simbo1905

#!/bin/sh
# Helmfile on MacOS
brew install helm
helm plugin install https://github.com/databus23/helm-diff
helm plugin install https://github.com/futuresimple/helm-secrets
brew install helmfile
brew install gnu-getopt

simbo1905

#!/bin/bash

oc get secrets | md5sum > /tmp/secrets.md5

simbo1905

My Openshift Cheatsheet

Examine the cluster quota defined for the environment:

$ oc describe AppliedClusterResourceQuota

Install pkgs using yum in a Dockerfile

simbo1905

fork the botkit slack starter repo

open https://github.com/howdyai/botkit-starter-slack

create a node.js app from your fork on openshift.com

open openshift.com

register a bot on api.slack.com

simbo1905

Use GPG 2.0.22 to decrypt an .env file at start up within an OpenShift s2i image

First, let's generate a strong passphrase to protect the private key. As we are being git driven we do this inside our environment repo:

# ensure that we don't accidentally publish the passphrase to the key
echo passphrase >> .gitignore
git add .gitignore
git commit -m "ignore passphrase"
# generate a random passphrase

simbo1905

npm WARN notice [SECURITY] open has the following vulnerability: 1 critical. Go here for more details: https://nodesecurity.io/advisories?search=open&version=0.0.5 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] macaddress has the following vulnerability: 1 critical. Go here for more details: https://nodesecurity.io/advisories?search=macaddress&version=0.2.8 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.

npm WARN notice [SECURITY] webpack-dev-server has the following vulnerability: 1 high. Go here for more details: https://nodesecurity.io/advisories?search=webpack-dev-server&version=1.16.2 - Run `npm i npm@latest -g` to upgrade your npm version, and then `npm audit` to get more info.
npm WARN notice [SECURITY] react-dev-utils has the following vulnerability: 1 high. Go here for more details: https://nodesecurity.io/advisories?search=react-dev-utils&version=0.5.2 - Run `npm i npm@latest 

simbo1905

Arne,

Thanks for your candid email. I appreciate it.

I am encouraged by the fact that you had AES-128 encrypted data my card payment details. Yet it the fact that 
you don't know whether the key was stolen means that we need to assume it was. 

What I am concerned about is that you don't need to actually ever store card details if you use the latest 
payments technology. Holding  "card on file" is a legacy technique. The modern approach given GDPR liability 
is to not hold the card details but an encrypted card token. Your card acquirer gateway can then hold the 

simbo1905

#!/bin/sh -e

if [[ ! -z ${DB_HOST_LIST} ]]; then
    echo "Selecting DB_HOST from ${DB_HOST_LIST}"
    SELECT_LIST_SEPERATOR=","
    SELECT_ARRAY=( ${DB_HOST_LIST//$SELECT_LIST_SEPERATOR/ } )
    export DB_HOST="${SELECT_ARRAY[$RANDOM % ${#SELECT_ARRAY[@]}]}"
    echo "DB_HOST=${DB_HOST}"
fi

simbo1905

version: 2.0
jobs:
  build:
    docker:
      - image: "registry.access.redhat.com/rhscl/php-71-rhel7:latest"
    steps:
      - checkout:
          path: /tmp/src/

      # Download and cache dependencies

simbo1905

when should a pod run multiple containers and how would container failures be handled?

The kubernetes docs allow for multiple containers in a pod. When might this be a good idea and how are failures handled?