Keybase-cli - Keybase docker container that exposes the keybase CLI and some common commands such as getting files or loading github action secrets

Related tags

Command-line Toolskeybase-cli
Overview

keybase-cli

Docker Build

Keybase docker container that exposes the keybase CLI and some common commands such as getting files or git loading github action secrets.

GitHub: https://github.com/bjgeiser/keybase-cli
Docker Hub: https://hub.docker.com/r/bjgeiser/keybase-cli

GitHub Action

The primary purpose of this docker image is for use in this GitHub action:
https://github.com/bjgeiser/keybase-action

Usage

Example Docker Command

docker run --rm \
   -v $PWD:$PWD -w $PWD \
   -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" \
   -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli keybase --version

Environment Variables

Environment Variable Description Required
KEYBASE_USERNAME Keybase user name Yes
KEYBASE_PAPERKEY Keybase paper key Yes
KEYBASE_UID Docker host user id to store files as No
KEYBASE_GID Docker host group id to store files as No

About file permissions

By default keybase will copy files with the following permissions -rw------- and the keybase executable will not run as root. Without setting KEYBASE_UID and KEYBASE_GID copied out files will be be owned by 1000:1000. In order for your files to be readable, the calling user can pass the current user and group into the container with environment variables. The script can then dynamically create a user inside the container with the same UID:GID as the host user and files will be readable after the container exits. Using --user UID:GID will not set up a user with a home directory (required for keybase) dynamically and the container will detect this and error out.

Commands

Command syntax Description
github-action-secrets github-action-secrets keybase://path/to/file For use in github actions
to get keybase secrets
get get keybase://path/to/file {localpath} Get the file from keybase and copy to a local path
read read keybase://path/to/file Dump contents of file to stdout
clone clone {git clone options} keybase://path/to/repo {localpath} Clone a keybase git repository
batch batch "{any of the above commands},{any of the above commands}" or
batch "{any of the above commands};{any of the above commands}"		 Run more than 1 command in a single docker run
file file /path/to/file Run more than 1 command in a single docker run
keybase See: client command Run any keybase client command
{any other command aka raw} Commands that don't match the above keywords will be run as is. Such as chmod a+r filename Unmatched commands run as is

Note: {arguments} are optional.

Command: github-action-secrets

docker run --rm \
   -v $PWD:$PWD -w $PWD \
   -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" \
   -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli github-action-secrets keybase://path/to/file

This command will parse a .yaml, .json or .env file and set secrets in a github action. Each entry result in the supplied file will cause the container to emit.
::set-output name={name}::{value} reference
::add-mask::{value} reference

Note secrets loaded in using this method will be masked in with ***** in workflow logs. See: reference for more information regarding action security.

Examples

action-secrets.yaml

secret_1: this is secret 1
secret_2: this is secret 2

action-secrets.json

{
  "secret_1": "this is secret 1",
  "secret_2": "this is secret 2"
}

action-secrets.env

secret_1="this is secret 1"
secret_2="this is secret 2"
secret_3=this_is_secret_3

Using in github actions

jobs:
  example:
    runs-on: ubuntu-latest
    steps:
      - name: Get secrets
        id: keybase_secrets
        shell: bash
        run: |
          run --rm \
           -v $PWD:$PWD -w $PWD \
           -e KEYBASE_USERNAME="${{secrets.KEYBASE_USERNAME}}" \
           -e KEYBASE_PAPERKEY="${{secrets.KEYBASE_PAPERKEY}}" \
           -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
            bjgeiser/keybase-cli github-action-secrets keybase://path/to/file 
      
      - name: Check that secret is loaded and masked
        ### This should log the secret with `*****`
        run: echo "${{steps.secrets.outputs.secret_1}}"

Command: get

Copy a file to the local file system.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli get keybase://path/to/file
docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli get keybase://path/to/file keybase://path/to/file path/to/local/file

Command: read

Print files to stdout.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli read keybase://path/to/file

Command: clone

Clone a git repository.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli clone keybase://path/to/clone
docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli clone -b my_branch keybase://path/to/clone path/to/local

Command: keybase

Execute keybase cli commands.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli keybase --version

Note: Any commands that don't match one of the commands are tried as raw commands. Things such as ls -la . or keybase --version will work.

Command: raw

Execute raw commands from inside the container.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli ls -la .

Note: Any commands that don't match one of the commands are tried as raw commands. Things such as ls -la . or keybase --version will work.

Command: batch

Executes a series of commands in a , or ; separated string.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli batch "{any of the above commands},{any of the above commands}"`

Command: file

Executes a series of commands contained in a yaml file.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli file keybase://path/to/command_file.yaml

command_file.yaml

commands:
  - get keybase://path/to/file
  - get keybase://path/to/file2
  - get keybase://path/to/file3
  - clone keybase://path/to/clone
  - github-action-secrets keybase://path/to/file
  # modify file downloaded above
  - chmod a+rw file3
Owner
Bryce Geiser
Bryce Geiser
GitHub Repository
A ZSH plugin that enables you to use OpenAI's powerful Codex AI in the command line.

A ZSH plugin that enables you to use OpenAI's powerful Codex AI in the command line.

Tom Dörr 976 Jan 03, 2023
CLTools provides various tools and command to use in the terminal.

CLTools provides various tools and command to use in the terminal. As of date, CLTools is only able to generate temporary email addresses and receive emails. There are plans to integrate more tools a

Ashwin Chugh 2 Feb 14, 2022
A command line interface to buy things in stregsystemet

Stregsystemet-CLI This repository is the Stregsystemet CLI, to buy things in Stregsystemet, at AAU. Use of this cli-tool is at your own risk and there

F-klubben 14 Oct 18, 2022
A user-friendly python CLI for Fmask 4.3 software (GERS Lab, UCONN).

pyFmask What is pyFmask pyFmask is a user-friendly python CLI for Fmask 4.3 software (GERS Lab, UCONN; https://github.com/GERSL/Fmask). Fmask (Zhu et

1 Jan 05, 2022
A simple weather tool. I made this as a way for me to learn Python, API, and PyPi packaging.

A simple weather tool. I made this as a way for me to learn Python, API, and PyPi packaging.

Clint E. 105 Dec 31, 2022
Python CLI vm manager for remote access of docker images via noVNC

vmman is a tool to quickly boot and view docker-based VMs running on a linux server through noVNC without ssh tunneling on another network.

UCSD Engineers for Exploration 1 Nov 29, 2021
Command line tool to automate transforming the effects of one color profile to another, possibly more standard one.

Finished rendering the frames of that animation, and now the colors look washed out and ugly? This terminal program will solve exactly that.

Eric Xue 1 Jan 26, 2022
touch command for Windows

Touch touch command for Windows Setup: Clone the repository git clone https://github.com/g-paras/touch.git cd touch Install touch module python setup.

Paras Gupta 5 Jan 04, 2022
Runs a command in P4wnP1 and displays the output on OLED screen (SH1106)

p4wnp1-oled-terminal Runs a command in P4wnP1 and displays the output on OLED screen (SH1106) Works on Raspberry Pi Zero 2 W Tested successfully on RP

PawnSolo 1 Dec 14, 2021
jenkins-tui is a terminal based user interface for Jenkins.

jenkins-tui 📦 jenkins-tui is a terminal based user interface for Jenkins. 🚧 ⚠️ This app is a prototype and in very early stages of development. Ther

Craig Gumbley 22 Oct 24, 2022
A webmining CLI tool & library for python.

minet is a webmining command line tool & library for python (= 3.6) that can be used to collect and extract data from a large variety of web sources

médialab Sciences Po 165 Dec 17, 2022
Unpacks things.

$ unp_ unp is a command line tool that can unpack archives easily. It mainly acts as a wrapper around other shell tools that you can find on v

Armin Ronacher 405 Jan 03, 2023
Cek Username IG Yang Masih Bisa Dipake

Cek Username IG Cara Install $ pkg update && pkg upgrade $ pkg install python $ pkg install git $ git clone https://github.com/Dekusec/ig-checker $ cd

Deku 3 Nov 28, 2021
CLI tool and python library that converts the output of popular command-line tools and file-types to JSON or Dictionaries. This allows piping of output to tools like jq and simplifying automation scripts.

jc JSONifies the output of many CLI tools and file-types for easier parsing in scripts

Kelly Brazil 5.8k Jan 03, 2023
Simple command line tool for text to image generation using OpenAI's CLIP and Siren (Implicit neural representation network)

Simple command line tool for text to image generation using OpenAI's CLIP and Siren (Implicit neural representation network)

Phil Wang 4.4k Jan 09, 2023
GoSearch for anything from your terminal

GoSearch for anything from your terminal Requirements pip install beautifulsoup4

Malik Mouhiidine 1 Oct 02, 2021
PyDropper - pick colors everywhere

PyDropper - pick colors everywhere Downloads Settings PyDropper is an eyedropper

Herman Brunberg 2 Jan 04, 2022
Albert launcher extension for converting units of length, mass, speed, temperature, time, current, luminosity, printing measurements, molecular substance, and more

unit-converter-albert-ext Extension for converting units of length, mass, speed, temperature, time, current, luminosity, printing measurements, molecu

Jonah Lawrence 2 Jan 13, 2022
Generate your name in Ascii modular type art through the terminal

ASCII Name Generator Designed and developed by Eduardo Aire The ASCII Art Name Generator is a simple program that helps you to have a practical Shell/

Eduardo Aire 1 Nov 17, 2021
Baseline is a cross-platform library and command-line utility that creates file-oriented baselines of your systems.

Baselining, on steroids! Baseline is a cross-platform library and command-line utility that creates file-oriented baselines of your systems. The proje

Nelson 4 Dec 09, 2022