feat: add thycotic/dsv-cli #6892
Conversation
|
Thank you for your contribution! |
|
Let me fix same as #6889 (comment) . |
|
@suzuki-shunsuke i can do it. You said to just re-run those commands to get it up to speed right? |
|
I didn't put this under |
Yes. But in case of this tool, we have to fix generated configuration manually. $ rm -R pkgs/dsv
$ aqua-registry scaffold thycotic/dsv-cli # The command would fail. We have to fix the configuration
$ vim pkgs/thycotic/dsv-cli/registry.yaml # Fix manually
packages:
- type: github_release
repo_owner: thycotic
repo_name: dsv-cli
asset: dsv-{{.OS}}-{{.Arch}}
format: raw
replacements:
amd64: x64
windows: win
supported_envs:
- darwin
- amd64
files: # Added
- name: dsv
checksum:
type: github_release
asset: "{{.Asset}}-sha256.txt" # Fixed
file_format: regexp
algorithm: sha256
pattern:
checksum: "^(\\b[A-Fa-f0-9]{64}\\b)"
file: "^\\b[A-Fa-f0-9]{64}\\b\\s+\\./(\\S+)$" # Fixed |
aqua supports renaming the package, so the package name should be e.g. #6674 https://aquaproj.github.io/docs/reference/registry-config/aliases |
|
@suzuki-shunsuke ok hopefully i got it right this time 👍🏻 cheers |
pkgs/thycotic/dsv-cli/registry.yaml
Outdated
| - vault | ||
| files: | ||
| - name: dsv | ||
| src: 'dsv-{{.OS}}-{{.Arch}}' |
There was a problem hiding this comment.
| src: 'dsv-{{.OS}}-{{.Arch}}' |
If the format is raw, files[].src isn't needed
There was a problem hiding this comment.
Without that it comes up as dsv-cli. I need it to be dsv. The files section seemed to rename it correctly. Suggestion?
There was a problem hiding this comment.
You should specify only name.
files:
- name: dsv
|
https://github.com/aquaproj/aqua-registry/actions/runs/3208474025/jobs/5244366179 Please run $ aqua-registry gr |
|
Working on it! Will have to pick up later and resolve it. Would you be interested in a pre-commit hook config that would ensure aqua generate results in no changes before pushing? That can be added for contributors so it doesn't get missed if you'd like something. |
It is good, but we don't want to add dependencies as much as possible. |
Co-authored-by: Shunsuke Suzuki <suzuki-shunsuke@users.noreply.github.com>
|
Oh, the format of checksum file is different. dsv-darwin-arm64-sha256.txt: |
|
Fixed the checksum config. cd671d0 |
|
Thank you 🙏 |
#6892 thycotic/dsv-cli: Delinea DevOps Secrets Vault is a cli tool for retrieval of secrets, cert generation, key/value retrieval, and general management of the DSV system from the cli.
Disclaimer: I recently transitioned to working on the team that builds this. I'm planning on publishing some homebrew, maybe snap and others publishing methods, but as I've adopted aqua this week in my own workflow (and also adding to public devcontainer setup!), I wanted to get this added to make folks lives easier who might use it for secrets. My contribution is mine alone as a dev, and not initiated or asked for the company.
aqua g -i thycotic/dsv-cliHow to confirm if this package works well
dsv --versionIt's an interface to a backend system
Fully leveraging the tool as it's an interface for the cloud product can be done via a free account dsv. Note that the wording says trial, but it's a free tier product that's fully usable by an individual.
Sorta similar to running the hashi vault cli, which says:
Use Example
I'm going to do a write-up to publish soon on how to use in local development, but here's a brief example I just found a really nice use for. I don't expect the reviewer to do this, but capturing a use I just knocked out that helped me in home/work usage in removing more sensitive values from plaintext files.
I use
direnvand have it hooked into zsh. I setup projects to source$HOME/.envrcso my secrets stay out of the projects in any way.However, I also want to strip out secrets being in the $HOME/.envrc, but I still want to leverage many devops tools that are much easier to work with if GITHUB_TOKEN and other variables are setup (like Pulumi, gh cli, and even aqua).
So after fighting another cli that kept prompting every single terminal session and annoyed me, I setup a new dsv account for myself, and ran
dsv init. I choose a long caching session since it's for me, and means I'll never worry about running out of free tier calls.Before
After
Since it's cached it's blazing fast (I don't even notice it anymore during load!) and I have a step further towards more secure local development practices.
Reference