From cf59f755e3e887fa00dc8d1d14147091b961f0b7 Mon Sep 17 00:00:00 2001
From: Erik Kristensen <erik@erikkristensen.com>
Date: Thu, 2 Jan 2025 12:34:07 -0700
Subject: [PATCH 1/3] chore(kms): improve logging

---
 resources/kms-alias.go | 2 +-
 resources/kms-key.go   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/resources/kms-alias.go b/resources/kms-alias.go
index f32efc04..aa13b603 100644
--- a/resources/kms-alias.go
+++ b/resources/kms-alias.go
@@ -50,7 +50,7 @@ func (l *KMSAliasLister) List(_ context.Context, o interface{}) ([]resource.Reso
 					KeyId: alias.TargetKeyId,
 				})
 				if err != nil {
-					opts.Logger.WithError(err).Error("failed to list tags for key")
+					opts.Logger.WithError(err).Debug("failed to list tags for key for the alias")
 				}
 				tags = keyTags.Tags
 			}
diff --git a/resources/kms-key.go b/resources/kms-key.go
index 04ce5f13..572bba5b 100644
--- a/resources/kms-key.go
+++ b/resources/kms-key.go
@@ -88,7 +88,7 @@ func (l *KMSKeyLister) List(_ context.Context, o interface{}) ([]resource.Resour
 					if errors.As(err, &awsError) {
 						if awsError.Code() == "AccessDeniedException" {
 							inaccessibleKeys = true
-							logrus.WithError(err).Debug("unable to list tags")
+							logrus.WithError(err).Debug("unable to list tags - inaccessible key")
 							continue
 						} else {
 							logrus.WithError(err).Error("unable to list tags")

From 38e00530e6cc20f174c62ee038aa9f4b392fe073 Mon Sep 17 00:00:00 2001
From: Erik Kristensen <erik@erikkristensen.com>
Date: Thu, 2 Jan 2025 12:39:43 -0700
Subject: [PATCH 2/3] refactor(resource-explorer2-view): standardization with
 properties

---
 ...r2-views.go => resource-explorer2-view.go} | 33 +++++++++++--------
 1 file changed, 20 insertions(+), 13 deletions(-)
 rename resources/{resource-explorer2-views.go => resource-explorer2-view.go} (71%)

diff --git a/resources/resource-explorer2-views.go b/resources/resource-explorer2-view.go
similarity index 71%
rename from resources/resource-explorer2-views.go
rename to resources/resource-explorer2-view.go
index 9f11a32f..99540efd 100644
--- a/resources/resource-explorer2-views.go
+++ b/resources/resource-explorer2-view.go
@@ -5,9 +5,12 @@ import (
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/resourceexplorer2"
-	"github.com/ekristen/aws-nuke/v3/pkg/nuke"
+
 	"github.com/ekristen/libnuke/pkg/registry"
 	"github.com/ekristen/libnuke/pkg/resource"
+	"github.com/ekristen/libnuke/pkg/types"
+
+	"github.com/ekristen/aws-nuke/v3/pkg/nuke"
 )
 
 const ResourceExplorer2ViewResource = "ResourceExplorer2View"
@@ -23,11 +26,6 @@ func init() {
 
 type ResourceExplorer2ViewLister struct{}
 
-type ResourceExplorer2View struct {
-	svc     *resourceexplorer2.ResourceExplorer2
-	viewArn *string
-}
-
 func (l *ResourceExplorer2ViewLister) List(_ context.Context, o interface{}) ([]resource.Resource, error) {
 	opts := o.(*nuke.ListerOpts)
 	svc := resourceexplorer2.New(opts.Session)
@@ -43,8 +41,8 @@ func (l *ResourceExplorer2ViewLister) List(_ context.Context, o interface{}) ([]
 
 		for _, view := range output.Views {
 			resources = append(resources, &ResourceExplorer2View{
-				svc:     svc,
-				viewArn: view,
+				svc: svc,
+				ARN: view,
 			})
 		}
 
@@ -58,14 +56,23 @@ func (l *ResourceExplorer2ViewLister) List(_ context.Context, o interface{}) ([]
 	return resources, nil
 }
 
-func (f *ResourceExplorer2View) Remove(_ context.Context) error {
-	_, err := f.svc.DeleteView(&resourceexplorer2.DeleteViewInput{
-		ViewArn: f.viewArn,
+type ResourceExplorer2View struct {
+	svc *resourceexplorer2.ResourceExplorer2
+	ARN *string `description:"The ARN of the Resource Explorer View"`
+}
+
+func (r *ResourceExplorer2View) Remove(_ context.Context) error {
+	_, err := r.svc.DeleteView(&resourceexplorer2.DeleteViewInput{
+		ViewArn: r.ARN,
 	})
 
 	return err
 }
 
-func (f *ResourceExplorer2View) String() string {
-	return *f.viewArn
+func (r *ResourceExplorer2View) String() string {
+	return *r.ARN
+}
+
+func (r *ResourceExplorer2View) Properties() types.Properties {
+	return types.NewPropertiesFromStruct(r)
 }

From 287ba27b9fcf5cfb07181632bf88154667749240 Mon Sep 17 00:00:00 2001
From: Erik Kristensen <erik@erikkristensen.com>
Date: Thu, 2 Jan 2025 16:35:19 -0700
Subject: [PATCH 3/3] docs: update installation for install and verification

---
 docs/installation.md | 31 ++++++++++++++++++++++++++-----
 1 file changed, 26 insertions(+), 5 deletions(-)

diff --git a/docs/installation.md b/docs/installation.md
index 529583ea..e2aefb2e 100644
--- a/docs/installation.md
+++ b/docs/installation.md
@@ -3,7 +3,7 @@
 Preferred installation order is the following:
 
 1. [GitHub Release](#github-releases-preferred)
-2. [ekristen's homebrew tap](#ekristens-homebrew-tap-macoslinux)
+2. [Homebrew Tap](#ekristens-homebrew-tap-macoslinux)
 3. [Homebrew Core](#homebrew-core-macoslinux)
 
 Docker images are also available via the GitHub Container Registry.
@@ -13,18 +13,24 @@ Docker images are also available via the GitHub Container Registry.
 !!! success - "Recommended"
     This supports all operating systems and most architectures.
 
-You can download pre-compiled binaries from the [releases](https://github.com/ekristen/aws-nuke/releases) page.
+You can download pre-compiled binaries from the [releases](https://github.com/ekristen/aws-nuke/releases) page, or you can use my tool
+[distillery](https://github.com/ekristen/distillery) to download and install the latest version.
 
-## ekristen's Homebrew Tap (MacOS/Linux)
+```console
+dist install ekristen/aws-nuke
+```
+
+## Homebrew Tap (macOS)
 
 !!! info
-    I control this tap, and it sources the binaries directly from the GitHub releases. However, it only supports MacOS.
+    I control this tap, and it sources the binaries directly from the GitHub releases. However, it only supports MacOS
+    and it tends to lag a bit behind.
 
 ```console
 brew install ekristen/tap/aws-nuke
 ```
 
-## Homebrew Core (MacOS/Linux)
+## Homebrew Core (macOS/Linux)
 
 !!! note
     I do not control the Homebrew Core formula, so it may not be up to date. Additionally, it is not compiled with
@@ -50,3 +56,18 @@ To compile **aws-nuke** from source you need a working [Golang](https://golang.o
 goreleaser build --clean --snapshot --single-target
 ```
 
+## Verifying Binaries
+
+All the binaries are signed with [cosign](https://github.com/sigstore/cosign) and are signed with keyless signatures.
+You can verify the build using the public transparency log and the cosign binary.
+
+**Note:** swap out `VERSION` with `vX.Y.Z`.
+
+```console
+cosign verify-blob \
+  --signature https://github.com/ekristen/aws-nuke/releases/download/VERSION/checksums.txt.sig \
+  --certificate https://github.com/ekristen/aws-nuke/releases/download/VERSION/checksums.txt.pem \
+  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
+  --certificate-identity "https://github.com/ekristen/aws-nuke/.github/workflows/goreleaser.yml@refs/tags/VERSION" \
+  https://github.com/ekristen/aws-nuke/releases/download/VERSION/checksums.txt
+```