bureado

#!/usr/bin/env python

"""

  This script will help you authenticate a Django application using python-saml with Azure AD.
  
  This is sample code.
  
  Usage:
  

bureado

Post-modern Linux packaging: additional reading

Summary

This document compiles 2018 coverage around post-modern packaging technologies for Linux, including packaging formats like Snaps and Flatpaks, systems like Nix and Guix and full distros such as Atomic or Clear Linux.

This curation and commentary are current as of 18 June 2018. The curation was prepared by José Miguel Parrella (@bureado) as part of his session at Open Source Summit Japan: Package Management and Distribution in a Cloud World.

We compile these resources in an effort to provide individual developers and organizations with current coverage on the state-of-the-art and motivations of the current post-modern packaging landscape with the intention to increase readiness in experimenting with, evaluating and potentially adopting said technologies.

bureado

Conceptual SBOM model for an APT-based Linux distribution

This is a draft of an entirely exploratory learning exercise to generate SBOMs from first principles that can accompany an APT-based Linux distribution, which in this context is either a disk or a container image obtained from any source including runtime instances, packaged images, debootstraps, etc. Input and comments welcome: Twitter and also on the CNCF, CycloneDX, CDF, Sigstore and other Slacks.

Status

Here's the current version of the output (SPDX) which features:

• Identifying information for the primary component (at this time, the debian:latest container image)
• purl identifiers for each binary package in the image

bureado

#!/bin/sh

# Video: https://www.youtube.com/watch?v=Rv4ZlbMb1pE&list=PL9GzfK3UKP1vOcUkp3ayByoBY2pT641YN&index=3

# Usage: ./hash-to-buildinfo.sh <.deb package>
# Works with deb packages obtained from a Debian archive
# Assumes rekor CLI is in ./

# This all exists because https://unix.stackexchange.com/a/612931
# https://unix.stackexchange.com/a/673157

bureado

#!/bin/bash

# Also see: https://gist.github.com/bureado/16df777c1f9883ef919a5cc0c30eaba3

case "$1" in
 init)
    # Install dependencies
    sudo apt update && sudo apt install jq auditd -y
    # Start auditd
    sudo systemctl start auditd.service

bureado

#!/bin/sh

# See: https://hackmd.io/@aeva/draft-gitbom-spec
# Also see: https://gist.github.com/bureado/0e4b53e90ac1263b7c5ed908dbe2cb50

# Today I would look at witness, tracee, and many others.

# TODO: make sure $BUILDDIR is a --git-dir
BUILDDIR=$1
TIMEOUT=5

bureado

¿Qué pasó con el open source en el 2018?

El 2018 fue un año extraño para el open source... funding decentralizado, cambios de licencias e inversiones sin precedentes que nos hacen pensar sobre los retos de sostenibilidad del open source. Para tratar de hacer sentido de todas las noticias de las últimas semanas, publiqué un video donde hablo sobre estos retos.

Este documento acompaña al video e incluye no solo las fuentes de las historias en el video sino muchos otros enlaces de interés. El objetivo de esta recopilación es permitirle a los activistas hispanoparlantes del open source conectarse con la conversación. ¿Ideas? ¿Comentarios? Estoy en Twitter: @bureado.

In English: this is a write-up on open source sustainability that I developed in early 2019 for Spanish-speaking audiences. All the sources are in English (which is exactly the problem I was trying to solve) and if you're looking for a broader "what happen

bureado

Here's a list of DebConf20 sessions I'm looking forward to. Make sure you check out the Streams, video archive or, eventually, YouTube!

• how to use 'apt-repos' to inspect multiple apt repositories
• DUE - A container manager for building things that aren't Debianized (and things that are).
• Building Linux distributions for fun and profit
• What comes after Open Source?
• [What's new in the Linux kernel (and what's missing in Debian)](https://debconf20.

bureado

What I'll be tracking at FOSDEM 2020

Saturday

• Containers and security main track from 14h thru 17h50 in K.1.105 (La Fontaine) particularly 14h-14h50 and 17h-17h50
• Containers devroom from 10h30 through 1900 in UD2.208 (Decroly) particularly:
  • FOSDEM 2020 - Lazy distribution of container images 10h55
  • FOSDEM 2020 - Supervising and emulating syscalls 13h20
  • Maybe FOSDEM 2020 - Below Kubernetes: Demystifying container runtimes
• FOSDEM 2020 - Linux memory management at scale 14h10

bureado

The Apache Way

Adapted from Briefing: The Apache Way

The Apache Way is not One Way. Every Apache project is unique and every member describes their experience with their own words. But here are some attributes that everyone in Apache embraces.

People

Apache is made of people, not organizations. Contributions are voluntary and all votes weigh the same. A strong community can always make good code better.