Signing Git Commits using Keybase

KeyBase's Logo
KeyBase’s Logo

With the increasing popularity of Git as a tool for open source collaboration, not to mention distribution of code for tools like Go, being able to verify that the author of a piece of code is indeed who they claim to be has become absolutely critical.

This requirement extends beyond simply ensuring that malicious actors cannot modify the code we’ve published, something GitHub and its kin (usually) do a very good job of preventing. The simple fact is that by adopting code someone else has written, you are entrusting your clients’ security to them - you best be certain that trust is wisely placed.

Using Git’s built in support for PGP signing and pairing it with Keybase provides you with a great framework on which to build and verify that trust. In this post I’ll go over how one sets up their development environment to support this workflow.

Read more »

Inki

Inki is a small proof of concept project I’ve been working on which is designed to manage transient, single-use, SSH keys for an automated remediation tool our team is in the process of building.

In this blog post I’ll go over some of the design decisions motivating a tool like Inki, some of its interesting implementation details and the questions we’re hoping it will allow us to answer.

Read more »

Autocompletion for Bash CLI

If you haven’t yet read the article on Bash CLI then go read it now.

Bash’s ability to automatically provide suggested completions to a command by pressing the Tab key is one of its most useful features. It makes navigating complex command lines trivially simple, however it’s generally not something we see that often.

Bash CLI was designed with the intention of making it as easy as possible to build a command line tool with a great user experience. Giving our users the ability to use autocompletion would be great, but we don’t want to make it any more difficult for developers to build their command lines.

Thankfully, Bash CLI’s architecture makes adding basic autocomplete possible without changing our developer-facing API (always a good thing).

Read more »

Building a CLI in Bash

If you’re just looking to hop straight to the final project, you’ll want to check out SierraSoftworks/bash-cli on GitHub.

Anybody who has worked in the ops space as probably built up a veritable library of scripts which they use to manage everything from deployments to brewing you coffee.

Unfortunately, this tends to make finding the script you’re after and its usage information a pain, you’ll either end up grep-ing a README file, or praying that the script has a help feature built in.

Neither approach is conducive to a productive workflow for you or those who will (inevitably) replace you. Even if you do end up adding help functionality to all your scripts, it’s probably a rather significant chunk of your script code that is dedicated to docs…

After a project I was working on started reaching that point, I decided to put together a tool which should help minimize both the development workload around building well documented scripts, as well as the usage complexity related to them.

Read more »