Auryn: a CLI pipeline DSL

Written by

Tom

in

Auryn: A Domain-Specific Language for CLI Pipelines

Sometimes you just can’t help but write a bash script to chain together a couple of tools. Sometimes those bash scripts get out of hand, and you wish you had something that could effectively be the linux pipe symbol, but also clean and format your data for the next CLI program.

Auryn has your back.

The challenge with CLI pipeline tooling

Every pipeline engineer has attempted to chain tools together using Bash scripts or integrate them into Jenkins pipelines. The reality is that there’s a lack of standardized input and output formats across CLI tools.

Each tool serves a different purpose, making automation cumbersome—even though the process is often repetitive:

  1. Read a file.
  2. Optionally transform the input.
  3. Apply the tool with specific parameters.
  4. Save the (potentially massive) output to a file.
  5. Clean the output for the next tool, which will…
  6. Repeat the cycle.

Introducing Auryn: a CLI glue pipeline DSL

Enter Auryn—a domain-specific language (DSL) designed to streamline shell pipelines. Think of it as a platypus: seemingly uncertain of its identity, yet functioning exceptionally well because of it.

Here’s a glimpse of Auryn in action:

run "bash cert_transparency_check.sh __DOMAIN__"
  parsewith cert_transparency_check 
  output "__OUTPUT_DIR__/found_domains.txt"
  as $domain_list

In this snippet:

  • A script is executed with a constant (__DOMAIN__) as its only known truth.
  • The output is parsed using a simple parser you write in a shell script, tailored to the unique output of each CLI tool.
  • The parsed text can be saved to a file and stored in a variable ($domain_list) for use in subsequent tools.

Why Auryn Matters

Auryn addresses the fragmentation in CLI tooling by providing a unified language to define and manage shell workflows. It empowers security engineers to automate complex pipelines without being bogged down by inconsistent tool interfaces.

The inspiration for Auryn

Tom learnt about CPU pipelining and thought the mental model applied to running bash scripts as well. A couple of hours talking to an LLM later, Auryn was born.

The cycle is:

  • Instruction Fetch
    • Get data
  • Instruction Decode
    • Parse the data for CLI input
  • Execute
    • Run the CLI program with the supplied parameters
  • Write to memory
    • Put the result into a variable
  • Write back
    • (Optionally) write the raw output to a file

Auryn is the result of a brain blip, and was put together in a couple of hours yet results in an immensely useful output.

Get Started with Auryn

Ready to tame the beast? Grab a copy of Auryn from the project’s GitHub page: https://github.com/kapott/auryn. Feel free to expand upon it. While the repository doesn’t have a license yet, it will be free, as in beer.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts