Wash Capture is a new command with an experimental flag.
This creates a capture stream which sets up a sliding window capable of capturing the last 60 minutes.
The potential this has to reduce the pain of debugging in wasmCloud projects is significant.
Possible to set it up to capture your own invocations.
Wash Spy on KV counter demo - see recording.
The great thing is we can watch what's happening, clearly see incidents when they happen and remediate them in short order - we may even be able to see responses.
If I have a bug and want to capture it, I can go wash capture which will grab all the messages and outputs to a local tarball - a wash capture file.
A neat replay feature takes the capture file and plays through the host inventory.
At this stage, you can filter per message or incident: take the sliding window, capture what it found, save for later.
It's also possible to disable when done.
Wash Spy and Wash Capture made it into 0.18. you can run them as long as you install the latest version and activate the experimental flag (--experimental).
Demo: Wash Dev - Victor
Another exciting experimental feature!
In the same vein, Wash Dev is designed to promote a better developer process, experience and project 'debuggability'.
The echo actor talks to an http service provider and echoes the request back to whomever sent it.
Please note: see recording to see what it looks like when you don't put the experimental flag on.
Works both for development on a single actor, or multiple actors.
At start, it realises there is no host running and starts a wasmCloud instance which becomes reachable.
Once it is reachable it starts the project build - built continuously.
Regardless of the approach, everything is configurable - the process will wait until you make a change.
Functionality starting an actor from file - use a local file path a URI. This is how Wash Dev works right now - it watches the file locally and kicks off rebuild which will change the generated file.
Take a look at the recording for the full demo.
This will stabilize with good community feedback - all comments welcome.
Jordan - Wash Spy and Capture will make life easier - dev mode seems cool but hasn't experimented much yet.
Issue: wash is becoming powerful but is easy to misconfigure - security consideration.
wash is becoming a very powerful tool. It can spy on NATS, move artifacts around, manage private keys, and from a security perspective it's becoming a possibly very vulnerable tool.
Would love to see wash implementing subcommands that promote security, like wash systemkey that gives you a key to lock down wash.
The fact that it runs in user-land makes it easy for a vulnerability to gain access.
Could consider something like wash lockdown to clean up local development environments.
wash up provisioning seed keys should be considered when thinking of using wash to provision infrastructure.
Consider reauthentication to access keys.
There are a few different levels of security to tackle here.
Clean config, avoiding writing secret data to local folders.
Process isolation for wasmCloud.
Isolating NATS connections is the key to locking down a wasmCloud lattice.
Being able to audit the nkey hierarchy would be really important for enterprise customers that are looking to trace to the source of development.
If you're working on solutions in the key management space, please come join our Slack. We'd love to collaborate on the management of keys!
Would like to see wash sat implementing some sub- commands that promote security.
