Skip to content

Instantly share code, notes, and snippets.

View prabhu's full-sized avatar

prabhu prabhu

97 followers · 1 following
View GitHub Profile
@prabhu
prabhu / gist:cbb786d01a85d6924cc8
Created January 27, 2015 19:56
Resume zsh for mac terminal (Tested on Yosemite)
# Originally found on - http://earthwithsun.com/questions/313650/resume-zsh-terminal-os-x-lion
# Tell the terminal about the working directory whenever it changes.
if [[ "$TERM_PROGRAM" == "Apple_Terminal" ]] && [[ -z "$INSIDE_EMACS" ]]; then
update_terminal_cwd() {
# Identify the directory using a "file:" scheme URL, including
# the host name to disambiguate local vs. remote paths.
# Percent-encode the pathname.
local URL_PATH=''
@prabhu
prabhu / gist:509d048561db92195600
Created February 5, 2015 11:32
Iptables rule for mosh
# Mosh uses udp range 60000 - 61000. Just allow 60000 alone for added security
-A INPUT -p udp -m multiport --dports 60000:61000 -j ACCEPT
@prabhu
prabhu / org-scan.sh
Created May 30, 2020 19:20
Script to clone multiple repos from github and invoke ShiftLeft Scan
#!/usr/bin/env bash
# Script to clone repos from github and invoke ShiftLeft Scan
# You should have added your ssh public key to GitHub and have read access
# Create a PAT token for GitHub and store it as GITHUB_TOKEN env variable
CURR_DIR=$(pwd)
mkdir -p reports_dir
mkdir -p work_dir && cd work_dir
# Get the latest scan image
docker pull shiftleft/scan
@prabhu
prabhu / summary.py
Created May 30, 2020 19:28
Script to summarize all ShiftLeft Scan SAST reports
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from pathlib import Path
import json
# pip install jinja2
from jinja2 import Template
@prabhu
prabhu / inspect.sh
Last active June 3, 2020 17:56
Wrapper for ShiftLeft Inspect cli that just works
#!/bin/sh
# This script invokes Shiftleft Inspect on the current directory
{ # Prevent execution if this script was only partially downloaded
check_app_dir() {
if [ "$(pwd)" == "$HOME" ]; then
echo Please run this command from within the application directory and not from your HOME directory
exit 1
fi
}
download() {
@prabhu
prabhu / github-actions-secret-tf
Created July 18, 2020 13:53
Create GitHub actions secret with Terraform
data "github_repository" "poc" {
full_name = var.poc_repo
}
// Create secrets in a single poc repo
resource "github_actions_secret" "my_secret" {
repository = data.github_repository.poc.name
secret_name = "SECRET_KEY"
plaintext_value = var.secret_value
}
@prabhu
prabhu / github-repo-template.tf
Created July 18, 2020 14:01
Create GitHub repository using template
data "github_repositories" "java_ms_template" {
query = "org:${var.organization} language:java topic:microservice topic:template"
}
resource "github_repository" "new_ms" {
name = "new-java-microservice"
description = "New Java Microservice"
private = true
@prabhu
prabhu / github-on-deploy.yml
Created July 18, 2020 14:04
GitHub snippet to perform actions when a deployment is created
on:
deployment
@prabhu
prabhu / github-on-label.yml
Created July 18, 2020 14:05
Snippet to run a command based on the presence of a label
on:
label:
types: [created]
steps:
- name: Analyze with NG SAST
if: ${{ contains(github.context.payload.pull_request.labels.*.name, 'Ready for AppSec') }}
run: |
sl analyze --app ShiftLeftHSLGo14 --tag branch=${GITHUB_REF} --go --cpg $(pwd)
@prabhu
prabhu / bitbucket-branch-protect.tf
Created July 26, 2020 13:46
Terraform snippet for Bitbucket branch protection
resource "bitbucket_branch_restriction" "master" {
owner = "myteam"
repository = "terraform-shiftleft"
# force, restrict_merges, enforce_merge_checks, allow_auto_merge_when_builds_pass, require_passing_builds_to_merge
kind = "push"
# feature/*, release/*
pattern = "master"
}