Skip to content

Instantly share code, notes, and snippets.

Avatar

Peter Burkholder (@pburkholder) pburkholder

View GitHub Profile
View audit.sh
#!/bin/bash -euo pipefail
query='type+IN+audit.service_instance.create,audit.service_instance.delete'
total_pages=$(cf curl "/v2/events?results-per-page=100&q=${query}" | jq -c -r '.total_pages')
page=1
while [ $page -le $total_pages ]; do
cf curl "/v2/events?&results-per-page=100&page=${page}&q=${query}" |
jq -c -r '.resources[].entity | [ .timestamp, .actor_username, .type, .actee_name, .metadata.request.service_plan_guid ] | @csv '
View GSAEmily.md

Dear GSA,

The last few months have been a challenge. We’ve experienced a global pandemic that pushed us out of our offices, out of our community gathering places, and kept us in our homes. What was unthinkable a short time ago has become the norm. We are wearing face coverings, keeping our distance from family, friends, and passers-by alike, and monitoring our temperature to ensure we stay healthy. What we’ve done to protect ourselves, our loved ones, and our communities has not been easy.

After sixteen town halls, I know that each of us have found this time challenging, albeit in different ways. Now, like you, I’m struggling as a result of the tragic death of George Floyd and the aftermath. I know it is important to speak about this, but I’ve been worried that I wouldn’t be able to find the right words to express what is in my heart right now. This morning, I saw a statement from U.S. Treasury Secretary Steve Mnuchin that gave a voice to what I’ve been struggling to say.

Secretary Mnuchin said, “[f]ollo

@pburkholder
pburkholder / demo.sh
Last active May 29, 2020
gitleak whitelist commit bug demo
View demo.sh
#!/bin/sh
REPO_PATH=$(mktemp -d "/tmp/gittest.XXXXXX")
echo ====== using REPO_PATH $REPO_PATH =====
pushd $REPO_PATH
git init .
git config --local hooks.gitleaks false; # Needed for my local test
echo "SECRET" > README
git add README
@pburkholder
pburkholder / SSL_Cipher_Test.md
Last active Apr 16, 2020 — forked from warmfusion/SSL_Cipher_Test.md
Uses OpenSSL to test which SSL ciphers are supported on a given backend
View SSL_Cipher_Test.md
Obtaining cipher list from OpenSSL 0.9.8zg 14 July 2015.
Testing ADH-SEED-SHA                   NO (sslv3 alert handshake failure)
Testing DHE-RSA-SEED-SHA               NO (sslv3 alert handshake failure)
Testing DHE-DSS-SEED-SHA               NO (sslv3 alert handshake failure)
Testing SEED-SHA                       NO (sslv3 alert handshake failure)
Testing ADH-AES256-SHA                 NO (sslv3 alert handshake failure)
Testing DHE-RSA-AES256-SHA             YES
Testing DHE-DSS-AES256-SHA             NO (sslv3 alert handshake failure)
Testing AES256-SHA                     NO (sslv3 alert handshake failure)
View ChryslerC3.md

[NB: This is an excerpt from https://pragprog.com/magazines/2013-02/estimation-is-evil, by Ron Jeffries. I've selected the vignette about C3 and piecewise updating because it applies to so many systems out there. The whole post is important, I hope you can read it all -- Peter]

One of the best-known long-term Agile projects was Chrysler’s C3 payroll, the first Extreme Programming project.

I was once present for an exchange between Sue Unger, then CIO of Chrysler Corporation, the highest-ranking IT executive I’ve ever met, meeting with the C3 team. Kent Beck had just explained how we’d be working in iterations of a few weeks duration, building whatever our “Customer,” Marie DeArment, asked us to build. Ms. Unger asked “How will I know whether you’re on track or not?”

Kent held up our stack of story cards for the payroll. “Here are all the things we have to do. We’ll be adding things as we discover them, and removing any that don’t need to be done. We ask you to visit us every month. We’ll show you these car

@pburkholder
pburkholder / issue.md
Last active Aug 6, 2018
Demo UAA for cloud.gov
View issue.md

The stated rationale for this project are:

Authenticating with cloud.gov can be challenging when developing an app:

  • It can be difficult or impossible to log in as multiple different users to manually test your application's functionality.
  • If you're offline or on a spotty internet connection, authenticating with cloud.gov may be challenging.
  • Because logging into cloud.gov usually involves 2 factor authentication, logging in can be slow and cumbersome, which can slow down development.
  • Registering the client ID, client secret, and callback URL in cloud.gov requires creating new identity providers, and you may want a lighter-weight approach for development.
  • Debugging problems with the OAuth2 handshake can be difficult because you don't have much visibility into cloud.gov's internal state.
  • The fake UAA is intended to solve these problems by making it easy to host your own UAA server on your local system. The simplicity of its implementation and its debugging messages allow developer
@pburkholder
pburkholder / notes.md
Last active Aug 1, 2018
Working with Vaadin framework and Oracle on cloud.gov
View notes.md

I'm working in R.H. to get the Vaadin framework on cloud.gov to work with cloud.gov and oracleDB.

What we have:

  • cloud.gov + spring-music + postgres = works
  • cloud.gov + spring-music + oracle = works
  • cloud.gov + vaadinApp + jboss buildpack + H2 = works
  • cloud.gov + vaadinApp + jboss buildpack + postgres != works
    • I thought it worked but in fact it was just falling back to H2
  • cloud.gov + vaadinApp + jboss buildpack + oracle != works
@pburkholder
pburkholder / fly_swat.sh
Last active Jun 13, 2017
Find pipelines that aren't on master, aren't in 18F or related organization
View fly_swat.sh
fly -t fr pipelines | awk '{print $1}' | while read p; do
echo ==== $p ===
fly -t fr get-pipeline -p $p -j |
jq '.resources[] |
select(.type=="git") |
select(.source.branch | test("master|gh-pages") | not)'
fly -t fr get-pipeline -p $p -j |
jq '.resources[] |
select(.type=="git") |
select(.source.uri | test("github.com/(18f|18F|GSA|fugacious|cloudfoundry|cloudfoundry-community)/") | not )'
View cloudwatch.sh
event_name="ConsoleLogin"
aws cloudtrail lookup-events --lookup-attributes \
AttributeKey=EventName,AttributeValue=$event_name --query \
'Events[*].{Ev:CloudTrailEvent,User:Username}' |
jq '.[]| "Username: " + .User, " " + (.Ev| fromjson | "EventTime: " + .eventTime, "SourceIP: " + .sourceIPAddress) '
for event_name in AuthorizeSecurityGroupEgress AuthorizeSecurityGroupIngress CreatePolicy \
CreateSecurityGroup DeleteTrail ModifyVpcAttribute PutUserPolicy PutRolePolicy \
RevokeSecurityGroupEgress RevokeSecurityGroupIngress UpdateTrail; do
@pburkholder
pburkholder / jumpbox.sh
Last active Jun 2, 2017
Concourse jumpbox script
View jumpbox.sh
#!/bin/bash
#set -e
if [ "$#" -ne 1 ]; then
echo
echo "Usage:"
echo " jumpbox <environment>"
exit 1
fi
You can’t perform that action at this time.