Skip to content

Instantly share code, notes, and snippets.

View deangrant's full-sized avatar

Dean Grant deangrant

3 followers · 5 following
View GitHub Profile
@deangrant
deangrant / pip_compile.sh
Created March 25, 2025 16:00
This bash snippet showcases the use of pip-compile from pip-tools to generate a requirements.txt file from a requirements.in file.
# Run a Docker container interactively using the Python 3.13.2 slim image based on Debian Bookworm
# -i: Keep STDIN open for interactive use
# -t: Allocate a pseudo-TTY for terminal interaction
# /bin/bash: Start a Bash shell inside the container
docker run -it docker.io/python:3.13.2-slim-bookworm /bin/bash
# Create a virtual environment named 'venv' in the current directory
# This isolates Python packages from the system environment
python3 -m venv venv
@deangrant
deangrant / codacy_cli_eslint.sh
Created January 5, 2025 09:05
This script automates the setup and usage of the Codacy CLI v2 within a Docker container to perform static code analysis on a project using ESLint and upload the results to Codacy.
#!/bin/bash
# Start a Docker container interactively with the name "codacy-cli"
# and mount the host volume to /mnt/data inside the container.
docker run -it --name codacy-cli /bin/bash -v {{host_volume}}:/mnt/data
# Update package lists and install curl.
apt-get update && apt-get install curl
# Install NVM (Node Version Manager) using the official installation script.
@deangrant
deangrant / ip_within_cidr.py
Created October 30, 2024 11:10
A Python script that checks if IP addresses from multiple CSV files fall within specified CIDR ranges in a separate CSV file. Matching IP rows are saved to an output CSV for easy review, making it useful for network analysis and security auditing.
"""
Find IP addresses within CIDR ranges.
This script processes CSV files containing IP addresses and checks if each IP
falls within any of the specified CIDR ranges provided in a separate CSV file.
If an IP address matches a CIDR range, the entire row is written to an output
CSV file for easy identification and further analysis.
Constants:
@deangrant
deangrant / bitbucket_ci_env.txt
Created October 29, 2024 10:24
A simple method to securely manage environment variables in a CI/CD pipeline, specifically for Bitbucket Pipelines. By encoding sensitive information in a .env file to base64, it can be stored securely as a repository or workspace variable and later decoded for use within the pipeline.
1. Encode the .env file: Convert the .env file containing sensitive environment variables to base64 format. Use the -w 0 flag to keep the output in a single line and store it in a temporary file.
base64 -w 0 .env > _temp.txt
2. Set the encoded content as a repository or workspace variable: Copy the content from _temp.txt and set it as the value of a Bitbucket repository or workspace variable named BUILD_ENV.
3. Decode in the pipeline: In the Bitbucket pipeline configuration, use a script to decode BUILD_ENV and recreate the .env file for use in the build steps.
script:
- echo ${BUILD_ENV} | base64 -d > .env
@deangrant
deangrant / README.md
Last active October 18, 2024 13:59
A custom bitbucket pipeline for automating the process of updating docker images in a project

Docker Base Image Update Automation Script

This script automates the process of updating Docker base images in a project. It checks the current base image in the Dockerfile against the latest available version, creates a new branch for the update, modifies the necessary files, commits the changes, pushes the branch to the remote repository, and creates a pull request.

This script is intended to be run within a Bitbucket pipeline, but it can also be run locally as long as the required environment variables are set.

The script uses the following command to filter image tags based on a specific pattern. You can modify this regular expression based on your project requirements to filter different tags.

PAGE_TAGS=$(echo "$RESPONSE" | jq -r '.results[].name' | grep -E "^20(\.[0-9]+)*-alpine[0-9.]*$"

@deangrant
deangrant / bitbucket-pipelines.yml
Last active October 11, 2024 09:22
A custom bitbucket pipeline for automating the process of updating package dependencies in a project.
# Define the pipelines for the repository.
pipelines:
# Define the pipeline for the custom pipeline.
custom:
# Define the pipeline for evaluating and updating outdated packages.
dependabot:
- step:
name: Run Dependabot to update packages
# Specify the image to run the step.
@deangrant
deangrant / analyze_complexity.py
Created July 31, 2024 15:04
Analyzes the cyclomatic complexity of functions and methods within a given Python file.
import sys
import ast
from mccabe import PathGraphingAstVisitor
from typing import List, Dict, Any
def analyze_complexity(file_path: str, max_complexity: int = 1) -> List[Dict[str, Any]]:
"""
Analyze the cyclomatic complexity of a Python file.
@deangrant
deangrant / count_strings.py
Created July 20, 2024 08:06
Counts the number of strings in JSON files in a specified folders and its subfolders. This script is useful for evaluating the estimated costs of using a localization service such as Lokalise or Weblate, which is licensed per string.
"""
This script traverses a given root folder, processes each JSON file found
within the folder and its subfolders, counts the words in the values of each
JSON file, and then outputs both the individual word counts and the total word
count across all JSON files.
Functions
----------
count_words(string: str) -> int:
Counts the number of words in a given string.
@deangrant
deangrant / Dockerfile
Created July 19, 2024 11:40
Modified official Postgres 14.12 base image to resolve fixable packages identified by Docker Scout
# Start with the official Postgres 14.12 image based on Debian Bullseye as the
# base image
FROM postgres:14.12-bullseye AS base
# Remove the existing gosu binary, update the package list, and install specific
# versions of required packages without recommended extra packages
RUN rm /usr/local/bin/gosu && \
apt-get update && \
apt-get install --no-install-recommends -y gosu=1.12-1+b6 \
libgssapi-krb5-2=1.18.3-6+deb11u5 \
@deangrant
deangrant / install_trivy.sh
Created July 18, 2024 15:09
Set up the necessary environment and install Trivy
#!/bin/bash
# Update the package list and install wget, apt-transport-https, and gnupg.
sudo apt-get install wget apt-transport-https gnupg
# Download the Trivy public key, convert it to a format suitable for APT, and save it in the keyrings directory.
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
# Add the Trivy repository to the APT sources list, specifying the keyring for verification.
echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list