With the increasing popularity of Git as a tool for open source collaboration,
not to mention distribution of code for tools like Go, being able
to verify that the author of a piece of code is indeed who they claim to be
has become absolutely critical.
This requirement extends beyond simply ensuring that malicious actors cannot
modify the code we’ve published, something GitHub and its kin
(usually) do a very good job of preventing.
The simple fact is that by adopting code someone else has written, you are
entrusting your clients’ security to them - you best be certain that trust
is wisely placed.
Using Git’s built in support for PGP signing and pairing it with
Keybase provides you with a great framework on which to build and
verify that trust. In this post I’ll go over how one sets up their development
environment to support this workflow.
Inki is a small proof of concept project I’ve been working on which is
designed to manage transient, single-use, SSH keys for an automated remediation
tool our team is in the process of building.
In this blog post I’ll go over some of the design decisions motivating
a tool like Inki, some of its interesting implementation details and
the questions we’re hoping it will allow us to answer.
If you haven't yet read the article on
[Bash CLI](https://github.com/SierraSoftworks/bash-cli) then
go [read it now](/post/bash-cli).
Bash’s ability to automatically provide suggested completions to a command
by pressing the Tab key is one of its most useful features. It
makes navigating complex command lines trivially simple, however it’s generally
not something we see that often.
Bash CLI was designed with the intention of making it as easy as possible to
build a command line tool with a great user experience. Giving our users the
ability to use autocompletion would be great, but we don’t want to make it
any more difficult for developers to build their command lines.
Thankfully, Bash CLI’s architecture makes adding basic autocomplete possible
without changing our developer-facing API (always a good thing).
If you're just looking to hop straight to the final project, you'll want
to check out [SierraSoftworks/bash-cli](https://github.com/SierraSoftworks/bash-cli) on GitHub.
Anybody who has worked in the ops space as probably built up a veritable
library of scripts which they use to manage everything from deployments
to brewing you coffee.
Unfortunately, this tends to make finding the script you’re after
and its usage information a pain, you’ll either end up grep-ing
a README file, or praying that the script has a help feature built
in.
Neither approach is conducive to a productive workflow for you or
those who will (inevitably) replace you. Even if you do end up adding
help functionality to all your scripts, it’s probably a rather significant
chunk of your script code that is dedicated to docs…
After a project I was working on started reaching that point, I decided
to put together a tool which should help minimize both the development
workload around building well documented scripts, as well as the usage
complexity related to them.
Sierra Softworks
