generated from coulomb/repo-seed
1.0 KiB
1.0 KiB
id, type, title, domain, repo, status, owner, topic_slug, created, updated, state_hub_workstream_id
| id | type | title | domain | repo | status | owner | topic_slug | created | updated | state_hub_workstream_id |
|---|---|---|---|---|---|---|---|---|---|---|
| ADHOC-2026-06-14 | workplan | Ad hoc NetKingdom operator usability fixes | netkingdom | net-kingdom | finished | codex | netkingdom | 2026-06-14 | 2026-06-14 | c6f3d6bf-4916-490d-96ce-092d2776d7e7 |
Ad hoc NetKingdom operator usability fixes
SOPS Custody Unlock Helper
id: ADHOC-2026-06-14-T01
status: done
priority: medium
state_hub_task_id: "bb5973d8-8e61-48f6-b627-a662f8a34ad1"
Added a custody unlock helper for SOPS/age operations so drills and incident commands can use the password-safe/offline custody age private key without installing it permanently on a workstation.
The helper validates the supplied private key against the expected public age
recipient, writes a temporary 0600 SOPS_AGE_KEY_FILE, runs the requested
command or opens an incident shell, and removes the temporary key on exit.
Documented the inter-hub recovery-drill path:
make sops-custody-run COMMAND='make -C /home/worsch/inter-hub recovery-drill'