generated from coulomb/repo-seed
39 lines
1.0 KiB
Markdown
39 lines
1.0 KiB
Markdown
---
|
|
id: ADHOC-2026-06-14
|
|
type: workplan
|
|
title: "Ad hoc NetKingdom operator usability fixes"
|
|
domain: netkingdom
|
|
repo: net-kingdom
|
|
status: finished
|
|
owner: codex
|
|
topic_slug: netkingdom
|
|
created: "2026-06-14"
|
|
updated: "2026-06-14"
|
|
state_hub_workstream_id: "c6f3d6bf-4916-490d-96ce-092d2776d7e7"
|
|
---
|
|
|
|
# Ad hoc NetKingdom operator usability fixes
|
|
|
|
## SOPS Custody Unlock Helper
|
|
|
|
```task
|
|
id: ADHOC-2026-06-14-T01
|
|
status: done
|
|
priority: medium
|
|
state_hub_task_id: "bb5973d8-8e61-48f6-b627-a662f8a34ad1"
|
|
```
|
|
|
|
Added a custody unlock helper for SOPS/age operations so drills and incident
|
|
commands can use the password-safe/offline custody age private key without
|
|
installing it permanently on a workstation.
|
|
|
|
The helper validates the supplied private key against the expected public age
|
|
recipient, writes a temporary `0600` `SOPS_AGE_KEY_FILE`, runs the requested
|
|
command or opens an incident shell, and removes the temporary key on exit.
|
|
|
|
Documented the inter-hub recovery-drill path:
|
|
|
|
```bash
|
|
make sops-custody-run COMMAND='make -C /home/worsch/inter-hub recovery-drill'
|
|
```
|