Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@cto.ai/ops-rc
Advanced tools
π» CTO.ai Ops - The CLI built for Teams π
$ npm install -g @cto.ai/ops-rc
$ ops COMMAND
running command...
$ ops (-v|--version|version)
@cto.ai/ops-rc/1.20.0-rc.1 linux-x64 node-v18.19.0
$ ops --help [COMMAND]
USAGE
$ ops COMMAND
...
ops account:reset
ops account:signin
ops account:signout
ops account:signup
ops account:support
ops add [OPNAME]
ops build [PATH]
ops certs CERTIFICATETYPE NAMEORPATH
ops cleanup [WORKFLOW]
ops configs:delete
ops configs:list
ops configs:set
ops generate:token
ops help [COMMAND]
ops init [NAME]
ops list
ops publish PATH
ops remove WORKFLOW
ops run [NAMEORPATH]
ops search [FILTER]
ops secrets:delete
ops secrets:list
ops secrets:register
ops secrets:set
ops secrets:unregister
ops start [NAMEORPATH]
ops status
ops stop [RUNID]
ops team:create
ops team:info
ops team:invite
ops team:join
ops team:leave
ops team:list
ops team:remove [MEMBER]
ops team:switch [TEAMNAME]
ops update
ops whoami
ops account:reset
Reset your password.
USAGE
$ ops account:reset
ops account:signin
Log in to your account.
USAGE
$ ops account:signin
OPTIONS
-h, --help show CLI help
-i, --interactive Interactive Mode
-p, --password=password Password
-t, --team=team Team Name
-u, --user=user Username or email
ops account:signout
Log out from your account.
USAGE
$ ops account:signout
OPTIONS
-h, --help show CLI help
ops account:signup
Creates an account to use with ops CLI.
USAGE
$ ops account:signup
OPTIONS
-h, --help show CLI help
ops account:support
Contact our support team with questions.
USAGE
$ ops account:support
OPTIONS
-h, --help show CLI help
ops add [OPNAME]
Add a workflow to your team.
USAGE
$ ops add [OPNAME]
ARGUMENTS
OPNAME Name of the public workflow to be added to your team. It should be of the format -
@teamname/workflowName:versionName
OPTIONS
-h, --help show CLI help
ops build [PATH]
Build your workflow for sharing.
USAGE
$ ops build [PATH]
ARGUMENTS
PATH Path to the workflow you want to build.
OPTIONS
-h, --help show CLI help
--nocache Do not use cache when building the image
--ops=workflows List of workflows from ops.yml you want to build. example:
ops build ./ops.yml --ops commandName serviceName pipelineName
ops certs CERTIFICATETYPE NAMEORPATH
Save an SSL certificate and key for your service
USAGE
$ ops certs CERTIFICATETYPE NAMEORPATH
ARGUMENTS
CERTIFICATETYPE (ssl) The type of certificate to store
NAMEORPATH Name or path of the service to save SSL for.
OPTIONS
-h, --help Show help screen
--cert-file=cert-file Path to your certificate file
--key-file=key-file Path to your key file
ops cleanup [WORKFLOW]
Clean up locally cached docker images.
USAGE
$ ops cleanup [WORKFLOW]
ARGUMENTS
WORKFLOW Name of the workflow to be cleaned up
OPTIONS
-h, --help show CLI help
ops configs:delete
Delete a config stored for the active team
USAGE
$ ops configs:delete
OPTIONS
-h, --help show CLI help
-k, --key=key Secret Key Name
ops configs:list
List all the configs that are stored for the active team
USAGE
$ ops configs:list
OPTIONS
-h, --help show CLI help
ops configs:set
Add a new config key & value
USAGE
$ ops configs:set
OPTIONS
-f, --from-file=from-file path to a file containing the value of the config to set
-k, --key=key the key of the config to set
-v, --value=value the value of the config to set
ops generate:token
Generate a long live access token.
USAGE
$ ops generate:token
OPTIONS
-h, --help show CLI help
ops help [COMMAND]
display help for ops
USAGE
$ ops help [COMMAND]
ARGUMENTS
COMMAND command to show help for
OPTIONS
--all see all commands in CLI
See code: @oclif/plugin-help
ops init [NAME]
Create a new Workflow
USAGE
$ ops init [NAME]
ARGUMENTS
NAME provide a name or pass a github url to a template
OPTIONS
-h, --help show CLI help
-j, --jobs generate local template files for pipeline jobs
-k, --kind=kind the kind of Application to create (command, pipeline, etc.)
-t, --template=template the name of the template to use
ops list
Lists the Workflows you have in your team.
USAGE
$ ops list
OPTIONS
-h, --help show CLI help
ops publish PATH
Publish a workflow to your team.
USAGE
$ ops publish PATH
ARGUMENTS
PATH Path to the workflow you want to publish.
OPTIONS
-c, --changelog=changelog Provide a publish changelog
-h, --help show CLI help
-o, --ops=workflows Provide the list of workflows that you want to publish.
--nocache Do not use cache when building the image
ops remove WORKFLOW
Remove a workflow from your team.
USAGE
$ ops remove WORKFLOW
ARGUMENTS
WORKFLOW The name and version of the workflow you want to remove. E.g. my-workflow:0.1.0
Don't include team name or version if using the --all flag
OPTIONS
-h, --help show CLI help
--all Allows you to remove all versions of a workflow on your current team.
ops run [NAMEORPATH]
Run a workflow from your team or the registry.
USAGE
$ ops run [NAMEORPATH]
ARGUMENTS
NAMEORPATH Name or path of the workflow you want to run.
OPTIONS
-B, --batch Runs the workflow in non-interactive batch mode.
-b, --build Builds the workflow before running. Must provide a path to the workflow.
-h, --help show CLI help
--nocache Do not use cache when building the image
ops search [FILTER]
Search for workflows in our registry.
USAGE
$ ops search [FILTER]
ARGUMENTS
FILTER Filter results by workflow name or description.
OPTIONS
-h, --help show CLI help
ops secrets:delete
Delete a secret stored for the active team
USAGE
$ ops secrets:delete
OPTIONS
-h, --help show CLI help
-k, --key=key Secret Key Name
ops secrets:list
List all the keys that are stored for the active team
USAGE
$ ops secrets:list
OPTIONS
-h, --help show CLI help
ops secrets:register
Register a secrets provider for a team
USAGE
$ ops secrets:register
ops secrets:set
Add a key & value
USAGE
$ ops secrets:set
OPTIONS
-f, --from-file=from-file path to a file containing the value of the secret to set
-k, --key=key the key of the secret to set
-v, --value=value the value of the secret to set
ops secrets:unregister
Unregister a secrets provider for a team
USAGE
$ ops secrets:unregister
ops start [NAMEORPATH]
Start a service, pipeline or command on our cloud.
USAGE
$ ops start [NAMEORPATH]
ARGUMENTS
NAMEORPATH Name or path of the workflow you want to run.
OPTIONS
-h, --help show CLI help
ops status
See the status of currently running cloud services
USAGE
$ ops status
OPTIONS
-h, --help show CLI help
ops stop [RUNID]
Stop a service, pipeline or command running in The Ops Cloud
USAGE
$ ops stop [RUNID]
ARGUMENTS
RUNID Run ID of the service, pipeline or command to stop
OPTIONS
-h, --help show CLI help
ops team:create
Create your team.
USAGE
$ ops team:create
OPTIONS
-h, --help show CLI help
-n, --name=name
ops team:info
Shows basic team information for the team you are currently on.
USAGE
$ ops team:info
OPTIONS
-h, --help show CLI help
ops team:invite
Invite your team members.
USAGE
$ ops team:invite
OPTIONS
-h, --help show CLI help
-i, --invitees=invitees A comma-separated string of usernames/emails we want to invite. E.g. ("user1,
user2@gmail.com, user3@something")
ops team:join
Accept an invite to join a team.
USAGE
$ ops team:join
ops team:leave
Leave current team.
USAGE
$ ops team:leave
OPTIONS
-h, --help show CLI help
ops team:list
Shows the list of your teams.
USAGE
$ ops team:list
OPTIONS
-h, --help show CLI help
ops team:remove [MEMBER]
Remove your team members.
USAGE
$ ops team:remove [MEMBER]
ARGUMENTS
MEMBER The username of the team member you want to remove from the team.
OPTIONS
-h, --help show CLI help
ops team:switch [TEAMNAME]
Switch your currently active team.
USAGE
$ ops team:switch [TEAMNAME]
ARGUMENTS
TEAMNAME Team Name
OPTIONS
-h, --help show CLI help
ops update
Update The Ops CLI.
USAGE
$ ops update
OPTIONS
-h, --help show CLI help
ops whoami
Display your user information
USAGE
$ ops whoami
OPTIONS
-h, --help show CLI help
Useful reference for writing tests:
Isolate tests (run only specific tests in that file):
test.only('it should run only tests suffixed with .only', async () => {
test
directory)npm test
or npm t
Run a single unit test, or filter them by filename:
npx jest --testPathPattern=keycloak
test_e2e
directory)The CLI has a number of robused E2E tests that are hosted inside of CTO.ai's private CI/CD infra.
We are planning to expose this system via Github Actions in the future, but for now, a CTO.ai team member will review your PR and test coverage.
The default test server is staging, but you can override this by passing in your own OPS_REGISTRY_HOST
and OPS_API_HOST
values from your shell config.
Run tests against staging (as part of the CTO.ai platform developer workflow):
npm run configdev
to point the ops binary at the development Typescript app (instead of the production Javascript bundle).env.staging
file (you can generate one by running scripts/make-env.sh)NODE_ENV
to 'staging': export NODE_ENV=staging
npm run test:e2e
Run tests against Minikube (as part of the CTO.ai platform developer workflow):
- username: 'existing_user'
- email: 'e2e_existing_user1@cto.ai'
- password: 'password'
test_e2e/utils/constants.ts EXISTING_USER_ID
to Step 1's userIDexisting_user
team in Database if haven't alreadyteste2e/utils/constants.ts EXISTING_TEAM_ID
to step 3's teamIDcto.ai
team in Database if haven't already- Team: βcto.aiβ
- name: βgithubβ
- version: βlatestβ
- public: true
write_a_file_op
command found in test_e2e/sample_ops/write_a_file_op
echo_message_workflow
workflow found in test_e2e/sample_ops/echo_message_workflow
ops-cli-confidential
client to Keycloak. The ops-cli-confidential.json
file can be found in Keybasenpm run configdev
to point the ops binary at the development Typescript app (instead of the production Javascript bundle).env.test
file (you can generate one by running scripts/make-env.sh).env.test
to match your minikube IPNODE_ENV
to 'test': export NODE_ENV=test
npm run test:e2e
Run a single E2E test, or filter test files by filename:
npm run test:e2e --testPathPattern=signin
This CLI application is distributed via public Node Package Manager registry. Any non-trivial changes should be tested by first releasing to the Release Candidate package https://www.npmjs.com/package/@cto.ai/ops-rc before releasing to the official https://www.npmjs.com/package/@cto.ai/ops
master
)npm run test
package.json
and update name
to @cto.ai/ops-rc
and version
to the next successive version (e.g. if the current published ops
version is 1.20.3
, the next rc version should be set to 1.20.4-rc.0
, 1.20.4-rc.1
, etc for each successive release candidate publish targeting the next official version to be eventually released to ops
)npm i
to integrate above changes into package-lock.json
npm login
) with your NPM credentials. Make sure your user is part of the ops-rc
team. If not, your user can be added by logging in with the cto.ai-admin
account (credentials in LastPass)@cto.ai/ops-rc
by running npm publish
npm i -g @cto.ai/ops-rc
(it is recommended you first remove existing ops
by running:npm uninstall -g @cto.ai/ops
rm -rf $(which ops)
ops
(not ops-rc
).env.staging
file as follows:source .env.staging
export $(cut -d= -f1 .env.staging)
ops account:signin
should now sign you into stagingunset $(cut -d= -f1 .env.staging)
ops account:signin
should sign you into productionops
package (see next section).Releases are now handled by .gitlab/workflows/release.yml
, which is triggered via a pushed tag that matches v*
. This workflow will run npm publish
and publish the current semantic version in the package.json
. To simplify things, we've added the tag push command as a post hook to the npm version
script. Steps to trigger a successful release:
name
in package.json
has been set to ops
npm version v{package_version}
(this will version package.json
and update README.md
to reflect that version and then create and push the tag to GitHub)FAQs
π» CTO.ai - The CLI built for Teams π
The npm package @cto.ai/ops-rc receives a total of 20 weekly downloads. As such, @cto.ai/ops-rc popularity was classified as not popular.
We found that @cto.ai/ops-rc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago.Β It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.