Skip to content
/ tools Public

deployment and orchestration tools

License

Notifications You must be signed in to change notification settings

KiraCore/tools

Repository files navigation

tools

KIRA Network - useful tools & scripts

Signatures

All files in KIRA repositories are always signed with cosign

Cosign requires simple initial setup of the signer keys described more precisely here

# install cosign
COSIGN_VERSION="v2.2.3" && \
if [[ "$(uname -m)" == *"ar"* ]] ; then ARCH="arm64"; else ARCH="amd64" ; fi && echo $ARCH && \
PLATFORM=$(uname) && FILE=$(echo "cosign-${PLATFORM}-${ARCH}" | tr '[:upper:]' '[:lower:]') && \
 wget https://github.com/sigstore/cosign/releases/download/${COSIGN_VERSION}/$FILE && chmod +x -v ./$FILE && \
 mv -fv ./$FILE /usr/local/bin/cosign && cosign version

# save KIRA public cosign key
KIRA_COSIGN_PUB=/usr/keys/kira-cosign.pub && mkdir -p $KIRA_COSIGN_PUB && \
 cat > ./cosign.pub << EOL
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE/IrzBQYeMwvKa44/DF/HB7XDpnE+
f+mU9F/Qbfq25bBWV2+NlYMJv3KvKHNtu3Jknt6yizZjUV4b8WGfKBzFYw==
-----END PUBLIC KEY-----
EOL

# download desired files and the corresponding .sig file from: https://github.com/KiraCore/tools/releases

# verify signature of downloaded files
# NOTE: You might need insecure-ignore-tlog and/or insecure-ignore-sct if you verify old signatures from before v2.0.0
cosign verify-blob --key=./cosign.pub --signature=./<file>.sig ./<file> --insecure-ignore-tlog --insecure-ignore-sct

bash-utils

KIRA bash-utils (BU) is a general purpose tool for simplifying scripts & commands

# one line install
TOOLS_VERSION="v0.3.54" && cd /tmp && FILE_NAME="bash-utils.sh" && \
 wget "https://github.com/KiraCore/tools/releases/download/$TOOLS_VERSION/${FILE_NAME}" -O ./$FILE_NAME && \
 wget "https://github.com/KiraCore/tools/releases/download/$TOOLS_VERSION/${FILE_NAME}.sig" -O ./${FILE_NAME}.sig && \
 cosign verify-blob --key="$KIRA_COSIGN_PUB" --signature=./${FILE_NAME}.sig ./$FILE_NAME --insecure-ignore-tlog && \
 chmod -v 555 ./$FILE_NAME && ./$FILE_NAME bashUtilsSetup "/var/kiraglob" && . /etc/profile && \
 echoInfo "Installed bash-utils $(bashUtilsVersion)"

bip39gen

A simple and secure bip39 words generator that is able to mix computer and human provided entropy

# once BU is installed, you can easily and securely install all tools for a relevant architecture and platform
# one line install with verification of IPFS CID referencing a public key used to sign the release
TOOLS_VERSION="v0.3.54" && TOOL_NAME="bip39gen" && cd /tmp && \
 bu safeWget ./${TOOL_NAME}.deb "https://github.com/KiraCore/tools/releases/download/$TOOLS_VERSION/${TOOL_NAME}-$(getPlatform)-$(getArch).deb" \
 "QmeqFDLGfwoWgCy2ZEFXerVC5XW8c5xgRyhK5bLArBr2ue" && rm -rfv ./$TOOL_NAME&& dpkg-deb -x ./${TOOL_NAME}.deb ./$TOOL_NAME && \
 cp -fv ./$TOOL_NAME/bin/$TOOL_NAME /usr/local/bin/$TOOL_NAME && chmod +x "/usr/local/bin/$TOOL_NAME" && \
 rm -rfv ./$TOOL_NAME ./${TOOL_NAME}.deb

# Check bip39gen version
bip39gen version