test plan:
scenarios:
- vanilla
- with forked keyring lib
steps:
- keychain
- record stdout/stderr + exit code:
joe miller joemiller
joemiller
/ 1-master-branch.md
Created
June 25, 2019 14:54
https://github.com/99designs/keyring/pull/46 tests
joemiller
/ k8shack-with-current-kubelet-cert.sh
Created
April 3, 2019 19:54
quick script used during some exploratory GKE/k8s cluster pen-testing. Goal was to use a compromised node's kubelet to move laterally thru the cluster to other nodes and api objects
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| NODE_NAME="${NODE_NAME:-random-node-name}" | |
| KUBE_API="${KUBE_API:-35.226.10.2}" | |
| KUBELET_KEY="${KUBELET_KEY:-/etc/srv/kubernetes/pki/kubelet.key}" | |
| KUBELET_CERT="${KUBELET_CERT:-/etc/srv/kubernetes/pki/kubelet.crt}" | |
| WORKDIR="$(mktemp -d /tmp/foo.XXXXX)" |
joemiller
/ docker-backup.sh
Created
August 7, 2018 22:06
minimal docker image backup/restore. used once when resetting the docker/mac VM
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -eou pipefail | |
| dump_images() { | |
| for i in $(docker images -q | uniq); do | |
| local tarball="$i.tar.gz" | |
| if [[ -e "$tarball" ]]; then | |
| echo "$tarball exists, skipping $i" | |
| continue |
joemiller
/ git-diff-size-check-total-only.rb
Last active
January 3, 2023 07:40
proof of concept script for checking the size of staged git commits and rejecting based on individual file or overall total
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| MAX_DIFF_SIZE_MB = 4 # MB | |
| def bytes_to_mb(bytes) | |
| bytes.to_f / (1024*1024) | |
| end | |
| total_diff_bytes = 0 |
joemiller
/ kube-svc-check.rb
Created
October 5, 2017 01:19
do a TCP connect test on all services in a kube namespace that have a public IP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'json' | |
| require 'socket' | |
| require 'timeout' | |
| CONNECT_TIMEOUT = 2 | |
| def is_port_open?(ip, port) | |
| begin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "crypto/rand" | |
| "crypto/rsa" | |
| "crypto/x509" | |
| "crypto/x509/pkix" | |
| "encoding/pem" | |
| "fmt" | |
| "log" |
joemiller
/ softirq-watch.rb
Created
July 21, 2016 19:16
watch /proc/softirqs and print deltas of each metric at an interval
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/ruby | |
| # CPU0 CPU1 CPU2 CPU3 CPU4 CPU5 CPU6 CPU7 CPU8 CPU9 CPU10 CPU11 CPU12 CPU13 CPU14 | |
| # HI: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 | |
| # TIMER: 2344143 2305156 2295889 2278479 2274008 2260063 2237324 2245718 0 0 0 0 0 0 0 | |
| # NET_TX: 11309569 76523 76961 77020 77086 76261 78908 76016 0 0 0 0 0 0 0 | |
| # NET_RX: 11442620 47843 49607 48089 48989 45698 49201 41453 0 0 0 0 0 0 0 | |
| # BLOCK: 0 0 0 0 0 0 0 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cask 'chefdk' do | |
| version '0.8.0-1' | |
| sha256 '4d4d6d29324aeed5331d7e573a6d658bae78b7bbf3e3502b52702476a8b747b4' | |
| # amazonaws is the official download host per the vendor homepage | |
| url "https://opscode-omnibus-packages.s3.amazonaws.com/mac_os_x/10.8/x86_64/chefdk-#{version}.dmg" | |
| name 'Chef Development Kit' | |
| name 'ChefDK' | |
| homepage 'https://downloads.getchef.com/chef-dk/' | |
| license :apache |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Apr 22 15:38:33 endpointb914e408.chios.panth.io systemd[1]: Freezing execution. | |
| Apr 22 15:38:33 endpointb914e408.chios.panth.io systemd[1]: Caught <ABRT>, dumped core as pid 11909. | |
| Apr 22 15:38:33 endpointb914e408.chios.panth.io audispd[402]: node=endpointb914e408.chios.panth.io type=ANOM_ABEND msg=audit(1461339513.756:8018204): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=11909 comm="systemd" exe="/usr/lib/system | |
| d/systemd" sig=6 | |
| Apr 22 15:38:33 endpointb914e408.chios.panth.io systemd[1]: Assertion 'hashmap_put(u->manager->cgroup_unit, s, u) == 1' failed at ../src/core/unit.c:2533, function unit_deserialize(). Aborting. | |
| Apr 22 15:38:33 endpointb914e408.chios.panth.io systemd[1]: Reloading. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sed --follow-symlinks -i -e '/Slice=/d' /etc/systemd/system/mysql*service /etc/systemd/system/replica*service /etc/systemd/system/pt*service |