Keybase-cli - Keybase docker container that exposes the keybase CLI and some common commands such as getting files or loading github action secrets

Related tags

Command-line Toolskeybase-cli
Overview

keybase-cli

Docker Build

Keybase docker container that exposes the keybase CLI and some common commands such as getting files or git loading github action secrets.

GitHub: https://github.com/bjgeiser/keybase-cli
Docker Hub: https://hub.docker.com/r/bjgeiser/keybase-cli

GitHub Action

The primary purpose of this docker image is for use in this GitHub action:
https://github.com/bjgeiser/keybase-action

Usage

Example Docker Command

docker run --rm \
   -v $PWD:$PWD -w $PWD \
   -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" \
   -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli keybase --version

Environment Variables

Environment Variable Description Required
KEYBASE_USERNAME Keybase user name Yes
KEYBASE_PAPERKEY Keybase paper key Yes
KEYBASE_UID Docker host user id to store files as No
KEYBASE_GID Docker host group id to store files as No

About file permissions

By default keybase will copy files with the following permissions -rw------- and the keybase executable will not run as root. Without setting KEYBASE_UID and KEYBASE_GID copied out files will be be owned by 1000:1000. In order for your files to be readable, the calling user can pass the current user and group into the container with environment variables. The script can then dynamically create a user inside the container with the same UID:GID as the host user and files will be readable after the container exits. Using --user UID:GID will not set up a user with a home directory (required for keybase) dynamically and the container will detect this and error out.

Commands

Command syntax Description
github-action-secrets github-action-secrets keybase://path/to/file For use in github actions
to get keybase secrets
get get keybase://path/to/file {localpath} Get the file from keybase and copy to a local path
read read keybase://path/to/file Dump contents of file to stdout
clone clone {git clone options} keybase://path/to/repo {localpath} Clone a keybase git repository
batch batch "{any of the above commands},{any of the above commands}" or
batch "{any of the above commands};{any of the above commands}"		 Run more than 1 command in a single docker run
file file /path/to/file Run more than 1 command in a single docker run
keybase See: client command Run any keybase client command
{any other command aka raw} Commands that don't match the above keywords will be run as is. Such as chmod a+r filename Unmatched commands run as is

Note: {arguments} are optional.

Command: github-action-secrets

docker run --rm \
   -v $PWD:$PWD -w $PWD \
   -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" \
   -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli github-action-secrets keybase://path/to/file

This command will parse a .yaml, .json or .env file and set secrets in a github action. Each entry result in the supplied file will cause the container to emit.
::set-output name={name}::{value} reference
::add-mask::{value} reference

Note secrets loaded in using this method will be masked in with ***** in workflow logs. See: reference for more information regarding action security.

Examples

action-secrets.yaml

secret_1: this is secret 1
secret_2: this is secret 2

action-secrets.json

{
  "secret_1": "this is secret 1",
  "secret_2": "this is secret 2"
}

action-secrets.env

secret_1="this is secret 1"
secret_2="this is secret 2"
secret_3=this_is_secret_3

Using in github actions

jobs:
  example:
    runs-on: ubuntu-latest
    steps:
      - name: Get secrets
        id: keybase_secrets
        shell: bash
        run: |
          run --rm \
           -v $PWD:$PWD -w $PWD \
           -e KEYBASE_USERNAME="${{secrets.KEYBASE_USERNAME}}" \
           -e KEYBASE_PAPERKEY="${{secrets.KEYBASE_PAPERKEY}}" \
           -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
            bjgeiser/keybase-cli github-action-secrets keybase://path/to/file 
      
      - name: Check that secret is loaded and masked
        ### This should log the secret with `*****`
        run: echo "${{steps.secrets.outputs.secret_1}}"

Command: get

Copy a file to the local file system.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli get keybase://path/to/file
docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli get keybase://path/to/file keybase://path/to/file path/to/local/file

Command: read

Print files to stdout.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli read keybase://path/to/file

Command: clone

Clone a git repository.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli clone keybase://path/to/clone
docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli clone -b my_branch keybase://path/to/clone path/to/local

Command: keybase

Execute keybase cli commands.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli keybase --version

Note: Any commands that don't match one of the commands are tried as raw commands. Things such as ls -la . or keybase --version will work.

Command: raw

Execute raw commands from inside the container.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli ls -la .

Note: Any commands that don't match one of the commands are tried as raw commands. Things such as ls -la . or keybase --version will work.

Command: batch

Executes a series of commands in a , or ; separated string.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli batch "{any of the above commands},{any of the above commands}"`

Command: file

Executes a series of commands contained in a yaml file.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli file keybase://path/to/command_file.yaml

command_file.yaml

commands:
  - get keybase://path/to/file
  - get keybase://path/to/file2
  - get keybase://path/to/file3
  - clone keybase://path/to/clone
  - github-action-secrets keybase://path/to/file
  # modify file downloaded above
  - chmod a+rw file3
Owner
Bryce Geiser
Bryce Geiser
GitHub Repository
Create animated ASCII-art for the command line almost instantly!

clippy Create and play colored 🟥 🟩 🟦 or colorless ⬛️ ⬜️ animated, or static, ASCII-art in the command line! clippy can help if you are wanting to;

Connor 10 Jun 26, 2022
Example of a CLI with python - know the extension of your files.

extensionCLI Example of a CLI with python - know the extension of your files. Usage: Install the CLI: pip3 install -e . Run the command with "ext" + t

ItanuRomero 5 Dec 29, 2022
A Telegram Bot Written In Python To Upload Medias To telegra.ph

Telegraph-Uploader A Telegram Bot Written In Python To Upload Medias To telegra.ph DEPLOY YOU CAN SIMPLY DEPLOY ON HEROKU BY CLICKING THE BUTTON BELOW

Rithunand 31 Dec 03, 2022
A tool to manage the study of courses at the university.

todo-cli A tool to manage the study of courses at the university

Quentin 6 Aug 01, 2022
Simple and convenient console ToDo list app

How do you handle remembering all that loads of plans you are going to realize everyday? Producing tons of paper notes, plastered all over the house?

3 Aug 03, 2022
keep your machine's shell history synchronize

SyncShell Yet another tool for laziness Keep your machine's shell history synchronize Get SyncShell Currently, SyncShell is just available on PyPi and

Masoud Ghorbani 53 Dec 12, 2022
Notion-cli-list-manager - A simple command-line tool for managing Notion databases

A simple command-line tool for managing Notion List databases. ✨

Giacomo Salici 75 Dec 04, 2022
nbcommands bring the goodness of Unix commands to Jupyter notebooks.

nbcommands nbcommands bring the goodness of Unix commands to Jupyter notebooks. Installation You can simply use pip to install nbcommands: $ pip insta

Vinayak Mehta 181 Dec 23, 2022
Get COVID-19 vaccination schedules from booking.moh.gov.ge in the CLI

vaccination.py Get COVID-19 vaccination schedules from booking.moh.gov.ge in the CLI. Installation $ pip install vaccination Usage Make sure the Pytho

Temuri Takalandze 11 Dec 08, 2021
Python Command Line Application (CLI) using Typer, SQLModel, Async-PostgrSQL, and FastAPI

pyflycli is a command-line interface application built with Typer that allows you to view flights above your location.

Kevin Zehnder 14 Oct 01, 2022
PipeCat - A command line Youtube music player written in python.

A command line Youtube music player written in python. It's an app written for Linux. It also supports offline playlists that are stored in a

34 Nov 27, 2022
A dec-bin converter uses 2's complement.

2's Complement Dec-Bin Converter A dec-bin converter uses 2's complement. Visit my Medium Post. What is 2's complement? Two's complement is the most c

C.H Jacky 9 Mar 01, 2022
Lets you view, edit and execute Jupyter Notebooks in the terminal.

Lets you view, edit and execute Jupyter Notebooks in the terminal.

David Brochart 684 Dec 28, 2022
A python package to display progress of loops to the user

ProgressBars A python package to display progress of loops to the user. Installation This package can be installed using pip. pip install progressbars

Matthias 3 Jan 16, 2022
A CLI tools to get you started on any project in any language

Any Template A faster easier to Quick start any programming project. Installation pip3 install any-template Features No third party dependencies. Tem

Adwaith Rajesh 2 Jan 11, 2022
This a simple tool to query the awesome ippsec.rocks website from your terminal

ippsec-cli This a simple tool to query the awesome ippsec.rocks website from your terminal Installation and usage cd /opt git clone https://github.com

stark0de 5 Nov 26, 2022
Apple Silicon 'top' CLI

asitop pip install asitop What A nvtop/htop style/inspired command line tool for Apple Silicon (aka M1) Macs. Note that it requires sudo to run due to

Timothy Liu 1.2k Dec 31, 2022
Enriches Click with option groups, constraints, command aliases, help sections for subcommands, themes for --help and other stuff.

Enriches Click with option groups, constraints, command aliases, help sections for subcommands, themes for --help and other stuff.

Gianluca Gippetto 62 Dec 22, 2022
Python script to tabulate data formats like json, csv, html, etc

pyT PyT is a a command line tool and as well a library for visualising various data formats like: JSON HTML Table CSV XML, etc. Features Print table o

Mobolaji Abdulsalam 1 Dec 30, 2021
Unpacks things.

$ unp_ unp is a command line tool that can unpack archives easily. It mainly acts as a wrapper around other shell tools that you can find on v

Armin Ronacher 405 Jan 03, 2023