` was also a flag at the end below but it no longer appears to work
+    open --background -a Docker --args --accept-license --unattended
 elif command -v apt-get > /dev/null; then
     . /etc/os-release
     if [ "$ID" == 'ubuntu' ]; then

docs/scripts/profile/exports.sh.tmpl.md

@@ -166,6 +166,7 @@ export PATH="$PATH:$DETA_INSTALL/bin"
 ### Docker
 export DOCKER_CONFIG="$XDG_CONFIG_HOME/docker"
 export MACHINE_STORAGE_PATH="$XDG_DATA_HOME/docker-machine"
+export PATH="$DOCKER_CONFIG/cli-plugins:$PATH"
 
 ### Dotnet
 export DOTNET_CLI_HOME="$XDG_CONFIG_HOME/dotnet"

home/.chezmoi.yaml.tmpl

@@ -2,6 +2,7 @@
 {{- $cloudflareUsername := (default "brian@megabyte.space" (env "CLOUDFLARE_USERNAME")) -}}
 {{- $cloudflareTeamsOrg := (default "manhattan" (env "CLOUDFLARE_TEAMS_ORG")) -}}
 {{- $desktopSession := true -}}
+{{- $dockerHubUser := (default "professormanhattan" (env "DOCKERHUB_USER")) -}}
 {{- $domain := (default "lab.megabyte.space" (env "PUBLIC_SERVICES_DOMAIN")) -}}
 {{- $email := (default "brian@megabyte.space" (env "PRIMARY_EMAIL")) -}}
 {{- $gcloudCoreProject := (default "megabyte-labs" (env "CLOUDSDK_CORE_PROJECT"))}}
@@ -194,6 +195,8 @@ data:
     defaultBrowser: chrome
     defaultBrowserDarwin: chrome
     digitalOceanClusterId: b7fc4e37-ffe7-4ea1-887a-0e19ee077f32
+    docker:
+      username: "{{ $dockerHubUser }}"
     # `domain` is kept here for backwards compatibility, but the .host.domain is the preferred selector
     domain: "{{ $domain }}"
     email: "{{ $email }}"

home/.chezmoidata.yaml

@@ -1586,7 +1586,10 @@ softwarePlugins:
     cmd: bash -c 'if ! sdkmanager --list_installed | grep "{PLUGIN}" > /dev/null; then echo y | sdkmanager --install "{PLUGIN}"; fi'
     plugins:
       - add-ons;addon-google_apis-google-24
-      - build-tools;33.0.0
+      - build-tools;31.0.0
+      - build-tools;32.0.0
+      - build-tools;33.0.2
+      - build-tools;34.0.0
       - cmake;3.22.1
       - cmdline-tools;latest
       - emulator
@@ -1599,24 +1602,61 @@ softwarePlugins:
       - extras;google;market_licensing
       - extras;google;simulators
       - extras;google;webdriver
-      - extras;intel;Hardware_Accelerated_Execution_Manager
       - extras;m2repository;com;android;support;constraint;constraint-layout-solver;1.0.2
       - extras;m2repository;com;android;support;constraint;constraint-layout;1.0.2
       - ndk-bundle
-      - patcher;v4
       - platform-tools
       - platforms;android-31
       - platforms;android-32
       - platforms;android-33
+      - platforms;android-34
       - skiaparser;3
+      - sources;android-31
+      - sources;android-32
       - sources;android-33
+      - sources;android-34
       - system-images;android-31;default;x86_64
       - system-images;android-32;android-desktop;x86_64
+      - system-images;android-33-ext5;google_apis_playstore;arm64-v8a                                
+      - system-images;android-33-ext5;google_apis_playstore;x86_64
+      - system-images;android-33;android-automotive;arm64-v8a
+      - system-images;android-33;android-automotive;x86_64
+      - system-images;android-33;android-desktop;arm64-v8a
+      - system-images;android-33;android-desktop;x86_64
+      - system-images;android-33;android-tv;arm64-v8a
       - system-images;android-33;android-tv;x86
+      - system-images;android-33;android-wear;arm64-v8a
+      - system-images;android-33;android-wear;x86_64
+      - system-images;android-33;aosp_atd;arm64-v8a
+      - system-images;android-33;aosp_atd;x86_64
+      - system-images;android-33;default;arm64-v8a
+      - system-images;android-33;default;x86_64
+      - system-images;android-33;google-tv;arm64-v8a
       - system-images;android-33;google-tv;x86
+      - system-images;android-33;google_apis;arm64-v8a
       - system-images;android-33;google_apis;x86_64
+      - system-images;android-33;google_apis_playstore;arm64-v8a
       - system-images;android-33;google_apis_playstore;x86_64
-      # - com.github.copilot # Unable to find a way to install automatically using CLI
+      - system-images;android-33;google_atd;arm64-v8a
+      - system-images;android-33;google_atd;x86_64
+      - system-images;android-34-ext8;google_apis_playstore;arm64-v8a
+      - system-images;android-34-ext8;google_apis_playstore;x86_64
+      - system-images;android-34;android-tv;arm64-v8a
+      - system-images;android-34;android-tv;x86
+      - system-images;android-34;default;arm64-v8a
+      - system-images;android-34;default;x86_64
+      - system-images;android-34;google-tv;arm64-v8a
+      - system-images;android-34;google-tv;x86
+      - system-images;android-34;google_apis;arm64-v8a
+      - system-images;android-34;google_apis;x86_64
+      - system-images;android-34;google_apis_playstore;arm64-v8a
+      - system-images;android-34;google_apis_playstore;x86_64
+      - system-images;android-TiramisuPrivacySandbox;google_apis;arm64-v8a
+      - system-images;android-TiramisuPrivacySandbox;google_apis;x86_64
+      - system-images;android-TiramisuPrivacySandbox;google_apis_playstore;arm64-v8a
+      - system-images;android-TiramisuPrivacySandbox;google_apis_playstore;x86_64
+      - system-images;android-UpsideDownCakePrivacySandbox;google_apis_playstore;arm64-v8a
+      - system-images;android-UpsideDownCakePrivacySandbox;google_apis_playstore;x86_64
   composer:
     cmd: null
     plugins:
@@ -1652,7 +1692,7 @@ softwarePlugins:
       - dotnet-format
       - git-credential-manager
   gcloud:
-    cmd: bash -c 'if ! gcloud components list | grep "Installed.*{PLUGIN}" > /dev/null; then echo "Installing.." && gcloud components install --quiet "{PLUGIN}"; fi'
+    cmd: bash -c 'if ! gcloud components list | grep "^..Installed.*{PLUGIN}" > /dev/null; then echo "Installing.." && gcloud components install --quiet "{PLUGIN}"; fi'
     plugins:
       - app-engine-go
       - cloud-datastore-emulator
@@ -1668,7 +1708,7 @@ softwarePlugins:
       - terraform-tools
     update: gcloud components update
   gh:
-    cmd: bash -c 'if [ -n "$GITHUB_TOKEN" ] && ! gh extension list | grep "{PLUGIN}" > /dev/null; then gh extension install "{PLUGIN}"; fi'
+    cmd: bash -c 'if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/shell/private.sh" ]; then source "${XDG_CONFIG_HOME:-$HOME/.config}/shell/private.sh"; fi && if [ -n "$GITHUB_TOKEN" ] && ! gh extension list | grep "{PLUGIN}" > /dev/null; then gh extension install "{PLUGIN}"; fi'
     plugins:
       - abdfnx/gh-tran
       - dlvhdr/gh-dash
@@ -1686,7 +1726,7 @@ softwarePlugins:
       - if ! helm plugin list | grep "Query at a given interval a Prometheus, ElasticSearch or Sentry instance." > /dev/null; then helm plugin install https://github.com/ContainerSolutions/helm-monitor; fi
       - if ! helm plugin list | grep "This plugin provides secrets values encryption for Helm charts secure storing" > /dev/null; then helm plugin install https://github.com/jkroepke/helm-secrets; fi
   krew:
-    cmd: bash -c 'if ! kubectl krew list | grep "{PLUGIN}" > /dev/null; then kubectl krew install "{PLUGIN}"; fi'
+    cmd: bash -c 'if ! kubectl krew list | grep "^{PLUGIN}$" > /dev/null; then kubectl krew install "{PLUGIN}"; fi'
     plugins:
       - access-matrix
       - cert-manager
@@ -1694,9 +1734,13 @@ softwarePlugins:
       - ctx
       - datree
       - deprecations
+      # flyte fails to install on macOS arm64
+      # W1105 install.go:164] failed to install plugin "flyte": plugin "flyte" does not offer installation for this platform
       - flyte
       - get-all
       - graph
+      # ingress-nginx fails to install on macOS arm64
+      # W1105 install.go:164] failed to install plugin "ingress-nginx": plugin "ingress-nginx" does not offer installation for this platform
       - ingress-nginx
       - karmada
       - konfig
@@ -1706,7 +1750,7 @@ softwarePlugins:
       - modify-secret
       - neat
       - node-shell
-      - nx
+      - ns
       - oidc-login
       - resource-capacity
       - score
@@ -1715,7 +1759,11 @@ softwarePlugins:
       - tree
       - tunnel
       - view-allocations
+      # virt fails to install on macOS arm64
+      # W1105 install.go:164] failed to install plugin "virt": plugin "virt" does not offer installation for this platform
       - virt
+      # warp fails to install on macOS arm64
+      # W1105 install.go:164] failed to install plugin "warp": plugin "warp" does not offer installation for this platform
       - warp
       - who-can
   raycast:

home/.chezmoiscripts/universal/run_onchange_after_09-login-docker-desktop.sh.tmpl

@@ -0,0 +1,23 @@
+{{- if and (ne .host.distro.family "windows") (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "DOCKERHUB_TOKEN"))) (env "DOCKERHUB_TOKEN")) -}}
+#!/usr/bin/env bash
+# @file DockerHub Login
+# @brief Logs into DockerHub for Docker Desktop
+# @description
+#     This script logs into DockerHub so that Docker Desktop is pre-authenticated. This
+#     functionality requires that the `DOCKERHUB_USER` be passed in as an environment variable (or 
+#     directly editted in the `~/.config/chezmoi/chezmoi.yaml` file) and that the `DOCKERHUB_TOKEN`
+#     be passed in as a secret (either via the encrypted secret method or passed in as an environment
+#     variable).
+
+{{ includeTemplate "universal/profile" }}
+{{ includeTemplate "universal/logg" }}
+
+### Login to DockerHub
+if command -v docker > /dev/null; then
+    DOCKERHUB_TOKEN="{{ if (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "DOCKERHUB_TOKEN")) }}{{- includeTemplate "secrets/DOCKERHUB_TOKEN" | decrypt | trim -}}{{ else }}{{- env "DOCKERHUB_TOKEN" -}}{{ end }}"
+    DOCKERHUB_USER="{{ .user.docker.username }}"
+    logg info 'Headlessly authenticating with DockerHub registry'
+    echo "$DOCKERHUB_TOKEN" | docker login -u "$DOCKERHUB_USER" --password-stdin
+fi
+
+{{- end }}

home/dot_bashrc

@@ -38,7 +38,7 @@ fi
 
 ### Ble.sh
 # Loaded with bash-it
-# [[ $- == *i* ]] && source "${XDG_DATA_HOME:-$HOME/.local/share}/blesh/ble.sh" --noattach --rcfile "${XDG_DATA_CONFIG:-$HOME/.config}/blesh/bleshrc"
+# [[ $- == *i* ]] && source "${XDG_DATA_HOME:-$HOME/.local/share}/blesh/ble.sh" --noattach --rcfile "${XDG_CONFIG_HOME:-$HOME/.config}/blesh/bleshrc"
 
 ### Escape if shell not interactive
 case $- in
@@ -50,7 +50,7 @@ esac
 export HISTFILE="$XDG_STATE_HOME/bash/history"
 
 ### Bash Initialization Hooks
-if [ "$BASH_SUPPORT" = 'true' ]; then
+if [ "$BASH_SUPPORT" = 'true' ] && [ -n "$BASH" ]; then
   ### Sensible Bash
   # Source: https://github.com/mrzool/bash-sensible
   [ ! -f "${XDG_DATA_HOME:-$HOME/.local/share}/shell/sensible.bash" ] || source "${XDG_DATA_HOME:-$HOME/.local/share}/shell/sensible.bash"

home/dot_config/docker/daemon.json.tmpl

@@ -1,3 +1,4 @@
+{{- if (eq .host.distro.family "linux") -}}
 {
   "runtimes": {
     "runsc": {
@@ -5,3 +6,4 @@
     }
   }
 }
+{{- end -}}

home/dot_config/shell/exports.sh.tmpl

@@ -5,6 +5,9 @@
 #     This script is included by `~/.bashrc` and `~/.zshrc` to provide environment variables that play harmoniously with
 #     the default Install Doctor configurations.
 
+### Licensing
+export ACCEPT_EULA=y
+
 ### Disable Telemetry
 export DO_NOT_TRACK=1
 export FUNCTIONS_CORE_TOOLS_TELEMETRY_OPTOUT=1
@@ -176,6 +179,7 @@ export PATH="$PATH:$DETA_INSTALL/bin"
 ### Docker
 export DOCKER_CONFIG="${XDG_CONFIG_HOME:-$HOME/.config}/docker"
 export MACHINE_STORAGE_PATH="${XDG_DATA_HOME:-$HOME/.local/share}/docker-machine"
+export PATH="$DOCKER_CONFIG/cli-plugins:$PATH"
 
 ### Dotnet
 export DOTNET_CLI_HOME="${XDG_CONFIG_HOME:-$HOME/.config}/dotnet"

home/dot_local/bin/executable_install-program

@@ -825,7 +825,7 @@ async function beforeInstall(packageManager) {
             logStage,
             'Attempting to open `/Applications/Docker.app` (Docker Desktop for macOS). This should take about 30 seconds.'
           )
-          const promises = [$`test -d /Applications/Docker.app`, $`open /Applications/Docker.app`]
+          const promises = [$`test -d /Applications/Docker.app`, $`open --background -a Docker --args --accept-license --unattended`]
           await Promise.all(promises)
           const gum = which.sync('gum', { nothrow: true })
           if (gum) {
@@ -1798,14 +1798,19 @@ async function installPlugins(pluginData) {
           if (pluginWhen) {
             runCommand(`Checking when condition for ${pluginData.package} plugin - ${plugin}`, pluginWhen)
           }
-          runCommand(`Installing ${pluginData.package} plugin - ${plugin}`, pluginCmd)
-          log('success', 'Plugin', `Successfully installed ${pluginData.package} plugin - ${plugin}`)
+          try {
+            runCommand(`Installing ${pluginData.package} plugin - ${plugin}`, pluginCmd)
+            log('success', 'Plugin', `Successfully installed ${pluginData.package} plugin - ${plugin}`)
+          } catch (e) {
+            log('info', 'Plugin', `Failed to install ${pluginData.package} plugin - ${plugin}`)
+            console.error(e)
+          }
         } catch (e) {
-          log('info', 'Plugin', `Failed to install ${pluginData.package} plugin - ${plugin}`)
-          console.error(e)
+          log('info', 'Plugin', `Skipping ${pluginData.package} plugin installs due to failed when condition - ${pluginWhen}`)
+          break
         }
       } catch (e) {
-        log('error', 'Plugin', `Failed to install ${pluginData.package} plugin - ${plugin}`)
+        log('error', 'Plugin', `Failed to install ${pluginData.package} plugin due to an unknown reason - ${plugin}`)
         console.error(e)
       }
 
@@ -1908,7 +1913,7 @@ async function installSoftware(pkgsToInstall) {
   }
   installOrdersPre.length && log('info', 'Pre-Install', `Running package-specific pre-installation steps`)
   for (const script of installOrdersPre) {
-    await $`${script.replace(/\n/g, "\\\n")}`
+    await $`source "${process.env.HOME}/.bashrc" && ${script.replace(/\n/g, "\\\n")}`
   }
   installOrdersGroups.length && log('info', 'Users / Groups', `Adding groups / users`)
   for (const group of installOrdersGroups) {
@@ -1936,7 +1941,7 @@ async function installSoftware(pkgsToInstall) {
   for (const script of installOrdersPost) {
     try {
       log('info', 'Post Hook', script)
-      await $`${script.replace(/\n/g, "\\\n")}`
+      await $`source "${process.env.HOME}/.bashrc" && ${script.replace(/\n/g, "\\\n")}`
     } catch(e) {
       log('info', 'Post-Install Hook', 'Encountered error while running post-install hook')
     }

software.yml

@@ -516,7 +516,9 @@ softwarePackages:
     _home: https://developer.android.com/studio
     _name: Android Studio
     _when:cask: '! test -d "/Applications/Android Studio.app" && ! test -d "$HOME/Applications/Android Studio.app"'
-    cask: android-studio
+    cask:
+      - android-studio
+      - android-commandlinetools
     choco: androidstudio
     flatpak: com.google.AndroidStudio
     snap: android-studio
@@ -1894,7 +1896,7 @@ softwarePackages:
     _github: https://github.com/Cisco-Talos/clamav
     _home: https://www.clamav.net/
     _name: ClamAV
-    _post: if [ -f "${XDG_DATA_CONFIG:-$HOME/.config}/clamav/freshclam.conf" ]; then sudo cp -f "${XDG_DATA_CONFIG:-$HOME/.config}/clamav/freshclam.conf" /usr/local/etc/clamav/freshclam.conf; fi && freshclam
+    _post: if [ -f "${XDG_CONFIG_HOME:-$HOME/.config}/clamav/freshclam.conf" ]; then sudo cp -f "${XDG_CONFIG_HOME:-$HOME/.config}/clamav/freshclam.conf" /usr/local/etc/clamav/freshclam.conf; fi && freshclam
     _service:apt: clamav-freshclam
     _service:dnf: clamd-freshclam
     _service:pacman: clamav-freshclam
@@ -3848,7 +3850,7 @@ softwarePackages:
     _bin: git-branchless
     _github: https://github.com/arxanas/git-branchless
     _name: Git Branchless
-    _post: |
+    _todo: |
       echo "TODO: Consider implementing:"
       echo "echo >> ~/.bashrc "alias git='git-branchless wrap --'""
     apk: git-branchless
@@ -6180,7 +6182,8 @@ softwarePackages:
     _github: https://github.com/xwmx/nb
     _home: https://xwmx.github.io/nb
     _name: nb
-    _post: nb completions install
+    # Permission denied: /usr/share/zsh/site-functions after running sudo nb completions install and nb completions install on macOS arm64
+    # _post: nb completions install
     ansible: professormanhattan.nb
     basher: xwmx/nb
     bpkg: xwmx/nb
@@ -8011,7 +8014,8 @@ softwarePackages:
     _github: null
     _home: https://rkhunter.sourceforge.net/
     _name: rkhunter
-    _post: rkhunter --propupd && rkhunter --update
+    _notes: The _post script removes an entry for VMware with a space in it that causes rkhunter to hiccup
+    _post: export PATH="$(echo "$PATH" | sed 's/VMware Fusion.app//')" && sudo rkhunter --update && sudo rkhunter --propupd
     _service:pacman: cronie
     apt: rkhunter
     brew: rkhunter
@@ -9945,7 +9949,6 @@ softwarePackages:
     _github: https://github.com/castwide/solargraph
     _home: https://solargraph.org/
     _name: Solargraph
-    _post: solargraph download-core
     brew: solargraph
     gem: solargraph
   virtualbox: