Keybase-cli - Keybase docker container that exposes the keybase CLI and some common commands such as getting files or loading github action secrets

Related tags

Command-line Toolskeybase-cli
Overview

keybase-cli

Docker Build

Keybase docker container that exposes the keybase CLI and some common commands such as getting files or git loading github action secrets.

GitHub: https://github.com/bjgeiser/keybase-cli
Docker Hub: https://hub.docker.com/r/bjgeiser/keybase-cli

GitHub Action

The primary purpose of this docker image is for use in this GitHub action:
https://github.com/bjgeiser/keybase-action

Usage

Example Docker Command

docker run --rm \
   -v $PWD:$PWD -w $PWD \
   -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" \
   -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli keybase --version

Environment Variables

Environment Variable Description Required
KEYBASE_USERNAME Keybase user name Yes
KEYBASE_PAPERKEY Keybase paper key Yes
KEYBASE_UID Docker host user id to store files as No
KEYBASE_GID Docker host group id to store files as No

About file permissions

By default keybase will copy files with the following permissions -rw------- and the keybase executable will not run as root. Without setting KEYBASE_UID and KEYBASE_GID copied out files will be be owned by 1000:1000. In order for your files to be readable, the calling user can pass the current user and group into the container with environment variables. The script can then dynamically create a user inside the container with the same UID:GID as the host user and files will be readable after the container exits. Using --user UID:GID will not set up a user with a home directory (required for keybase) dynamically and the container will detect this and error out.

Commands

Command syntax Description
github-action-secrets github-action-secrets keybase://path/to/file For use in github actions
to get keybase secrets
get get keybase://path/to/file {localpath} Get the file from keybase and copy to a local path
read read keybase://path/to/file Dump contents of file to stdout
clone clone {git clone options} keybase://path/to/repo {localpath} Clone a keybase git repository
batch batch "{any of the above commands},{any of the above commands}" or
batch "{any of the above commands};{any of the above commands}"		 Run more than 1 command in a single docker run
file file /path/to/file Run more than 1 command in a single docker run
keybase See: client command Run any keybase client command
{any other command aka raw} Commands that don't match the above keywords will be run as is. Such as chmod a+r filename Unmatched commands run as is

Note: {arguments} are optional.

Command: github-action-secrets

docker run --rm \
   -v $PWD:$PWD -w $PWD \
   -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" \
   -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli github-action-secrets keybase://path/to/file

This command will parse a .yaml, .json or .env file and set secrets in a github action. Each entry result in the supplied file will cause the container to emit.
::set-output name={name}::{value} reference
::add-mask::{value} reference

Note secrets loaded in using this method will be masked in with ***** in workflow logs. See: reference for more information regarding action security.

Examples

action-secrets.yaml

secret_1: this is secret 1
secret_2: this is secret 2

action-secrets.json

{
  "secret_1": "this is secret 1",
  "secret_2": "this is secret 2"
}

action-secrets.env

secret_1="this is secret 1"
secret_2="this is secret 2"
secret_3=this_is_secret_3

Using in github actions

jobs:
  example:
    runs-on: ubuntu-latest
    steps:
      - name: Get secrets
        id: keybase_secrets
        shell: bash
        run: |
          run --rm \
           -v $PWD:$PWD -w $PWD \
           -e KEYBASE_USERNAME="${{secrets.KEYBASE_USERNAME}}" \
           -e KEYBASE_PAPERKEY="${{secrets.KEYBASE_PAPERKEY}}" \
           -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
            bjgeiser/keybase-cli github-action-secrets keybase://path/to/file 
      
      - name: Check that secret is loaded and masked
        ### This should log the secret with `*****`
        run: echo "${{steps.secrets.outputs.secret_1}}"

Command: get

Copy a file to the local file system.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli get keybase://path/to/file
docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli get keybase://path/to/file keybase://path/to/file path/to/local/file

Command: read

Print files to stdout.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli read keybase://path/to/file

Command: clone

Clone a git repository.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli clone keybase://path/to/clone
docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli clone -b my_branch keybase://path/to/clone path/to/local

Command: keybase

Execute keybase cli commands.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli keybase --version

Note: Any commands that don't match one of the commands are tried as raw commands. Things such as ls -la . or keybase --version will work.

Command: raw

Execute raw commands from inside the container.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli ls -la .

Note: Any commands that don't match one of the commands are tried as raw commands. Things such as ls -la . or keybase --version will work.

Command: batch

Executes a series of commands in a , or ; separated string.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli batch "{any of the above commands},{any of the above commands}"`

Command: file

Executes a series of commands contained in a yaml file.

docker run --rm -v $PWD:$PWD -w $PWD -e KEYBASE_USERNAME="$KEYBASE_USER" \
   -e KEYBASE_PAPERKEY="$KEYBASE_PAPERKEY" -e KEYBASE_UID=$UID -e KEYBASE_GID=$GID \
   bjgeiser/keybase-cli file keybase://path/to/command_file.yaml

command_file.yaml

commands:
  - get keybase://path/to/file
  - get keybase://path/to/file2
  - get keybase://path/to/file3
  - clone keybase://path/to/clone
  - github-action-secrets keybase://path/to/file
  # modify file downloaded above
  - chmod a+rw file3
Owner
Bryce Geiser
Bryce Geiser
GitHub Repository
Neovim integration for Google Keep, built using gkeepapi

Gkeep.nvim Neovim integration for Google Keep, built using gkeepapi Requirements Neovim 0.5 Python 3.6+ A patched font (optional. Used for icons) Tabl

Steven Arcangeli 143 Jan 02, 2023
A **CLI** folder organizer written in Python.

Fsorter Introduction A CLI folder organizer written in Python. Dependencies Before installing, install the following dependencies: Ubuntu/Debain Based

1 Nov 17, 2021
Python-Stock-Info-CLI: Get stock info through CLI by passing stock ticker.

Python-Stock-Info-CLI Get stock info through CLI by passing stock ticker. Installation Use the following command to install the required modules at on

Ayush Soni 1 Nov 05, 2021
A terminal slots programme in PY

PYSlots PyPI and Test PyPI External Links PyPI Test PyPI Install Look directly at the bugs! Version pip install pyslots "Don't look directly at the bu

Luke Batema 4 Nov 30, 2022
Command line util for grep.app - Search across a half million git repos

grepgithub Command line util for grep.app - Search across a half million git repos Grepgithub uses grep.app API to search GitHub repositories, providi

Nenad Popovic 18 Dec 28, 2022
commandpack - A package of modules for working with commands, command packages, files with command packages.

commandpack Help the project financially: Donate: https://smartlegion.github.io/donate/ Yandex Money: https://yoomoney.ru/to/4100115206129186 PayPal:

4 Sep 04, 2021
command line interface to manage VALORANT skins

A PROPER RELEASE IS COMING SOON, IF YOU KNOW HOW TO USE PYTHON YOU CAN USE IT NOW! valorant skin manager command line interface simple command line in

colinh 131 Dec 25, 2022
Python remote shell.

Python remote shell.

Steven 9 Oct 17, 2022
EODAG is a command line tool and a plugin-oriented Python framework for searching, aggregating results and downloading remote sensed images while offering a unified API for data access regardless of the data provider

EODAG (Earth Observation Data Access Gateway) is a command line tool and a plugin-oriented Python framework for searching, aggregating results and downloading remote sensed images while offering a un

CS GROUP 205 Jan 03, 2023
Chat In Terminal - Chat-App in python

Chat In Terminal Hello all. 😉 Sockets and servers are vey important for connection and importantly chatting with others. 😂 😁 I have thought of maki

Shreejan Dolai 5 Nov 17, 2022
A terminal UI dashboard to monitor requests for code review across Github and Gitlab repositories.

A terminal UI dashboard to monitor requests for code review across Github and Gitlab repositories.

Kyle Harrison 150 Dec 14, 2022
Wordle for CLUE - WORDLE clone for Adafruit Clue

Wordle_for_CLUE This project is a clone of the very popular word solving puzzle

Michael Lacock 4 Feb 15, 2022
adds flavor of interactive filtering to the traditional pipe concept of UNIX shell

percol __ ____ ___ ______________ / / / __ \/ _ \/ ___/ ___/ __ \/ / / /_/ / __/ / / /__/ /_/ / / / .__

Masafumi Oyamada 3.2k Jan 07, 2023
Lexeme - CLI to play a word-guessing game like Wordle

What is this? Python program to play a word-guessing game like Wordle, but… More addictive because you can play it over and over and over, not just on

Dan Lenski 6 Oct 26, 2022
This is a CLI program which can help you generate your own QR Code.

Python-QR-code-generator This is a CLI program which can help you generate your own QR Code. Single.py This will allow you only to input a single mess

1 Dec 24, 2021
The Prisma Cloud CLI is a command line interface for Prisma Cloud by Palo Alto Networks.

Prisma Cloud CLI The Prisma Cloud CLI is a command line interface for Prisma Cloud by Palo Alto Networks. Support This project has been developed by P

Palo Alto Networks 13 Oct 14, 2022
🦎 A NeoVim plugin for highlighting visual selections like in a normal document editor!

🦎 HighStr.nvim A NeoVim plugin for highlighting visual selections like in a normal document editor! Demo TL;DR HighStr.nvim is a NeoVim plugin writte

Pocco81 222 Jan 03, 2023
PipeCat - A command line Youtube music player written in python.

A command line Youtube music player written in python. It's an app written for Linux. It also supports offline playlists that are stored in a

34 Nov 27, 2022
PyDropper - pick colors everywhere

PyDropper - pick colors everywhere Downloads Settings PyDropper is an eyedropper

Herman Brunberg 2 Jan 04, 2022
Python Library and CLI for exporting MySQL databases

expdb Python library and CLI for exporting MySQL databases Installation Pre-requisites MySQL server Python 3.9+ Using git Clone the repository to your

Devansh Singh 1 Nov 29, 2021