Skip to content

Instantly share code, notes, and snippets.

Simon Massey simbo1905

Block or report user

Report or block simbo1905

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@simbo1905
simbo1905 / HowTo.md
Created Apr 27, 2019
debug git-secret using bashdb and visual studio code
View HowTo.md

How To

Install bashdb which you can do from source or get from a package manager. On MacOS you can brew install bashdb.

Install Visual Studio Code and the Bash Debug plugin from the marketplace. See this blog article yet I didn't have to do any upgrades of build from source things worked pretty much out of the box after installing bashdb via Homebrew.

Use the debug.sh script in this gist as the entrypoint to be able to step through code.

@simbo1905
simbo1905 / helmfile-macos.sh
Created Apr 22, 2019
installl helmfile on macOS
View helmfile-macos.sh
#!/bin/sh
# Helmfile on MacOS
brew install helm
helm plugin install https://github.com/databus23/helm-diff
helm plugin install https://github.com/futuresimple/helm-secrets
brew install helmfile
brew install gnu-getopt
@simbo1905
simbo1905 / ocd-pre-apply-hook
Created Apr 12, 2019
md5 hash secrets to detect when to bounce apps
View ocd-pre-apply-hook
#!/bin/bash
oc get secrets | md5sum > /tmp/secrets.md5
View openshift-cheatsheet.md

My Openshift Cheatsheet

Examine the cluster quota defined for the environment:

$ oc describe AppliedClusterResourceQuota

Install pkgs using yum in a Dockerfile

@simbo1905
simbo1905 / how-to-make-a-slack-bot.md
Last active Feb 11, 2019
how to make a botkit slack bot on OpenShift.com
View how-to-make-a-slack-bot.md

fork the botkit slack starter repo

open https://github.com/howdyai/botkit-starter-slack

create a node.js app from your fork on openshift.com

open openshift.com

register a bot on api.slack.com

@simbo1905
simbo1905 / README.md
Last active Dec 31, 2018
Use GPG 2.0.22 to decrypt an .env file at start up within an OpenShift s2i image
View README.md

Use GPG 2.0.22 to decrypt an .env file at start up within an OpenShift s2i image

First, let's generate a strong passphrase to protect the private key. As we are being git driven we do this inside our environment repo:

# ensure that we don't accidentally publish the passphrase to the key
echo passphrase >> .gitignore
git add .gitignore
git commit -m "ignore passphrase"
# generate a random passphrase
@simbo1905
simbo1905 / security-warnings.txt
Created Dec 26, 2018
security warnings for a typical package.json
View security-warnings.txt
npm WARN notice [SECURITY] open has the following vulnerability: 1 critical. Go here for more details: https://nodesecurity.io/advisories?search=open&version=0.0.5 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] macaddress has the following vulnerability: 1 critical. Go here for more details: https://nodesecurity.io/advisories?search=macaddress&version=0.2.8 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] webpack-dev-server has the following vulnerability: 1 high. Go here for more details: https://nodesecurity.io/advisories?search=webpack-dev-server&version=1.16.2 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] react-dev-utils has the following vulnerability: 1 high. Go here for more details: https://nodesecurity.io/advisories?search=react-dev-utils&version=0.5.2 - Run `npm i npm@latest
@simbo1905
simbo1905 / open-letter.txt
Last active Dec 7, 2018
Re: Starwood Guest Reservation Database Security Incident
View open-letter.txt
Arne,
Thanks for your candid email. I appreciate it.
I am encouraged by the fact that you had AES-128 encrypted data my card payment details. Yet it the fact that
you don't know whether the key was stolen means that we need to assume it was.
What I am concerned about is that you don't need to actually ever store card details if you use the latest
payments technology. Holding "card on file" is a legacy technique. The modern approach given GDPR liability
is to not hold the card details but an encrypted card token. Your card acquirer gateway can then hold the
@simbo1905
simbo1905 / run
Created Nov 29, 2018
OKD openshift randomise which database portal host to use for compose.com high availability
View run
#!/bin/sh -e
if [[ ! -z ${DB_HOST_LIST} ]]; then
echo "Selecting DB_HOST from ${DB_HOST_LIST}"
SELECT_LIST_SEPERATOR=","
SELECT_ARRAY=( ${DB_HOST_LIST//$SELECT_LIST_SEPERATOR/ } )
export DB_HOST="${SELECT_ARRAY[$RANDOM % ${#SELECT_ARRAY[@]}]}"
echo "DB_HOST=${DB_HOST}"
fi
@simbo1905
simbo1905 / config.yml
Last active Dec 2, 2018
compile and test php on circleci using redhat openshift s2i image that matches OCP builds
View config.yml
version: 2.0
jobs:
build:
docker:
- image: "registry.access.redhat.com/rhscl/php-71-rhel7:latest"
steps:
- checkout:
path: /tmp/src/
# Download and cache dependencies
You can’t perform that action at this time.