Skip to content

Instantly share code, notes, and snippets.

Simon Massey simbo1905

View GitHub Profile
View openshift-cheatsheet.md

My Openshift Cheatsheet

Examine the cluster quota defined for the environment:

$ oc describe AppliedClusterResourceQuota

Install pkgs using yum in a Dockerfile

@simbo1905
simbo1905 / how-to-make-a-slack-bot.md
Last active Feb 11, 2019
how to make a botkit slack bot on OpenShift.com
View how-to-make-a-slack-bot.md

fork the botkit slack starter repo

open https://github.com/howdyai/botkit-starter-slack

create a node.js app from your fork on openshift.com

open openshift.com

register a bot on api.slack.com

@simbo1905
simbo1905 / README.md
Last active Dec 31, 2018
Use GPG 2.0.22 to decrypt an .env file at start up within an OpenShift s2i image
View README.md

Use GPG 2.0.22 to decrypt an .env file at start up within an OpenShift s2i image

First, let's generate a strong passphrase to protect the private key. As we are being git driven we do this inside our environment repo:

# ensure that we don't accidentally publish the passphrase to the key
echo passphrase >> .gitignore
git add .gitignore
git commit -m "ignore passphrase"
# generate a random passphrase
@simbo1905
simbo1905 / security-warnings.txt
Created Dec 26, 2018
security warnings for a typical package.json
View security-warnings.txt
npm WARN notice [SECURITY] open has the following vulnerability: 1 critical. Go here for more details: https://nodesecurity.io/advisories?search=open&version=0.0.5 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] macaddress has the following vulnerability: 1 critical. Go here for more details: https://nodesecurity.io/advisories?search=macaddress&version=0.2.8 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] webpack-dev-server has the following vulnerability: 1 high. Go here for more details: https://nodesecurity.io/advisories?search=webpack-dev-server&version=1.16.2 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] react-dev-utils has the following vulnerability: 1 high. Go here for more details: https://nodesecurity.io/advisories?search=react-dev-utils&version=0.5.2 - Run `npm i npm@latest
@simbo1905
simbo1905 / open-letter.txt
Last active Dec 7, 2018
Re: Starwood Guest Reservation Database Security Incident
View open-letter.txt
Arne,
Thanks for your candid email. I appreciate it.
I am encouraged by the fact that you had AES-128 encrypted data my card payment details. Yet it the fact that
you don't know whether the key was stolen means that we need to assume it was.
What I am concerned about is that you don't need to actually ever store card details if you use the latest
payments technology. Holding "card on file" is a legacy technique. The modern approach given GDPR liability
is to not hold the card details but an encrypted card token. Your card acquirer gateway can then hold the
@simbo1905
simbo1905 / run
Created Nov 29, 2018
OKD openshift randomise which database portal host to use for compose.com high availability
View run
#!/bin/sh -e
if [[ ! -z ${DB_HOST_LIST} ]]; then
echo "Selecting DB_HOST from ${DB_HOST_LIST}"
SELECT_LIST_SEPERATOR=","
SELECT_ARRAY=( ${DB_HOST_LIST//$SELECT_LIST_SEPERATOR/ } )
export DB_HOST="${SELECT_ARRAY[$RANDOM % ${#SELECT_ARRAY[@]}]}"
echo "DB_HOST=${DB_HOST}"
fi
@simbo1905
simbo1905 / config.yml
Last active Dec 2, 2018
compile and test php on circleci using redhat openshift s2i image that matches OCP builds
View config.yml
version: 2.0
jobs:
build:
docker:
- image: "registry.access.redhat.com/rhscl/php-71-rhel7:latest"
steps:
- checkout:
path: /tmp/src/
# Download and cache dependencies
@simbo1905
simbo1905 / question.md
Last active Nov 11, 2018
proposed revised devops question
View question.md

when should a pod run multiple containers and how would container failures be handled?

The kubernetes docs allow for multiple containers in a pod. When might this be a good idea and how are failures handled?

@simbo1905
simbo1905 / java-images-broken-in-chrome.java
Last active Nov 6, 2018
This Java code renders the text "Houcine Salma Bendor" as jpg or png it renders differently
View java-images-broken-in-chrome.java
public static final String FORMAT_NAME = "jpg"; // change me to png!
public final static void generateImage(final String text, final String fileNameWithoutExt) throws Exception {
/*
Because font metrics is based on a graphics context, we need to create
a small, temporary image so we can ascertain the width and height
of the final image
*/
BufferedImage img = new BufferedImage(1, 1, BufferedImage.TYPE_INT_ARGB);
@simbo1905
simbo1905 / GnuPG-2.2.md
Last active Feb 28, 2019 — forked from vt0r/GnuPG-2.2.md
Build/install instructions for GnuPG 2.2.x on Centos 7 and similar distros (formerly for 2.1.x)
View GnuPG-2.2.md

GnuPG 2.2.x Build Instructions

Below are my build instructions for GnuPG 2.2.9, released on July 12th, 2018. These instructions are built for a headless Centos 7 LTS server (specificaly the openshift/base-centos7 docker image).

You use the below install script to install GnuPG 2.2.x by running the following commands:

# if you are root in a docker image:
curl -OL "https://gist.githubusercontent.com/simbo1905/ba3e8af9a45435db6093aea35c6150e8/raw/83561e214e36f6556fd6b1ec0a384cf28cb2debf/install-gnupg22.sh" && bash ./install-gnupg22.sh
# else if you need to sudo to do the installs:
You can’t perform that action at this time.