Skip to content

Instantly share code, notes, and snippets.

Avatar
🏠
Working from home

Hendrix Roa hendrixroa

🏠
Working from home
View GitHub Profile
@hendrixroa
hendrixroa / CloudwatchLogsToElasticSearch.ts
Created Jan 18, 2020
AWS Lambda function to stream cloudwatch logs to elasticsearch with some modification to accept multiples indices
View CloudwatchLogsToElasticSearch.ts
const https = require('https');
const zlib = require('zlib');
const crypto = require('crypto');
const FunctionShield = require('@puresec/function-shield');
const ENV = process.env;
const endpoint = ENV.es_endpoint;
FunctionShield.configure(
{
@hendrixroa
hendrixroa / CodedeployTriggerToSlack.ts
Created Jan 18, 2020
AWS Lambda function triggered by aws codedeploy to send a notification to slack if a deployment was successful or not
View CodedeployTriggerToSlack.ts
const axios = require('axios');
const AWS = require('aws-sdk');
const FunctionShield = require('@puresec/function-shield');
const ENV = process.env;
const slackInfraAlertBot = 'your slack bot token';
FunctionShield.configure(
{
policy: {
@hendrixroa
hendrixroa / aws_rotate_key.ts
Created Jan 18, 2020
Script to rotate aws keys in Gitlab CI/CD
View aws_rotate_key.ts
import * as aws from 'aws-sdk';
import { RequestAPI, RequiredUriUrl } from 'request';
import * as request from 'request-promise-native';
// Update the credentials depending of environment
aws.config.update({
accessKeyId: process.env[`AWS_KEY_${process.env.STAGE}`],
region: process.env.AWS_DEFAULT_REGION,
secretAccessKey: process.env[`AWS_SECRET_${process.env.STAGE}`],
});
@hendrixroa
hendrixroa / yarnAudit.ts
Created Jan 18, 2020
Script to report yarn audit vulnerabilities to slack channet, for run 'yarn audit --json > yarn_audit.json' and later 'node -r ts-node/register scripts/yarnAudit.ts PATH_FILE MODULE'
View yarnAudit.ts
import * as fs from 'fs';
import * as _ from 'lodash';
import { RequestAPI, RequiredUriUrl } from 'request';
import * as request from 'request-promise-native';
export class YarnAudit {
private client: RequestAPI<
request.RequestPromise,
request.RequestPromiseOptions,
RequiredUriUrl
@hendrixroa
hendrixroa / SnykAudit.ts
Last active Jan 18, 2020
Snyk (snyk.io) script to find vulnerabilities and report to slack via webhook, for run this script you should run first `snyk test --docker $IMAGE_BH --file=Dockerfile --json > snyk_docker.json || true` and later ` node -r ts-node/register snykAudit.ts`
View SnykAudit.ts
import * as fs from 'fs';
import * as _ from 'lodash';
import { RequestAPI, RequiredUriUrl } from 'request';
import * as request from 'request-promise-native';
export class SnykDockerAudit {
private client: RequestAPI<
request.RequestPromise,
request.RequestPromiseOptions,
RequiredUriUrl
@hendrixroa
hendrixroa / putRestApi.ts
Created Jan 18, 2020
Script to put rest api in format swagger to AWS APIGATEWAY
View putRestApi.ts
import AWS = require('aws-sdk');
import fs = require('fs');
import minimist = require('minimist');
const args: any = minimist(process.argv);
const apigateway = new AWS.APIGateway({
region: process.env.AWS_DEFAULT_REGION || 'us-east-2',
});
@hendrixroa
hendrixroa / GetGitMessages.ts
Created Jan 18, 2020
Get current git message and print into stdout
View GetGitMessages.ts
import { spawnSync } from 'child_process';
const child = spawnSync('git', ['log', '-1', '--pretty=format:%s']);
if (child.error) {
// tslint:disable-next-line: no-console
console.error(null);
process.exit(1);
}
// tslint:disable-next-line: no-console
console.log(
@hendrixroa
hendrixroa / AWSSecretsByKeys.ts
Created Jan 18, 2020
Pull aws secrets values given keys.
View AWSSecretsByKeys.ts
import AWS = require('aws-sdk');
import minimist = require('minimist');
const args: any = minimist(process.argv);
const secretsManager = new AWS.SecretsManager({
region: process.env.AWS_DEFAULT_REGION || 'us-east-2',
});
export class SecretByKey {
public getSecretByKey(secretId: string, keys: string[]): Promise<any> {
@hendrixroa
hendrixroa / AWSSecretsManagerFormatter.ts
Created Jan 18, 2020
AWS Secrets manager formatter to get secrets in format json, ideally for backups
View AWSSecretsManagerFormatter.ts
import AWS = require('aws-sdk');
import fs = require('fs');
import * as _ from 'lodash';
const ssm = new AWS.SSM({
region: process.env.AWS_DEFAULT_REGION || 'us-east-2',
});
export class FormatSSM {
public describeParameters(): Promise<string[]> {
@hendrixroa
hendrixroa / Codedeploy.ts
Created Jan 18, 2020
Codedeploy script to trigger deployment when an AWS ECS service need to be updated
View Codedeploy.ts
import AWS = require('aws-sdk');
import crypto = require('crypto');
import minimist = require('minimist');
const args: any = minimist(process.argv);
const codedeploy = new AWS.CodeDeploy({
region: process.env.AWS_DEFAULT_REGION || 'us-east-2',
});
export class Deploy {
You can’t perform that action at this time.