HTTPS Wrench

HTTPS Wrench, a wrench not to bench

HTTPS Wrench is a CLI program to make Yaml defined HTTPS requests and to inspect x.509 certificates and keys.
HTTPS Wrench was born from the desire of a disposable Bash script to become a reliable tool for mechanics of the World Wide Web.
https-wrench will, one day, take the place of curl in the hearts and the eyes of whoever is about to migrate a DNS record from a webserver to a load balancer, reverse proxy, Ingress Gateway, CloudFront distribution.

How to use

Check the help:

❯ https-wrench -h

HTTPS Wrench is a tool to make HTTPS requests according to a Yaml configuration file and to inspect x.509 certificates and keys.

https-wrench has two subcommands: requests and certinfo.

requests is the subcommand that does HTTPS requests according to the configuration provided
by the --config flag.

certinfo is a subcommand that reads information from PEM encoded x.509 certificates and keys. The certificates
can be read from local files or TLS enabled endpoints.

certinfo can compare public keys extracted from certificates and private keys to check if they match.

HTTPS Wrench is distributed with an open source license and available at the following address:
https://github.com/xenOs76/https-wrench

Usage:
  https-wrench [flags]
  https-wrench [command]

Available Commands:
  certinfo    Shows information about x.509 certificates and keys
  completion  Generate the autocompletion script for the specified shell
  help        Help about any command
  requests    Make HTTPS requests defined in the YAML configuration file

Flags:
      --config string   config file (default is $HOME/.https-wrench.yaml)
  -h, --help            help for https-wrench
      --version         Display the version

Use "https-wrench [command] --help" for more information about a command.

Generate a sample config file:

https-wrench requests --show-sample-config > https-wrench-sample-config.yaml

Sample configuration file

---
debug: false
verbose: true
requests:
  - name: httpBunComGet

    transportOverrideUrl: https://cat.httpbun.com:443
    clientTimeout: 3

    requestDebug: false
    responseDebug: false

    printResponseBody: true
    printResponseHeaders: true

    userAgent: wrench-custom-ua

    requestHeaders:
      - key: x-custom-header
        value: custom-header-value
      - key: x-api-key
        value: api-value

    responseHeadersFilter:
      - X-Powered-By
      - Via
      - Content-Type

    hosts:
      - name: httpbun.com
        uriList:
          - /headers
          - /status/302
          - /status/404
          - /status/503

  - name: httpBunComCerts

    printResponseCertificates: true

    hosts:
      - name: httpbun.com

Make the HTTPS requests defined in the YAML file:

https-wrench requests --config https-wrench-sample-config.yaml

Sample output of the commands:

HTTPS Wrench requests, (long) sample configuration output

HTTPS Wrench requests, sample requests against a K3s cluster

HTTPS Wrench certinfo, certificate and key

HTTPS Wrench certinfo, TLS Endpoint

How to install

Go install

HTTPS Wrench is "go gettable", so it can be installed with the following command when having a proper go setup:

go install github.com/xenos76/https-wrench@latest

Manual download

Release binaries and DEB, RPM, APK packages can be downloaded from the repo's releases section.
Binaries and packages are built for Linux and MacOS, amd64 and arm64.

APT

Configure the repo the following way:

echo "deb [trusted=yes] https://repo.os76.xyz/apt stable main" | sudo tee /etc/apt/sources.list.d/os76.list

then:

sudo apt-get update && sudo apt-get install -y https-wrench

YUM

Configure the repo the following way:

echo '[os76]
name=OS76 Yum Repo
baseurl=https://repo.os76.xyz/yum/$basearch/
enabled=1
gpgcheck=0
repo_gpgcheck=0' | sudo tee /etc/yum.repos.d/os76.repo

then:

sudo yum install https-wrench

Docker image

Generate the config:

docker run --rm ghcr.io/xenos76/https-wrench:latest -h

docker run --rm ghcr.io/xenos76/https-wrench:latest --show-sample-config > sample-wrench.yaml

Run the requests command:

docker run  -v $(pwd)/sample-wrench.yaml:/https-wrench.yaml  --rm ghcr.io/xenos76/https-wrench:latest --config /https-wrench.yaml requests

Homebrew

Add Os76 Homebrew repository:

brew tap xenos76/tap

Install https-wrench:

brew install --casks https-wrench

Nix/NUR

Nix users can use the following Nur repository to access https-wrench: https://github.com/xenOs76/nur-packages.
The repository is not listed yet in the general Nix User Repository so the following methods can be used to install the package.

Set a Nix channel:

nix-channel --add https://github.com/xenos76/nur-packages/archive/main.tar.gz nur-os76
nix-channel --update

and add the package to a Nix shell:

nix-shell -p '(import <nur-os76> { pkgs = import <nixpkgs> {}; }).https-wrench'

Or use a flake.nix like the one from the nix-shell example to achieve a similar result:

{
  description = "Flake to fetch https-wrench from xenos76's NUR repo";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
    nur-os76.url = "github:xenos76/nur-packages";
    flake-utils.url = "github:numtide/flake-utils";
  };

  outputs = {
    self,
    nixpkgs,
    nur-os76,
    flake-utils,
  }:
    flake-utils.lib.eachDefaultSystem (
      system: let
        pkgs = import nixpkgs {
          inherit system;
        };

        https-wrench = pkgs.callPackage (nur-os76 + "/pkgs/https-wrench") {};
      in {
        packages.default = https-wrench;

        devShells.default = pkgs.mkShell {
          name = "HTTPS-Wrench-Demo";
          packages = [
            https-wrench
            pkgs.gum
          ];
          shellHook = ''
            gum format --theme tokyo-night -- "# HTTPS-Wrench Nix shell" "**https-wrench** *version*: \`$(https-wrench --version)\`"
          '';
        };
      }
    );
}

NixOS users could use a flake like this to fetch the package.