Skip to content

Instantly share code, notes, and snippets.

@pburkholder
pburkholder / tracing.py
Created March 19, 2024 22:44
011y python example
import os
from opentelemetry import (
trace
)
from opentelemetry.instrumentation.requests import RequestsInstrumentor
from opentelemetry.sdk.resources import Resource
from opentelemetry.sdk.trace import TracerProvider
from opentelemetry.sdk.trace.export import (
BatchSpanProcessor,
ConsoleSpanExporter,
@pburkholder
pburkholder / teams.puml
Created February 11, 2021 20:47
Teams PlantUML
@startuml
(*) --> "Do you have an email address\nthrough the partner agency?"
if "" then
--> "Yes"
-->"Follow partner Teams"
-->"Do you have computer from agency?"
if "" then
--> "yes"
@pburkholder
pburkholder / rollback.md
Last active December 8, 2020 12:38
gitleaks version rollback
brew unlink gitleaks

Save the formula to local file, e.g.

wget https://raw.githubusercontent.com/Homebrew/homebrew-core/43a0bf66f703e40e26f429725c5ff500b6da4e12/Formula/gitleaks.rb

Then install from the local formula:

#!/bin/bash -euo pipefail
query='type+IN+audit.service_instance.create,audit.service_instance.delete'
total_pages=$(cf curl "/v2/events?results-per-page=100&q=${query}" | jq -c -r '.total_pages')
page=1
while [ $page -le $total_pages ]; do
cf curl "/v2/events?&results-per-page=100&page=${page}&q=${query}" |
jq -c -r '.resources[].entity | [ .timestamp, .actor_username, .type, .actee_name, .metadata.request.service_plan_guid ] | @csv '

Dear GSA,

The last few months have been a challenge. We’ve experienced a global pandemic that pushed us out of our offices, out of our community gathering places, and kept us in our homes. What was unthinkable a short time ago has become the norm. We are wearing face coverings, keeping our distance from family, friends, and passers-by alike, and monitoring our temperature to ensure we stay healthy. What we’ve done to protect ourselves, our loved ones, and our communities has not been easy.

After sixteen town halls, I know that each of us have found this time challenging, albeit in different ways. Now, like you, I’m struggling as a result of the tragic death of George Floyd and the aftermath. I know it is important to speak about this, but I’ve been worried that I wouldn’t be able to find the right words to express what is in my heart right now. This morning, I saw a statement from U.S. Treasury Secretary Steve Mnuchin that gave a voice to what I’ve been struggling to say.

Secretary Mnuchin said, “[f]ollo

@pburkholder
pburkholder / demo.sh
Last active May 29, 2020 12:57
gitleak whitelist commit bug demo
#!/bin/sh
REPO_PATH=$(mktemp -d "/tmp/gittest.XXXXXX")
echo ====== using REPO_PATH $REPO_PATH =====
pushd $REPO_PATH
git init .
git config --local hooks.gitleaks false; # Needed for my local test
echo "SECRET" > README
git add README
@pburkholder
pburkholder / SSL_Cipher_Test.md
Last active April 16, 2020 01:31 — forked from warmfusion/SSL_Cipher_Test.md
Uses OpenSSL to test which SSL ciphers are supported on a given backend
Obtaining cipher list from OpenSSL 0.9.8zg 14 July 2015.
Testing ADH-SEED-SHA                   NO (sslv3 alert handshake failure)
Testing DHE-RSA-SEED-SHA               NO (sslv3 alert handshake failure)
Testing DHE-DSS-SEED-SHA               NO (sslv3 alert handshake failure)
Testing SEED-SHA                       NO (sslv3 alert handshake failure)
Testing ADH-AES256-SHA                 NO (sslv3 alert handshake failure)
Testing DHE-RSA-AES256-SHA             YES
Testing DHE-DSS-AES256-SHA             NO (sslv3 alert handshake failure)
Testing AES256-SHA                     NO (sslv3 alert handshake failure)

[NB: This is an excerpt from https://pragprog.com/magazines/2013-02/estimation-is-evil, by Ron Jeffries. I've selected the vignette about C3 and piecewise updating because it applies to so many systems out there. The whole post is important, I hope you can read it all -- Peter]

One of the best-known long-term Agile projects was Chrysler’s C3 payroll, the first Extreme Programming project.

I was once present for an exchange between Sue Unger, then CIO of Chrysler Corporation, the highest-ranking IT executive I’ve ever met, meeting with the C3 team. Kent Beck had just explained how we’d be working in iterations of a few weeks duration, building whatever our “Customer,” Marie DeArment, asked us to build. Ms. Unger asked “How will I know whether you’re on track or not?”

Kent held up our stack of story cards for the payroll. “Here are all the things we have to do. We’ll be adding things as we discover them, and removing any that don’t need to be done. We ask you to visit us every month. We’ll show you these car

@pburkholder
pburkholder / issue.md
Last active August 6, 2018 15:35
Demo UAA for cloud.gov

The stated rationale for this project are:

Authenticating with cloud.gov can be challenging when developing an app:

  • It can be difficult or impossible to log in as multiple different users to manually test your application's functionality.
  • If you're offline or on a spotty internet connection, authenticating with cloud.gov may be challenging.
  • Because logging into cloud.gov usually involves 2 factor authentication, logging in can be slow and cumbersome, which can slow down development.
  • Registering the client ID, client secret, and callback URL in cloud.gov requires creating new identity providers, and you may want a lighter-weight approach for development.
  • Debugging problems with the OAuth2 handshake can be difficult because you don't have much visibility into cloud.gov's internal state.
  • The fake UAA is intended to solve these problems by making it easy to host your own UAA server on your local system. The simplicity of its implementation and its debugging messages allow developer
@pburkholder
pburkholder / notes.md
Last active August 1, 2018 15:21
Working with Vaadin framework and Oracle on cloud.gov

I'm working in R.H. to get the Vaadin framework on cloud.gov to work with cloud.gov and oracleDB.

What we have:

  • cloud.gov + spring-music + postgres = works
  • cloud.gov + spring-music + oracle = works
  • cloud.gov + vaadinApp + jboss buildpack + H2 = works
  • cloud.gov + vaadinApp + jboss buildpack + postgres != works
    • I thought it worked but in fact it was just falling back to H2
  • cloud.gov + vaadinApp + jboss buildpack + oracle != works