Skip to content

Instantly share code, notes, and snippets.

Working from home

KUOKA Yusuke mumoshu

Working from home
Block or report user

Report or block mumoshu

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
jjo /
Last active Nov 3, 2019
Yeah. Get a root shell at any Kubernetes *node* via `privileged: true` + `nsenter` sauce. PodSecurityPolicy will save us. DenyExecOnPrivileged didn't ( exploits it)
# Launch a Pod ab-using a hostPath mount to land on a Kubernetes node cluster as root
# without requiring `privileged: true`, in particular can abuse `DenyExecOnPrivileged`
# admission controller.
# Pod command in turn runs a privileged container using node's /var/run/docker.sock.
# Tweaked for PKS nodes, which run their docker stuff from different
# /var/vcap/... paths
case "${node}" in
crgimenes / stringToReaderCloser.go
Last active Nov 2, 2019
string to io.ReadCloser
View stringToReaderCloser.go
package main
import (
func main() {
r := ioutil.NopCloser(bytes.NewReader([]byte("hello world"))) // r type is io.ReadCloser
fuzzyami / gist:f3a7231037166117a6fef9607960aee7
Last active Aug 21, 2019
golang encyrpt, decrypt key with kms
View gist:f3a7231037166117a6fef9607960aee7
The code below shows how to encrypt and then decrypt some plaintext into a cyphertext using
KMS's Encrypt/Decrypt functions and secretbox (
The plaintext message is sealed into a secretbox using a key that is generated by kmsClient.GenerateDataKey().
Note that this procedure reuquires that a master key would *already exist in KMS* and that its arn/alias is specified.
The aws library assumes that the proper credentials can be found in the shared file (~/.aws/credentials)
and opts for the 'default' role.
Once sealed, the cyphertext is then unboxed, again by first getting the key from kms (kmsClient.Decrypt),
View watchdog.rb
require 'socket'
require 'logger'
STDOUT.sync = true
logger =
watchdog_timeout = (ENV['WATCHDOG_USEC'].to_i / 1_000_000)
sd_notify_socket =, Socket::SOCK_DGRAM)
loop do
tnoda /
Last active Aug 29, 2015
#scala_kb proposal

12/13(土) 第1回 Scala 関西勉強会プロポーザル


12/13(土) 第1回 Scala 関西勉強会.次の (1) か (2) のどちらかを予定.

(1) Competitive Scala Programming


hayajo / flag-slice.go
Created Jul 28, 2014
View flag-slice.go
package main
import (
type items []string
gakuzzzz /
Last active Oct 18, 2019
Scala の省略ルール早覚え

Scala の省略ルール早覚え



def concatAsString(a: Int, b: Int): String = {
  val a_ = a.toString();
  val b_ = b.toString();
juanje / gist:9603938
Created Mar 17, 2014
Install gem before to require it at Test-Kitchen
View gist:9603938

Install gem before to require it at Test-Kitchen


I was trying some TDD with [Tesk-Kitchen][1] and [ServerSpec][2] when I found myself in the following case scenario:

I have a integration test like this:

# cookbook_webtest/test/integration/default/serverspec/localhost/webtest_spec.rb
View boot2docker-fwd
usage ()
cat <<UsageHERE
boot2docker-fwd -- Helper function to quickly manage port forwards between the boot2docker-vm and the host
Usage: boot2docker-fwd [ -n RULE_NAME ] [ -h HOST_PORT ] [ -p {tcp|udp} ] [ -i HOST_IP ] GUEST_PORT
or boot2docker-fwd -d RULE_NAME
or boot2docker-fwd -l
or boot2docker-fwd -A
rhenning / opsworks_blue_green_deploy_test_long_version
Created Feb 13, 2014
AWS OpsWorks full-stack blue/green deploy test
View opsworks_blue_green_deploy_test_long_version
$ aws opsworks describe-stacks
"Stacks": [
"ServiceRoleArn": "arn:aws:iam::047170177871:role/aws-opsworks-service-role",
"StackId": "575e1389-1df3-427d-99d3-d60f89a41442",
"DefaultRootDeviceType": "ebs",
"Name": "rhenning_test",
"ConfigurationManager": {
"Version": "11.4",
You can’t perform that action at this time.