This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Originally found on - http://earthwithsun.com/questions/313650/resume-zsh-terminal-os-x-lion | |
# Tell the terminal about the working directory whenever it changes. | |
if [[ "$TERM_PROGRAM" == "Apple_Terminal" ]] && [[ -z "$INSIDE_EMACS" ]]; then | |
update_terminal_cwd() { | |
# Identify the directory using a "file:" scheme URL, including | |
# the host name to disambiguate local vs. remote paths. | |
# Percent-encode the pathname. | |
local URL_PATH='' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Mosh uses udp range 60000 - 61000. Just allow 60000 alone for added security | |
-A INPUT -p udp -m multiport --dports 60000:61000 -j ACCEPT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Script to clone repos from github and invoke ShiftLeft Scan | |
# You should have added your ssh public key to GitHub and have read access | |
# Create a PAT token for GitHub and store it as GITHUB_TOKEN env variable | |
CURR_DIR=$(pwd) | |
mkdir -p reports_dir | |
mkdir -p work_dir && cd work_dir | |
# Get the latest scan image | |
docker pull shiftleft/scan |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# -*- coding: utf-8 -*- | |
from pathlib import Path | |
import json | |
# pip install jinja2 | |
from jinja2 import Template | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# This script invokes Shiftleft Inspect on the current directory | |
{ # Prevent execution if this script was only partially downloaded | |
check_app_dir() { | |
if [ "$(pwd)" == "$HOME" ]; then | |
echo Please run this command from within the application directory and not from your HOME directory | |
exit 1 | |
fi | |
} | |
download() { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
data "github_repository" "poc" { | |
full_name = var.poc_repo | |
} | |
// Create secrets in a single poc repo | |
resource "github_actions_secret" "my_secret" { | |
repository = data.github_repository.poc.name | |
secret_name = "SECRET_KEY" | |
plaintext_value = var.secret_value | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
data "github_repositories" "java_ms_template" { | |
query = "org:${var.organization} language:java topic:microservice topic:template" | |
} | |
resource "github_repository" "new_ms" { | |
name = "new-java-microservice" | |
description = "New Java Microservice" | |
private = true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
deployment |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
label: | |
types: [created] | |
steps: | |
- name: Analyze with NG SAST | |
if: ${{ contains(github.context.payload.pull_request.labels.*.name, 'Ready for AppSec') }} | |
run: | | |
sl analyze --app ShiftLeftHSLGo14 --tag branch=${GITHUB_REF} --go --cpg $(pwd) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
resource "bitbucket_branch_restriction" "master" { | |
owner = "myteam" | |
repository = "terraform-shiftleft" | |
# force, restrict_merges, enforce_merge_checks, allow_auto_merge_when_builds_pass, require_passing_builds_to_merge | |
kind = "push" | |
# feature/*, release/* | |
pattern = "master" | |
} |
OlderNewer