Skip to content

Instantly share code, notes, and snippets.

View ogazitt's full-sized avatar

Omri Gazitt ogazitt

View GitHub Profile
@ogazitt
ogazitt / opa-config.yaml
Created January 17, 2023 00:04
OPA config for running an OCI image in GHCR
services:
ghcr-registry:
url: https://ghcr.io
type: oci
credentials:
bearer:
scheme: "Bearer"
token: "<PAT>"
bundles:
@ogazitt
ogazitt / topaz.sh
Last active November 6, 2023 23:04
Install and create a Topaz configuration using a policy image
brew install aserto-dev/tap/topaz
topaz install
topaz configure -d -s -r ghcr.io/<org>/policy-template:1.0.0 -n policy-template
## edit ~/.config/topaz/cfg/config.yaml to reflect GHCR auth info
## see https://gist.github.com/ogazitt/315728a13a9b964f81e6cbd18b39faf9
topaz start
brew install cosign
echo $PAT | docker login -u <GitHub-account> ghcr.io --password-stdin
cosign initialize
cosign generate-key-pair
cosign sign --key cosign.key ghcr.io/<org>/policy-template:1.0.0
@ogazitt
ogazitt / policy-cli.sh
Last active January 17, 2023 00:12
create a policy image using the policy cli
brew install opcr-io/tap/policy
echo $PAT | policy login -s ghcr.io -u <GitHub-account> --password-stdin
mkdir ./demo && cd ./demo
policy templates apply policy-template
tree .
@ogazitt
ogazitt / auth.go
Created April 14, 2020 05:53
Auth0 PKCE flow for a CLI built in golang
package auth
import (
"encoding/json"
"fmt"
"io"
"io/ioutil"
"net"
"net/http"
"net/url"

Keybase proof

I hereby claim:

  • I am ogazitt on github.
  • I am omri (https://keybase.io/omri) on keybase.
  • I have a public key whose fingerprint is 977A F643 4275 DA28 0107 2D33 B3F3 0CFC BE9C 25CC

To claim this, I am signing this object:

@ogazitt
ogazitt / gist:3372119
Created August 16, 2012 17:57
Decoding a Speex stream
private Stream DecodeSpeexStream(Stream stream)
{
// Log function entrance
TraceLog.TraceFunction();
try
{
int totalEncoded = 0;
int totalDecoded = 0;
@ogazitt
ogazitt / gist:3366917
Created August 16, 2012 04:36
Encode a PCM byte array using NSpeex
// I call EncodeSpeech() with a byte array containing PCM-encoded audio data that I get from the
// microphone (with len being the number of encoded bytes in the buffer, in case this is the
// last chunk and the buffer is only partially filled).
// In my app I send the returned byte array to a service for processing - hence I prefix the
// encoded Speex data it with length information.
// The reason that I prefix the data with both the original PCM buffer size as well as the
// the size of the encoded chunk is that the DECODER needs to know the original buffer size,
// otherwise it does not decode properly. Of course the size of the encoded chunk is to "frame"
// the chunks for the service, which may read multiple chunks off a stream.