Skip to content

Instantly share code, notes, and snippets.

Kevin Gilpin kgilpin

Block or report user

Report or block kgilpin

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@kgilpin
kgilpin / executor.rb
Created May 24, 2012
Command execution with realtime feedback
View executor.rb
exit_code = Open3.popen3(env, cmd, opts) do |stdin, stdout, stderr, thread|
stdin.close
# Create a thread to read from each stream
threads = [[:stdout, stdout], [:stderr, stderr]].collect do |method, stream|
Thread.new do
until (line = stream.gets).nil?
callback.send(method, line)
end
end
end
@kgilpin
kgilpin / gist:3537559
Created Aug 30, 2012
Archive a Jenkins Ruby Gem artifact to a Conjur Dataset
View gist:3537559
cd pkg && INSCITIV_ENV=stage rvm 1.9.2@myproject do bundle exec ../bin/conjur datafile:upload "Jenkins artifacts: myproject" *.gem
@kgilpin
kgilpin / gist:3873480
Created Oct 11, 2012
Find a free drive letter
View gist:3873480
# Need to find the next available device to let AWS know where to attach
# the volume
drive = (Array('c'..'z').map{|c| "/dev/xvd#{c}"} - Dir.glob("/dev/xvd*"))[0]
device_id = drive[-1..-1]
@kgilpin
kgilpin / create_bacon.sh
Last active Dec 26, 2015
Create Conjur "bacon" resource
View create_bacon.sh
$ conjur resource:create food:$ns/bacon
{
"id": "sandbox:food:1eqwg0/bacon",
"owner": "sandbox:user:kgilpin",
"permissions": []
}
@kgilpin
kgilpin / basic-org.rb
Last active Aug 29, 2015
Conjur Policy - Basic Organization
View basic-org.rb
test_layer = nil
group "security_admin" do
owns do
scope "v1" do
ops = group "ops" do
owns do
test_layer = layer "test"
layer "production"
end
@kgilpin
kgilpin / Notes
Created Dec 8, 2014
Conjur commands
View Notes
Upgrade Conjur CLI
$ sudo /opt/conjur/embedded/bin/gem install conjur-cli --no-rdoc --no-ri
@kgilpin
kgilpin / blue-green.rb
Created Jun 13, 2015
Simple blue/green model
View blue-green.rb
# Simple script which creates two groups, blue and green. Each
# group contains a couple of users. The groups have different permissions
# on 'webservice' resources. In an SDF gatekeeper scenario, the 'blue'
# team will be able to 'read' service a, and the 'green' team will be
# able to 'read' service b. Neither team can perform any action besides 'read'.
# The owner of the 'webservice' resources (which is the user that runs this script)
# has all permissions on all records, via Conjur ownership.
# Create the blue team
blue = group "blue" do
View WebQuake-Nginx-Conjur.md
View How-To-Play-Quake2-With-Conjur.md
View bastion-policy.rb
# Defines a Bastion server layer.
#
# Usage:
# conjur policy load --as-group ops bastion-policy.rb
policy "bastion" do
# Members of this group will be able to adminsiter the bastion.
admins = group "admins"
# Members of this group will be able to login to the bastion
# with a regular, non-privileged account.
users = group "users"
You can’t perform that action at this time.