simbo1905

version: 2.0
jobs:
  build:
    docker:
      - image: "registry.access.redhat.com/rhscl/php-71-rhel7:latest"
    steps:
      - checkout:
          path: /tmp/src/

      # Download and cache dependencies

simbo1905

Arne,

Thanks for your candid email. I appreciate it.

I am encouraged by the fact that you had AES-128 encrypted data my card payment details. Yet it the fact that 
you don't know whether the key was stolen means that we need to assume it was. 

What I am concerned about is that you don't need to actually ever store card details if you use the latest 
payments technology. Holding  "card on file" is a legacy technique. The modern approach given GDPR liability 
is to not hold the card details but an encrypted card token. Your card acquirer gateway can then hold the 

simbo1905

npm WARN notice [SECURITY] open has the following vulnerability: 1 critical. Go here for more details: https://nodesecurity.io/advisories?search=open&version=0.0.5 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] macaddress has the following vulnerability: 1 critical. Go here for more details: https://nodesecurity.io/advisories?search=macaddress&version=0.2.8 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.

npm WARN notice [SECURITY] webpack-dev-server has the following vulnerability: 1 high. Go here for more details: https://nodesecurity.io/advisories?search=webpack-dev-server&version=1.16.2 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] react-dev-utils has the following vulnerability: 1 high. Go here for more details: https://nodesecurity.io/advisories?search=react-dev-utils&version=0.5.2 - Run `npm i npm@latest 

simbo1905

Use GPG 2.0.22 to decrypt an .env file at start up within an OpenShift s2i image

First, let's generate a strong passphrase to protect the private key. As we are being git driven we do this inside our environment repo:

# ensure that we don't accidentally publish the passphrase to the key
echo passphrase >> .gitignore
git add .gitignore
git commit -m "ignore passphrase"
# generate a random passphrase

simbo1905

My Openshift Cheatsheet

Examine the cluster quota defined for the environment:

$ oc describe AppliedClusterResourceQuota

Install pkgs using yum in a Dockerfile

simbo1905

fork the botkit slack starter repo

open https://github.com/howdyai/botkit-starter-slack

create a node.js app from your fork on openshift.com

open openshift.com

register a bot on api.slack.com

simbo1905

#!/bin/bash

oc get secrets | md5sum > /tmp/secrets.md5

simbo1905

#!/bin/sh
# Helmfile on MacOS
brew install helm
helm plugin install https://github.com/databus23/helm-diff
helm plugin install https://github.com/futuresimple/helm-secrets
brew install helmfile
brew install gnu-getopt

simbo1905

How To

Install bashdb which you can do from source or get from a package manager. On MacOS you can brew install bashdb.

Install Visual Studio Code and the Bash Debug plugin from the marketplace. See this blog article yet I didn't have to do any upgrades of build from source things worked pretty much out of the box after installing bashdb via Homebrew.

Use the debug.sh script in this gist as the entrypoint to be able to step through code.

simbo1905

#!/bin/bash
cat | oc create -f  - <<EOF
---
apiVersion: "v1"
kind: "PersistentVolumeClaim"
metadata:
  name: "config-data-claim"
spec:
  accessModes:
    - "ReadWriteMany"