Amim Knabben knabben

## gist:bd7081b398087119ab9e0e0b4be0c40c
> cat .\conntrack_dump.ps1
$stop=$true

$interval=300
$max_connection_entry = 2000000
$max_file_count=30

$collection_directory="collections"
$conntrack_dump_directory="${collection_directory}/ovs_conntracks"
$logs_directory="${collection_directory}/logs"

## sigstore.md

      
              1 file
            
          
              0 forks
            
          
              1 comment
            
          
              0 stars
            
          
                knabben
                / sigstore.md
            
            
              Last active
              February 20, 2024 16:01
            
              
                Cosign and CVE policy control
              
          
    1. check.cue  - CUE policy file


import "encoding/json"
import "strings"
import "list"

#Predicate: {
  Data: string
 Timestamp: string


## inpsec.go
package main

import (
	"encoding/json"
	"fmt"
	"github.com/fbiville/markdown-table-formatter/pkg/markdown"
	"io"
	"log"
	"os"
	"reflect"

## InstallDebugger.ps1
# Copyright (c) 2023 - Amim Knabben
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http:#www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,

## gist:fd01ceb2b6b62f685ca8398564cf9ebb
    vsphere: PLAY RECAP *********************************************************************
    vsphere: default                    : ok=60   changed=54   unreachable=0    failed=0    skipped=22   rescued=0    ignored=0
    vsphere:
2022/04/29 16:44:15 [INFO] (telemetry) ending ansible
2022/04/29 16:44:15 [INFO] (telemetry) Starting provisioner windows-restart
==> vsphere: Restarting Machine
2022/04/29 16:44:15 packer-builder-vsphere-iso plugin: [INFO] starting remote command: powershell "& {(Get-WmiObject win32_operatingsystem).LastBootUpTime > C:\ProgramData\lastboot.txt; Restart-Computer -force}"
2022/04/29 16:44:17 packer-builder-vsphere-iso plugin: [INFO] command 'powershell "& {(Get-WmiObject win32_operatingsystem).LastBootUpTime > C:\ProgramData\lastboot.txt; Restart-Computer -force}"' exited with code: 0
2022/04/29 16:44:17 [INFO] 0 bytes written for 'stderr'
2022/04/29 16:44:17 packer-builder-vsphere-iso plugin: [INFO] RPC endpoint: Communicator ended with: 0

## working
{
    "ID": "189ee4a25545849158680730fbbe13a413df6a4248dd45ae87b54e18e9195e92",
    "Labels": {
        "io.cri-containerd.kind": "container",
        "io.kubernetes.container.name": "test",
        "io.kubernetes.pod.name": "pwsh1",
        "io.kubernetes.pod.namespace": "default",
        "io.kubernetes.pod.uid": "dea10af0-c185-4656-8d55-a362274aff71"
    },
    "Image": "mcr.microsoft.com/windows/nanoserver:1809",

## antrea-cni.conflist
  {
    "cniVersion":"0.3.0",
    "name": "antrea",
    "plugins": [
        {
            "type": "antrea",
            "ipam": {
                "type": "host-local"
            },
            "capabilities": {"dns": true}

## antrea.yaml
# FeatureGates is a map of feature names to bools that enable or disable experimental features.
featureGates:
# Enable AntreaProxy which provides ServiceLB for in-cluster Services in antrea-agent.
# It should be enabled on Windows, otherwise NetworkPolicy will not take effect on
# Service traffic.
  AntreaProxy: true
# Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
# API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
# this flag will not take effect.
#  EndpointSlice: false

## gist:e706a32bd82e87dfd774114444231f29
kind: Workflow
metadata:
  labels: {pipelines.kubeflow.org/kfp_sdk_version: 1.0.4}
  generateName: conditional-execution-pipeline-with-exit-handler-
  annotations: {pipelines.kubeflow.org/pipeline_compilation_time: '2020-10-22T10:08:22.179176',
    pipelines.kubeflow.org/pipeline_spec: '{"description": "Shows how to use dsl.Condition()
      and dsl.ExitHandler().", "name": "Conditional execution pipeline with exit handler"}',
    pipelines.kubeflow.org/kfp_sdk_version: 1.0.4}
spec:
  onExit: print-op

## main.go
import (
	"bufio"
	"fmt"
	"k8s.io/klog/v2"
	"os"
	"path/filepath"
	"regexp"
	"strings"
	"sync"
)
	> cat .\conntrack_dump.ps1
	$stop=$true

	$interval=300
	$max_connection_entry = 2000000
	$max_file_count=30

	$collection_directory="collections"
	$conntrack_dump_directory="${collection_directory}/ovs_conntracks"
	$logs_directory="${collection_directory}/logs"
	package main

	import (
	"encoding/json"
	"fmt"
	"github.com/fbiville/markdown-table-formatter/pkg/markdown"
	"io"
	"log"
	"os"
	"reflect"
	# Copyright (c) 2023 - Amim Knabben
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http:#www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	vsphere: PLAY RECAP *********************************************************************
	vsphere: default : ok=60 changed=54 unreachable=0 failed=0 skipped=22 rescued=0 ignored=0
	vsphere:
	2022/04/29 16:44:15 [INFO] (telemetry) ending ansible
	2022/04/29 16:44:15 [INFO] (telemetry) Starting provisioner windows-restart
	==> vsphere: Restarting Machine
	2022/04/29 16:44:15 packer-builder-vsphere-iso plugin: [INFO] starting remote command: powershell "& {(Get-WmiObject win32_operatingsystem).LastBootUpTime > C:\ProgramData\lastboot.txt; Restart-Computer -force}"
	2022/04/29 16:44:17 packer-builder-vsphere-iso plugin: [INFO] command 'powershell "& {(Get-WmiObject win32_operatingsystem).LastBootUpTime > C:\ProgramData\lastboot.txt; Restart-Computer -force}"' exited with code: 0
	2022/04/29 16:44:17 [INFO] 0 bytes written for 'stderr'
	2022/04/29 16:44:17 packer-builder-vsphere-iso plugin: [INFO] RPC endpoint: Communicator ended with: 0
	{
	"ID": "189ee4a25545849158680730fbbe13a413df6a4248dd45ae87b54e18e9195e92",
	"Labels": {
	"io.cri-containerd.kind": "container",
	"io.kubernetes.container.name": "test",
	"io.kubernetes.pod.name": "pwsh1",
	"io.kubernetes.pod.namespace": "default",
	"io.kubernetes.pod.uid": "dea10af0-c185-4656-8d55-a362274aff71"
	},
	"Image": "mcr.microsoft.com/windows/nanoserver:1809",
	{
	"cniVersion":"0.3.0",
	"name": "antrea",
	"plugins": [
	{
	"type": "antrea",
	"ipam": {
	"type": "host-local"
	},
	"capabilities": {"dns": true}
	# FeatureGates is a map of feature names to bools that enable or disable experimental features.
	featureGates:
	# Enable AntreaProxy which provides ServiceLB for in-cluster Services in antrea-agent.
	# It should be enabled on Windows, otherwise NetworkPolicy will not take effect on
	# Service traffic.
	AntreaProxy: true
	# Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
	# API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
	# this flag will not take effect.
	# EndpointSlice: false
	kind: Workflow
	metadata:
	labels: {pipelines.kubeflow.org/kfp_sdk_version: 1.0.4}
	generateName: conditional-execution-pipeline-with-exit-handler-
	annotations: {pipelines.kubeflow.org/pipeline_compilation_time: '2020-10-22T10:08:22.179176',
	pipelines.kubeflow.org/pipeline_spec: '{"description": "Shows how to use dsl.Condition()
	and dsl.ExitHandler().", "name": "Conditional execution pipeline with exit handler"}',
	pipelines.kubeflow.org/kfp_sdk_version: 1.0.4}
	spec:
	onExit: print-op
	import (
	"bufio"
	"fmt"
	"k8s.io/klog/v2"
	"os"
	"path/filepath"
	"regexp"
	"strings"
	"sync"
	)