Skip to main content

Takumi Guard: Admin Deployment Adds a Direct-Write Mode

· 3 min read
Yoshiaki Matsutomo
Yoshiaki Matsutomo
Software Engineer @ GMO Flatt Security Inc.

Takumi Guard admin deployment now offers a direct-write mode that writes each config file directly. Setup runs without depending on the package-manager CLI, and it can also configure Guard in advance for package managers that are not installed yet.

Overview

By default, admin deployment detects the package managers that Guard configures and applies the Guard configuration only when a target is present. This avoids unnecessary configuration and token issuance on machines that do not use a package manager Guard protects.

The new direct-write mode skips this pre-check and, instead of running the package-manager CLI (npm config set, poetry config, go env -w, and so on), edits the config files directly to apply the Guard configuration.

This means it configures Guard in advance on machines where the package manager is not installed yet, so a tool added later goes through Guard from its first use.

For detailed usage and notes, see "Configure without the pre-check" in the Admin Deployment guide.

Note on token issuance

In this mode, an org user token is issued even for machines that have no configuration target. Depending on your usage this can affect cost, so choose between this mode and the default behavior as appropriate.

Getting Started

Setup script v0.8.0 is available from:

To enable direct-write, set the TG_DIRECT_WRITE environment variable when you run the script — both for the regular call that issues a token and configures Guard, and for the install subcommand that reuses an already-issued org user token:

# Issue an org user token and configure Guard together
TG_DIRECT_WRITE=true TG_BOT_API_KEY="..." ./setup.sh <BOT_ID> <USER_IDENTIFIER>

# Configure Guard only, using an already-issued org user token
TG_DIRECT_WRITE=true ./setup.sh install <TOKEN>
If you already use admin deployment

The sample wrapper script we provide may have been revised. Update both the wrapper and the setup script to the latest versions as needed.

Paid Feature

This feature requires an active Takumi subscription with Guard enabled. See Pricing & Billing for details.

Getting Started with Your Organization

To use Guard's organization features (admin deployment, installation log search, etc.), you need a Takumi subscription with Guard enabled.

  1. Go to https://cloud.shisho.dev/hello/takumi and sign in
  2. Register your organization and subscribe to Takumi
  3. Navigate to Guard > Settings from the sidebar
  4. Click "Enable" to activate Guard

Once Guard is enabled, follow the Admin Deployment guide to begin setup.