dustinmm80

do our applications really need to have access to secrets, exposing them as yet another threat vector for credential theft and loss?

• https://secretless.io
• https://github.com/cyberark/secretless-broker

i'm an engineer on the cyberark/conjur team. we'd love feedback on our new project, secretless. it is free (as in free, not as in beer) OSS and we think it will help solve some of your thornier security problems. this is not just another secrets vault.

dustinmm80

=begin
Example box JSON schema
{
    :name => :name_of_vagrant_box, #REQUIRED
    :ip => '10.0.0.11', #REQUIRED
    :synced_folders => [
        { '.' => '/home/vagrant/myapp' }
    ],
    :commands => [

dustinmm80

Keybase proof

I hereby claim:

• I am dustinmm80 on github.
• I am dustinmm80 (https://keybase.io/dustinmm80) on keybase.
• I have a public key ASAi3XCVnnkJYZ7RyeOAbWUC_OJXWoNiec87GFJ6EC4Q5Qo

To claim this, I am signing this object:

dustinmm80

echo "Connecting with Jenkins Swarm plugin"
sudo -H -u jenkins bash -c '
curl -kL -o $HOME/swarm-client.jar \
http://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/swarm-client/2.0/swarm-client-2.0-jar-with-dependencies.jar
'

sudo -H -u jenkins bash -c "
java -jar \$HOME/swarm-client.jar \
-fsroot /var/lib/jenkins \
-executors 6 \

dustinmm80

host_token={{ref('HostFactoryToken')}}
node_name={{ref('NodeName')}}
host_id=$node_name-$(curl http://169.254.169.254/latest/meta-data/instance-id)
host_identity=/var/conjur/host-identity.json

CONJUR_HOST_IDENTITY_VERSION=v1.0.1
CONJUR_SSH_VERSION=v1.2.5

export HOME=/root

dustinmm80

diff --git a/config/application.rb b/config/application.rb
index 8682244..d233004 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -13,10 +13,11 @@ module ConjurCore
   class Application < Rails::Application
     config.eager_load_paths << "#{config.root}/app/models/secret_store.rb"
     config.encoding = "utf-8"
-    config.filter_parameters += [:password]
+    config.filter_parameters += [:password, :value]

dustinmm80

#! /bin/bash

# Checks that your Github repos are up to date

DIRS=()

sync=$1

for file in */ cookbooks/*; do
    DIRS+=("`pwd`/${file}");

dustinmm80

#!/bin/bash
 
# store the current dir
CUR_DIR=$(pwd)
 
# Let the person running the script know what's going on.
echo "--- Pulling in latest changes for all repositories... ---"
 
# Find all git repositories and update it to the master latest revision
for i in $(find . -name ".git" | cut -c 3-); do

dustinmm80

Terminal Cheat Sheet

---

pip

python package installer - look for packages on pypi

• pip install package_name - installs package from pypi
• pip install -r requirements file - installs packages from a requirements file
• pip uninstall package_name - uninstalls package
• pip freeze - output packages to stdout in requirements format, can be piped to a file

dustinmm80

Python Protips

A collection of tips from things I've seen in a lot of code bases.

Use print() as a function and not a statement

print('some string') # good
print 'some string'  # bad

print() has been moved to a function in Python 3 docs.