Virendra Singh Bhalothia bhalothia

## cloudformation-template_vpc-iam.json
{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "MyApp VPC",
  "Parameters" : {
    "Project" : {
      "Description" : "Project name to tag resources with",
      "Type" : "String",
      "MinLength": "1",
      "MaxLength": "16",
      "AllowedPattern" : "[a-z]*",

## .gitignore
# Compiled source #
###################
*.com
*.class
*.dll
*.exe
*.o
*.so

# Packages #

## README.md

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                bhalothia
                / README.md
            
            
              Last active
              December 2, 2015 22:36
                — forked from bknowles/README.md
            
              
                multi-knife-howto
              
          
    Overview

Here is an example shared configuration for knife.  You can drop this off in your chef-repo/.chef/ directory, and multiple developers can use the same knife configuration to interact with more than one Chef server, or the Opscode platform.
By using Bash functions and environment variables we can change the chef server, which knife is configured to use, on the fly.
NOTE: knife will probably ignore your ~/.chef/knife.rb once you begin using a shared knife.rb in your chef-repo directory.
Preparation

  
## gist:21919a7ec0fdce1df623
Jenkins Best Practices
https://en.wikipedia.org/wiki/Continuous_integration<- Read this!
https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+Best+Practices
http://www.slideshare.net/andrewbayer/7-habits-of-highly-effective-jenkins-users
Set up version control of job configurations
Keep jobs simple! Don't put a ton of bash in each job. If a job needs to do something complex, put it in a script in GitHub and check it out as needed.
Use templated builders to simplify common tasks
Keep all scripts in version control - avoid running scripts that live on the Jenkins server filesystem
Don't install unnecessary plugins - plugins are often written by third parties and can interact with each other in strange ways
Use LDAP authentication if possible for traceability - avoid anonymous access

## multi_env_knife_config
#
# This is an example of a knife.rb configuration that uses yml and a
# simple env var (CHEF_ENV) to manage multiple hosted Chef environments.
#
# Example usage:
# export CHEF_ENV=evnironment_01
# knife status
#
# Based on: http://blog.blankpad.net/2010/09/28/multiple-knife-environments---the-return/
#

## jenkins_copying_configuration.sh
ORIGINAL_JENKINS_SERVER=
ORIGINAL_SERVER_USER=

NEW_JENKINS_SERVER=
NEW_SERVER_USER=

# ON THE ORIGINAL JENKINS SERVER
ssh $ORIGINAL_SERVER_USER@$ORIGINAL_JENKINS_SERVER
cd /var/lib/jenkins/
for i in `ls jobs`; do echo "jobs/$i/config.xml";done > config.totar

## jaas-loginmodule.conf
RDpropertyfilelogin {
    org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule sufficient
    debug="true"
    file="/.../server/config/realm.properties";

    com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule sufficient
    debug="false"
    contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
    providerUrl="ldap://xx.xx.xx.xx:389"
    port="389"

## shellshock_patcher_sh
#!/bin/bash

env x='() { :;}; echo vulnerable' bash -c "echo this is a test" | grep vulnerable > /dev/null 2>&1
if [ $? -eq 1 ]; then
  echo "Not vulnerable. Machine is safe."
  exit 0
else
  echo -n "Vulnerable. Version: "
  /bin/bash --version
  echo "Installing patch."

## install_sublime_text.sh
#!/bin/sh

# Sublime Text 3 install with Package Control
# http://simonewebdesign.it/install-sublime-text-3-on-linux/

# Run this script with:
# $ curl -L git.io/sublimetext | sh


# Detect the architecture

## .gitconfig
[user]
	name = Pavan Kumar Sunkara
	email = pavan.sss1991@gmail.com
[core]
	editor = vim
	whitespace = fix,-indent-with-non-tab,trailing-space,cr-at-eol
	excludesfile = ~/.gitignore
[sendemail]
	smtpencryption = tls
	smtpserver = smtp.gmail.com
	{
	"AWSTemplateFormatVersion": "2010-09-09",
	"Description": "MyApp VPC",
	"Parameters" : {
	"Project" : {
	"Description" : "Project name to tag resources with",
	"Type" : "String",
	"MinLength": "1",
	"MaxLength": "16",
	"AllowedPattern" : "[a-z]*",
	# Compiled source #
	###################
	*.com
	*.class
	*.dll
	*.exe
	*.o
	*.so

	# Packages #
	Jenkins Best Practices
	https://en.wikipedia.org/wiki/Continuous_integration<- Read this!
	https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+Best+Practices
	http://www.slideshare.net/andrewbayer/7-habits-of-highly-effective-jenkins-users
	Set up version control of job configurations
	Keep jobs simple! Don't put a ton of bash in each job. If a job needs to do something complex, put it in a script in GitHub and check it out as needed.
	Use templated builders to simplify common tasks
	Keep all scripts in version control - avoid running scripts that live on the Jenkins server filesystem
	Don't install unnecessary plugins - plugins are often written by third parties and can interact with each other in strange ways
	Use LDAP authentication if possible for traceability - avoid anonymous access
	#
	# This is an example of a knife.rb configuration that uses yml and a
	# simple env var (CHEF_ENV) to manage multiple hosted Chef environments.
	#
	# Example usage:
	# export CHEF_ENV=evnironment_01
	# knife status
	#
	# Based on: http://blog.blankpad.net/2010/09/28/multiple-knife-environments---the-return/
	#
	ORIGINAL_JENKINS_SERVER=
	ORIGINAL_SERVER_USER=

	NEW_JENKINS_SERVER=
	NEW_SERVER_USER=

	# ON THE ORIGINAL JENKINS SERVER
	ssh $ORIGINAL_SERVER_USER@$ORIGINAL_JENKINS_SERVER
	cd /var/lib/jenkins/
	for i in `ls jobs`; do echo "jobs/$i/config.xml";done > config.totar
	RDpropertyfilelogin {
	org.mortbay.jetty.plus.jaas.spi.PropertyFileLoginModule sufficient
	debug="true"
	file="/.../server/config/realm.properties";

	com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule sufficient
	debug="false"
	contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
	providerUrl="ldap://xx.xx.xx.xx:389"
	port="389"
	#!/bin/bash

	env x='() { :;}; echo vulnerable' bash -c "echo this is a test" \| grep vulnerable > /dev/null 2>&1
	if [ $? -eq 1 ]; then
	echo "Not vulnerable. Machine is safe."
	exit 0
	else
	echo -n "Vulnerable. Version: "
	/bin/bash --version
	echo "Installing patch."
	#!/bin/sh

	# Sublime Text 3 install with Package Control
	# http://simonewebdesign.it/install-sublime-text-3-on-linux/

	# Run this script with:
	# $ curl -L git.io/sublimetext \| sh


	# Detect the architecture
	[user]
	name = Pavan Kumar Sunkara
	email = pavan.sss1991@gmail.com
	[core]
	editor = vim
	whitespace = fix,-indent-with-non-tab,trailing-space,cr-at-eol
	excludesfile = ~/.gitignore
	[sendemail]
	smtpencryption = tls
	smtpserver = smtp.gmail.com