generated from coulomb/repo-seed
37 lines
941 B
Markdown
37 lines
941 B
Markdown
---
|
|
id: ADHOC-2026-06-14
|
|
type: workplan
|
|
title: "Ad hoc NetKingdom operator usability fixes"
|
|
domain: netkingdom
|
|
repo: net-kingdom
|
|
status: finished
|
|
owner: codex
|
|
topic_slug: netkingdom
|
|
created: "2026-06-14"
|
|
updated: "2026-06-14"
|
|
---
|
|
|
|
# Ad hoc NetKingdom operator usability fixes
|
|
|
|
## SOPS Custody Unlock Helper
|
|
|
|
```task
|
|
id: ADHOC-2026-06-14-T01
|
|
status: done
|
|
priority: medium
|
|
```
|
|
|
|
Added a custody unlock helper for SOPS/age operations so drills and incident
|
|
commands can use the password-safe/offline custody age private key without
|
|
installing it permanently on a workstation.
|
|
|
|
The helper validates the supplied private key against the expected public age
|
|
recipient, writes a temporary `0600` `SOPS_AGE_KEY_FILE`, runs the requested
|
|
command or opens an incident shell, and removes the temporary key on exit.
|
|
|
|
Documented the inter-hub recovery-drill path:
|
|
|
|
```bash
|
|
make sops-custody-run COMMAND='make -C /home/worsch/inter-hub recovery-drill'
|
|
```
|