fix(tk): harden private key output and add address format coverage guard#22
Open
figitaki wants to merge 4 commits intonatefikru/eng-3860-consensus-demo-rustfrom
Open
fix(tk): harden private key output and add address format coverage guard#22figitaki wants to merge 4 commits intonatefikru/eng-3860-consensus-demo-rustfrom
figitaki wants to merge 4 commits intonatefikru/eng-3860-consensus-demo-rustfrom
Conversation
Expose client() and organization_id() on TurnkeySigner. Add keys create/delete, users create/delete, and policies create/delete subcommands that call the Turnkey API via the Rust SDK. All commands output JSON for script consumption. Move turnkey_client, serde_json, hex, and turnkey_api_key_stamper to regular dependencies.
Delete main.rs. Add setup.sh and teardown.sh that use the new tk keys, users, and policies commands. The entire demo now runs through shell scripts and the tk CLI. Update README to document the new flow.
- keys delete: default delete_without_export to false (safe by default) - policies create: reject allow policies with no condition or consensus - setup.sh: write state.json incrementally, exclude private key from state, set umask 077 for agent.env, add ERR trap for partial cleanup - teardown.sh: handle missing state.json and missing fields gracefully, pass --delete-without-export explicitly for key deletion
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
What changed
apiPrivateKeyfrom normal JSON output--api-key-private-key-out <path>for explicit file export of auto-generated key material0600)tk/src/commands/keys.rsValidation
rustup run stable cargo test -p tkrustup run stable cargo clippy -p tk --all-targets -- -D warnings(hits a pre-existing unrelated lint inauth/src/ssh/agent.rs)