Skip to content

Instantly share code, notes, and snippets.

View tgerla's full-sized avatar

Tim Gerla tgerla

74 followers · 27 following
View GitHub Profile
@tgerla
tgerla / grype-kube-manifests.sh
Last active March 22, 2024 00:46
Run a Grype scan on all images referenced in a Kubernetes manifest
#!/bin/bash
#
# Requires: jq, yq, grype, sed
# Check if a file path is provided as a command-line argument
if [ "$#" -ne 1 ]; then
echo "Usage: $0 path/to/your/deployment.yaml"
exit 1
fi
@tgerla
tgerla / gist:c88fee909b01ea8c677054675f923b55
Created September 12, 2023 11:37
tgerla@Timothys-MacBook-Pro-2 grype % grype -q alpine:3.7 -o json | go run cmd/grype/main.go explain --id CVE-2022-48174
CVE-2022-48174 from nvd:cpe (Critical)
There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.
Matched packages:
- Package: busybox, version: 1.27.2-r11
PURL: pkg:apk/alpine/busybox@1.27.2-r11?arch=aarch64&distro=alpine-3.7.3
Match explanation(s):
- nvd:cpe:CVE-2022-48174 CPE match on `cpe:2.3:a:busybox:busybox:1.27.2-r11:*:*:*:*:*:*:*`.
Locations:
- /lib/apk/db/installed
@tgerla
tgerla / newsobserver-nuisance-block.txt
Created July 12, 2018 16:56
! 7/12/2018, 11:43:10 AM https://www.newsobserver.com/news/politics-government/article214685620.html
www.newsobserver.com###newsletter-signUpWidget
! 7/12/2018, 11:43:45 AM https://www.newsobserver.com/news/politics-government/article214685620.html
www.newsobserver.com###player-210759034-1531403234422_html5_api
! 7/12/2018, 11:44:04 AM https://www.newsobserver.com/news/politics-government/article214685620.html
www.newsobserver.com##.video.lead-item
! 7/12/2018, 11:44:48 AM https://www.newsobserver.com/news/politics-government/article214685620.html
@tgerla
tgerla / gist:46360b789ed231aedd045867934e4fd7
Created August 31, 2017 15:22
Total household income in 2011: $13T (https://www.bizjournals.com/bizjournals/on-numbers/scott-thomas/2012/12/nations-total-personal-income.html)
Number of families in the United States (2011): 118M (https://www.statista.com/statistics/183635/number-of-households-in-the-us/)
13,000,000,000,000/118,000,000 = $110,170
@tgerla
tgerla / gist:7626ea3edbaf564b0174
Created November 17, 2015 14:37
Beginning with Ansible Tower version 2.4, the behavior for Job Template extra variables and Survey variables has changed. Previously, variables set using a Survey overrode any extra variables specified in the Job Template. In 2.4 and later, the Job Template extra variables dictionary is merged with the Survey variables. This may result in a change of behavior upon upgrading to 2.4.
@tgerla
tgerla / gist:9781c85294b99f6c022a
Created November 11, 2015 15:26
- name: this thing runs locally
command: echo hello world
delegate_to: localhost
run_once: true
@tgerla
tgerla / example_playbook.yml
Created October 22, 2015 18:56
Simple aplybook example
# Example Playbook for ACLs
---
- hosts: all
connection: local
vars:
force: "false"
vars_prompt:
@tgerla
tgerla / gist:a130489be10e46f66d12
Created September 29, 2015 13:51
if self.zabbix_server and self.zabbix_username:
api = ZabbixAPI(server=self.zabbix_server)
api.login(user=self.zabbix_username, password=self.zabbix_password)
if self.options.host:
data = self.get_host(api, self.options.host)
print(json.dumps(data, indent=2))
@tgerla
tgerla / test-azure.py
Created September 18, 2015 20:01
import azure as windows_azure
from azure import WindowsAzureError, WindowsAzureMissingResourceError
from azure.servicemanagement import (ServiceManagementService, OSVirtualHardDisk, SSH, PublicKeys,
PublicKey, LinuxConfigurationSet, ConfigurationSetInputEndpoints,
ConfigurationSetInputEndpoint, Listener, WindowsConfigurationSet)
@tgerla
tgerla / gist:926044145d87c95a1699
Created September 15, 2015 17:39
---
- hosts: all
gather_facts: false
tasks:
- name: gather facts with a custom local facts path
setup: fact_path=/path/to/my/facts/stuff