Skip to content

Instantly share code, notes, and snippets.

joe miller joemiller

Block or report user

Report or block joemiller

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@joemiller
joemiller / stackdriver.json
Created Feb 11, 2020
stackdriver webhook payload v1.2 example
View stackdriver.json
{
"incident": {
"incident_id": "0.lj2va6zdkemq",
"resource_id": "",
"resource_name": "foobar appserver",
"resource": {
"type": "gce_instance",
"labels": {
"instance_id": "8979287136362607111",
"zone": "us-central1-c"
@joemiller
joemiller / gceproject.go
Last active Jan 29, 2020
gceProject() golang function that implements multiple methods of determining the GCP project it is being run within
View gceproject.go
package main
import (
"context"
"errors"
"log"
"os"
"time"
"golang.org/x/oauth2/google"
@joemiller
joemiller / # gnupg - 2019-12-03_17-43-27.txt
Created Dec 4, 2019
gnupg on macOS 10.15.1 - Homebrew build logs
View # gnupg - 2019-12-03_17-43-27.txt
Homebrew build logs for gnupg on macOS 10.15.1
Build date: 2019-12-03 17:43:27
@joemiller
joemiller / pdns-recursor-cache-stats.rb
Last active Oct 11, 2019
quick 1-time script to parse pdns_recursor cache hit ratio and qps across a range of hosts
View pdns-recursor-cache-stats.rb
#!/usr/bin/env ruby
#
# Usage:
#
# $ ruby pdns-recursor-cache-stats.rb
#
# Might need to use sudo or run as root to access the pdns_recursor control socket
#
uptime = 0
View 1-master-branch.md

test plan:

scenarios:

  1. vanilla
  2. with forked keyring lib

steps:

  • keychain
    • record stdout/stderr + exit code:
View 1-master-branch.md

test plan:

scenarios:

  1. vanilla
  2. with forked keyring lib

steps:

  • keychain
    • record stdout/stderr + exit code:
@joemiller
joemiller / k8shack-with-current-kubelet-cert.sh
Created Apr 3, 2019
quick script used during some exploratory GKE/k8s cluster pen-testing. Goal was to use a compromised node's kubelet to move laterally thru the cluster to other nodes and api objects
View k8shack-with-current-kubelet-cert.sh
#!/bin/bash
set -e
NODE_NAME="${NODE_NAME:-random-node-name}"
KUBE_API="${KUBE_API:-35.226.10.2}"
KUBELET_KEY="${KUBELET_KEY:-/etc/srv/kubernetes/pki/kubelet.key}"
KUBELET_CERT="${KUBELET_CERT:-/etc/srv/kubernetes/pki/kubelet.crt}"
WORKDIR="$(mktemp -d /tmp/foo.XXXXX)"
@joemiller
joemiller / docker-backup.sh
Created Aug 7, 2018
minimal docker image backup/restore. used once when resetting the docker/mac VM
View docker-backup.sh
#!/bin/bash
set -eou pipefail
dump_images() {
for i in $(docker images -q | uniq); do
local tarball="$i.tar.gz"
if [[ -e "$tarball" ]]; then
echo "$tarball exists, skipping $i"
continue
@joemiller
joemiller / git-diff-size-check-total-only.rb
Last active Dec 19, 2017
proof of concept script for checking the size of staged git commits and rejecting based on individual file or overall total
View git-diff-size-check-total-only.rb
#!/usr/bin/env ruby
MAX_DIFF_SIZE_MB = 4 # MB
def bytes_to_mb(bytes)
bytes.to_f / (1024*1024)
end
total_diff_bytes = 0
@joemiller
joemiller / kube-svc-check.rb
Created Oct 5, 2017
do a TCP connect test on all services in a kube namespace that have a public IP
View kube-svc-check.rb
#!/usr/bin/env ruby
require 'json'
require 'socket'
require 'timeout'
CONNECT_TIMEOUT = 2
def is_port_open?(ip, port)
begin
You can’t perform that action at this time.