I hereby claim:
- I am iloveicedgreentea on github.
- I am ilanpo (https://keybase.io/ilanpo) on keybase.
- I have a public key whose fingerprint is 5F24 760E D425 AE00 4059 A326 1827 3F84 5303 8D71
To claim this, I am signing this object:
views: | |
- title: Home | |
path: home | |
theme: Google Dark Theme | |
badges: [] | |
cards: | |
- type: horizontal-stack | |
cards: | |
- type: custom:button-card | |
color_type: label-card |
rules: | |
- id: wrong-project | |
patterns: | |
- pattern-inside: resource "google_compute_firewall" "..." {...} | |
- pattern-inside: project="..." | |
- pattern-not: project = "myproject" | |
languages: | |
- generic | |
paths: | |
include: |
package main | |
import input as tfplan | |
# Restrict all resources to one project | |
required_project = "myproject" | |
# Ban ports | |
banned_ports = ["80", "22"] |
resource "google_compute_firewall" "ingress" { | |
name = "ingress" | |
network = "default" | |
project = "notmyproject" | |
target_tags = [ "test" ] | |
provisioner "local-exec" { | |
command = "echo 'bypass'" | |
} |
package main | |
# Deny if somevalue is false | |
deny[msg] { | |
val := input.somelist[i] | |
not val | |
msg := sprintf("%d: %s", [i, val]) | |
} |
import json | |
# Read a file and get some value if it is false | |
with open("test.json", 'r') as file: | |
json_input = json.loads(file.read()) | |
for i, val in enumerate(json_input["somelist"]): | |
if val is False: | |
print(f"{i}: False") |
FROM python:3.8-slim | |
# Update and install deps. Install packages the app needs and remove list cache to save space. Notice this is done in one layer | |
RUN apt-get update && apt-get upgrade -y && \ | |
apt-get install zip unzip -y && \ | |
rm -rf /var/lib/apt/lists/* | |
# Set a home directory specifically for this container | |
ENV WORKDIR="/app" | |
# Create the user, our app directory, and set the owner | |
RUN useradd -s /bin/bash --no-create-home app && mkdir -p ${WORKDIR} && chown -R app:app ${WORKDIR} |
# Set a home directory specifically for this container | |
ENV WORKDIR="/app" | |
# Create the user, our app directory, and set the owner | |
RUN useradd -s /bin/bash --no-create-home app && mkdir -p ${WORKDIR} && chown -R app:app ${WORKDIR} | |
# run as app user | |
USER app | |
# set our relative directory to /app | |
WORKDIR ${WORKDIR} |
I hereby claim:
To claim this, I am signing this object: