Entries by admin

Secure Secret Management with 1Password CLI

Original Source: https://www.hongkiat.com/blog/secure-secrets-1password-cli-terminal/

As developers, we often deal with sensitive data like API keys, SSH credentials, database passwords, and other secrets. Keeping them secure while ensuring easy access across different projects can be a challenge.

This is where 1Password‘s’ CLI comes in.

1Password CLI terminal interface for managing secrets

1Password CLI is a command-line tool that allows you to securely access and manage your 1Password vault without leaving the terminal. Instead of manually copying and pasting secrets, which can be tedious and risky, you can fetch credentials programmatically, automate authentication workflows, and integrate secrets management into your development processes.

In this article, we’ll explore how to install, configure, and use 1Password CLI to streamline your workflow while keeping your credentials secure.

Getting Started

If you’re on macOS or Linux, the easiest way to install 1Password CLI is using Homebrew:

brew install 1password-cli

If you’re on Windows, I recommend referring to the official 1Password CLI documentation for installation instructions.

For Windows and Linux, follow the official 1Password CLI installation guide to get the appropriate setup for your system.

Once installed, go to Settings… > Developer in the 1Password app, and check Integrate with 1Password CLI.

Enable 1Password CLI integration in app settings

Then, sign in through the Terminal with the following command and select the 1Password account you want to sign in to:

op signin

Now, you’re ready to securely access and manage secrets without exposing them in plain text.

Command-Line Secret Management

When running commands that require authentication, manually copying and pasting credentials can be both tedious and insecure. With 1Password CLI, you can retrieve secrets dynamically using the op read command and the Secret References.

To get the Secret Reference, you can click on the dropdown arrow of the value within the item you’d like to refer to in 1Password.

Copy secret reference from 1Password item menu

Then pass it in the command that requires the secrets. For example, to authenticate with doctl using the DigitalOcean API token, you can run:

doctl auth init –access-token $(op read op://Internet/d439ada/token)

Environment Variables Integration

Another way you can use 1Password CLI is by setting the secrets as environment variables. This is useful when working with multiple secrets or when you need to pass them to a script or a program.

If you’re using Chromatic to test your UI components, you can set the CHROMATIC_PROJECT_TOKEN as an environment variable using the op read command:

#!/bin/bash
export NPM_TOKEN=$(op read op://Internet/d439ada/npm_token)
export CHROMATIC_PROJECT_TOKEN=$(op read op://Internet/d439ada/chromatic_token)

// Install the dependencies, including the private ones that require NPM_TOKEN.
npm install

// Chormatic will automatically use the CHROMATIC_PROJECT_TOKEN.
// @see https://www.chromatic.com/docs/cli/#continuous-integration
npx chromatic

Then, you can run the script using the op run command, as follows:

op run — bash chormatic.sh

Shell Plugin Extensions

To make it even more seamless, you can use the Shell Plugins to integrate 1Password with popular third-party apps such as Github CLI, Docker, DigitalOcean CLI, AWS, HuggingFace, OpenAI, and many more.

In this example, we are going to try to integrate it with the Github CLI. To do so, we can run:

op plugin init gh

You’ll be prompted to import your GitHub credentials into 1Password or select an existing 1Password item where your credentials are saved. In this case, since we’ve already saved the GitHub credentials in 1Password, we can select the existing item.

Initialize GitHub CLI plugin with 1Password integration

Then, it will ask you the scope where the selected credentials can be used. In this case, we’d select it to use it globally so that we can use it across different repositories.

Configure GitHub CLI plugin scope in 1Password

If this is your first time installing a shell plugin, you’ll need to add the source command to your RC file or shell profile to persist the plugin beyond the current terminal session. For example:

echo “source /Users/jondoe/.config/op/plugins.sh” >> ~/.zshrc && source ~/.zshrc

That’s it for the setup! Now, you can use the gh command to interact with GitHub without exposing your credentials in plain text. To test it out you can run the gh auth status.

GitHub CLI authentication status with 1Password integration

Conclusion

1Password CLI is a powerful tool that allows you to securely access and manage your secrets from the Terminal. With a little bit of setup, you can streamline your workflow and integrate secrets management into your development processes with other apps without exposing your credentials in plain text. If you haven’t tried it yet, I recommend giving it a try to make your development workflow more secure and efficient.

The post Secure Secret Management with 1Password CLI appeared first on Hongkiat.

10 Ways to Pretend You’re Not Just Copying Other Designers

Original Source: https://webdesignerdepot.com/10-ways-to-pretend-youre-not-just-copying-other-designers/

Feeling like you’re running out of creative steam? Don’t panic—here’s your ultimate guide to pretending you’re not just copying other designers. So, go ahead, steal like an artist and make it look like you’re breaking new ground. No one will know the difference—except you.

CNCF Triggers a Platform Parity Breakthrough for Arm64 and x86

Original Source: https://www.sitepoint.com/platform-parity-breakthrough-arm64-and-x86/?utm_source=rss

Learn how Actuated, Ampere, and Equinix collaborated to solve ARM64 CI/CD challenges for CNCF projects, enabling native builds that replaced slow emulation with high-performance microVMs, and more.

Continue reading
CNCF Triggers a Platform Parity Breakthrough for Arm64 and x86
on SitePoint.

How to Integrate ChatGPT With Visual Studio Code

Original Source: https://www.hongkiat.com/blog/chatgpt-vscode-integration-guide/

In the past, if you ran into a coding issue in Visual Studio Code (VS Code) and wanted help from ChatGPT, you’d usually have to copy your code, paste it into ChatGPT, type your question, then copy the answer and paste it back into VS Code.

This back-and-forth could be a bit slow and interrupt your flow.

ChatGPT VS Code integration interface

But now, with the latest version, ChatGPT can work directly with apps on your desktop, including VS Code. This means ChatGPT can “see” the files you have open when you ask for help, so it understands the context without you needing to copy and paste everything.

Let’s see how this works.

Enabling Integration

First, you need to install the official ChatGPT extension for VS Code.

Next, you will need to make sure that it’s setting in Settings > Works with Apps > Enable Work with Apps is on.

ChatGPT VS Code settings panel

Example: Using ChatGPT With VS Code

First, make sure that ChatGPT is opened and running. Then, type Option + Space. This shortcut will open the ChatGPT “Companion Chat” window on top of VS Code.

Now, we’ll see how to use ChatGPT with VS Code.

Batch Editing

One powerful way to use the ChatGPT integration with VS Code is to make changes to multiple functions, classes, variables, arguments, or just strings all at once. In the example below, we ask ChatGPT to rename the plugin hooks.

ChatGPT batch code editing example

The best part? You don’t need to copy and paste any code. ChatGPT can scan the code directly and suggest edits. It even shows a diff and gives you a button to apply the changes with a single click.

Generating Boilerplate

Besides making changes to existing code, ChatGPT is also smart enough to generate boilerplate code to help you get started quickly.

In this example, I created a new file and asked it to generate the code to add a submenu in the WordPress dashboard.

ChatGPT WordPress submenu code generation

What’s great is that it understands the structure of your codebase and follows the same coding style as the other files.

Generating Tests

Another handy use case is generating tests. In this example, I asked ChatGPT to create tests for all the methods in a class. The prompt I used was: Create tests for all the public methods in this class.

ChatGPT test case generation example

What I like is that the generated tests cover both the “happy” and “unhappy” paths, which makes them quite thorough.

However, ChatGPT doesn’t yet support creating these tests in a separate file. That means you can’t just click the “Apply” button. You’ll need to copy the generated code and paste it into a new file yourself.

Writing Inline Docs

Another common utility is to generate inline documentation. In this example, I asked it to add inline documentation for the class and the method with the following prompt: Generate inline docs for the methods within the class. Describe what each method is used for in as detailed as possible.

ChatGPT inline documentation generation

Improve Code Readability

If you’re not sure whether your code is easy to read, you can ask ChatGPT to help make it clearer. In this example, I asked it to improve the readability of a piece of code. You can simply use a prompt like: Make the code more readable.

ChatGPT code readability improvements

Tip: Select the part of the code you want to improve before pressing Option + Space. This way, ChatGPT will focus only on the selected code instead of trying to update the whole file.

Find Potential Vulnerability

If you’re concerned about the security of your code, you can ask ChatGPT to review it for potential vulnerabilities. While it’s not a replacement for a full security audit, this can be a great first step to spot common issues like hardcoded secrets, unsafe function usage, or missing input validation or sanitization.

Just select the code you want to analyze and use a prompt like: Check this code for security issues..

ChatGPT code security analysis

I find the suggestions are good and valid. Because it does not understand the full picture of the code, it does not offer to apply the code updates immediately as you need to consider if this is something that you really need to apply.

Wrapping Up

ChatGPT and VS Code make a great pair. While it might not be as tightly integrated or as powerful as GitHub Copilot, ChatGPT is still a helpful assistant. It’s a solid alternative, especially if you prefer an AI that’s less intrusive and only steps in when you ask for it.

The post How to Integrate ChatGPT With Visual Studio Code appeared first on Hongkiat.

How to Make Files Immutable in Linux Using chattr Command

Original Source: https://www.hongkiat.com/blog/linux-chattr-command/

Have you ever accidentally deleted an important configuration file or overwritten changes you needed? Linux offers a powerful but lesser-known feature that can help prevent these situations: file immutability.

Making a file immutable means it cannot be modified, deleted, renamed, or linked to-even by users with root privileges. This provides an extra layer of protection for critical system files or important data.

In this guide, we’ll look at how to use the chattr command to make files immutable in Linux, what happens when you try to modify protected files, and how to remove this protection when needed.

Making Files Immutable in Linux

The chattr (change attribute) command is what we’ll use to make files immutable. Unlike regular file permissions that only restrict access based on user privileges, file attributes can prevent specific operations regardless of who attempts them.

The Command Syntax

To make a file immutable, you use the chattr command with the +i flag:

sudo chattr +i filename.txt

You’ll need root privileges (using sudo) to change file attributes, especially for system files. If you’re not familiar with sudo, check out our guide on how to use the sudo command in Linux.

What Happens When a File is Immutable?

Once a file is marked as immutable, several operations will fail with an “operation not permitted” error:

You can’t modify the file’s contents
You can’t rename the file
You can’t delete the file
You can’t create a hard link to the file
You can’t change permissions or ownership

Let’s look at some examples of what happens when you try to modify an immutable file:

$ sudo chattr +i important.conf
$ rm important.conf
rm: cannot remove ‘important.conf’: Operation not permitted

$ mv important.conf renamed.conf
mv: cannot move ‘important.conf’ to ‘renamed.conf’: Operation not permitted

$ echo “new content” > important.conf
bash: important.conf: Operation not permitted

Notice that even with proper file permissions, these operations fail. That’s the power of the immutable attribute – it overrides normal permission checks.

Remember that while a file is immutable, even root users cannot modify it until the immutable attribute is removed.

Checking if a File is Immutable

Before attempting to modify a file, you might want to check if it has the immutable attribute set. You can use the lsattr (list attributes) command:

$ lsattr filename.txt
—-i——–e—- filename.txt

The presence of the ‘i’ flag indicates the file is immutable.

When to Remove Immutability

You should remove immutability when:

You need to update configuration files
You’re performing system maintenance
You’re upgrading software that will modify protected files
You no longer need the protection for specific files

A good practice is to remove immutability, make your changes, and then set the file as immutable again once you’re done.

Removing Immutability from Files

When you need to update or manage an immutable file, you’ll first need to remove the immutable attribute. This is done with the chattr command again, but using the -i flag:

sudo chattr -i filename.txt

After removing the immutable attribute, you can perform all normal file operations:

$ sudo chattr -i important.conf
$ echo “Updated content” > important.conf # Now works
$ mv important.conf renamed.conf # Now works
$ rm renamed.conf # Now works

Practical Use Cases for File Immutability

Making files immutable isn’t just a cool trick-it has several practical applications for system administrators and security-conscious users:

1. Protecting Critical Configuration Files

System configuration files like /etc/passwd, /etc/shadow, and /etc/hosts contain essential information. Making them immutable prevents accidental or malicious changes that could compromise your system.

sudo chattr +i /etc/passwd /etc/shadow /etc/hosts

Remember to temporarily remove immutability when legitimate updates are needed, then re-apply it afterward.

2. Preventing Accidental File Deletion

We’ve all had that sinking feeling after accidentally deleting an important file. For files you rarely change but always need, immutability provides peace of mind:

sudo chattr +i ~/Documents/important_records.pdf

3. Hardening Against Malware

Some malware attempts to modify system files or configuration files. By making critical system files immutable, you can prevent malware from successfully compromising your system, even if it somehow gains elevated privileges.

4. Managing Production Environments

In production environments where stability is crucial, you can make deployment configurations immutable to prevent accidental changes that might cause outages:

sudo chattr +i /etc/nginx/nginx.conf
sudo chattr +i /etc/apache2/apache2.conf

5. Securing Boot Files

Making boot files immutable helps protect against boot-sector malware and ensures your system boots reliably:

sudo chattr +i /boot/grub/grub.cfg

6. Creating Write-Once Files

For logs or records that should never be altered after creation (for compliance or security reasons), you can create the file, add content, and then make it immutable:

echo “Initial log entry: $(date)” > audit_log.txt
sudo chattr +i audit_log.txt

Remember that immutability doesn’t replace backups! While it prevents modification or deletion, it won’t protect against hardware failures or other issues that might corrupt your storage.

Conclusion

The chattr command with its immutable flag provides a simple but powerful way to protect critical files on your Linux system. With just two commands-chattr +i to make a file immutable and chattr -i to remove immutability-you can add an extra layer of protection to your most important files.

This feature is especially valuable because:

It works regardless of file permissions or user privileges
It provides protection against both accidents and malicious actions
It’s easy to apply and remove as needed
It requires no additional software installation (it’s built into Linux)

While not a replacement for good backup practices or proper system administration, file immutability is a valuable tool in your Linux security toolkit. It creates a simple “lock” that requires deliberate action to remove, preventing many common file disasters.

Other Useful File Attributes

Beyond immutability, the chattr command offers several other useful attributes:

a (append-only): Files can only be opened for appending data, not editing existing content
s (secure deletion): When a file is deleted, blocks are zeroed and written to disk
A (no atime updates): The file’s access time record isn’t modified when the file is accessed
c (compressed): The file is automatically compressed on disk and decompressed when read

Next time you have an important configuration file that needs protection, or just want to ensure you don’t accidentally delete your tax records, remember the simple power of chattr +i. It might just save your day!

The post How to Make Files Immutable in Linux Using chattr Command appeared first on Hongkiat.