Skip to content

Instantly share code, notes, and snippets.

Avatar

David Norman deekayen

View GitHub Profile
@deekayen
deekayen / upgrade.sh
Last active Aug 27, 2020
Upgrade Ansible AWX containers
View upgrade.sh
docker stop awx_task
docker rm awx_task
docker rmi ansible/awx_task:latest
docker stop awx_web
docker rm awx_web
docker rmi ansible/awx_web:latest
git pull
cd installer
@deekayen
deekayen / .gitlab-ci.yml
Created Aug 3, 2020
Build a Docker container and then scan it with Aquasec Trivy in GitLab CI. Fail for HIGH and CRITICAL findings.
View .gitlab-ci.yml
trivy:
tags:
- kubernetes
stage: test
image: docker:stable
services:
- name: docker:dind
entrypoint: ["env", "-u", "DOCKER_HOST"]
command: ["dockerd-entrypoint.sh"]
variables:
@deekayen
deekayen / .gitlab-ci.yml
Created Aug 3, 2020
Build a Docker container and then scan it with Quay Clair.
View .gitlab-ci.yml
clair:
tags:
- kubernetes
stage: test
image: docker:stable
variables:
DOCKER_DRIVER: overlay2
DOCKER_HOST: tcp://docker:2375/
## Define two new variables based on GitLab's CI/CD predefined variables
## https://docs.gitlab.com/ee/ci/variables/#predefined-variables-environment-variables
@deekayen
deekayen / Preferences.sublime-settings
Created Aug 3, 2020
Sublime Text settings for dnorman-macbook
View Preferences.sublime-settings
{
"color_scheme": "Packages/Theme - Monokai Pro/Monokai Pro (Filter Spectrum).sublime-color-scheme",
"default_line_ending": "unix",
"ensure_newline_at_eof_on_save": true,
"fallback_encoding": "UTF-8",
"font_face": "Source Code Pro",
"font_size": 16,
"ignored_packages":
[
"Vintage"
View blacklist.txt
googleads.g.doubleclick.net
fw.adsafeprotected.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
cooper.logs.roku.com
austin.logs.roku.com
giga.logs.roku.com
scribe.logs.roku.com
adclick.g.doubleclick.net
@deekayen
deekayen / README.md
Last active Mar 5, 2020
Instructions on how to make various TLS certificate file outputs
View README.md
@deekayen
deekayen / prisma_alerts.sh
Last active Mar 3, 2020
Curl the Redlock Prism Cloud API to get alerts from last week then POST them into a Splunk HTTP event collector for alternate archival and analysis. Note the date calculation appends 3 digits of milliseconds from microtime for a total 13 digital epoch value.
View prisma_alerts.sh
#!/bin/bash
# For Mac, date is BSD based. We like GNU date parsing,
# which comes with sideloading date as a renamed gdate util.
# Use Homebrew to install some utilities: https://brew.sh
# brew install coreutils jq
######################
# SET VALUES FOR THESE
@deekayen
deekayen / prisma_alerts_jenkins.sh
Last active Mar 3, 2020
Jenkins/EL7 version of the Prisma Alerts to Splunk bridge bash script.
View prisma_alerts_jenkins.sh
#!/bin/bash
# For EL7:
# yum install curl jq
######################
# SET VALUES FOR THESE
# Prisma Cloud config
API="api2.prismacloud.io"
@deekayen
deekayen / buffalo.cow
Last active Jan 8, 2020
Buffalo animal for cowsay
View buffalo.cow
##
## Buffalo
##
$the_cow = <<EOC;
$thoughts
$thoughts _.-````'-,_
_,.,_ ,-'` `'-.,_
/) ( '``-.
(( ) ) `\\
\\) (_/ )\\
@deekayen
deekayen / .gitlab-ci.yml
Created Dec 16, 2019
Example Gitlab runner CI configuration file that would do Ansible linting and secret discovery.
View .gitlab-ci.yml
---
ansible-lint:
tags:
- ansible
script:
- ansible-lint --version
- git ls-files | grep yml | xargs ansible-lint --exclude=/home/gitlab-runner/.ansible/roles
ansible-review: