Skip to content

Instantly share code, notes, and snippets.

View timja's full-sized avatar

Tim Jacomb timja

151 followers · 2 following
View GitHub Profile
@timja
timja / rename the repos
Last active July 22, 2018 20:42
Rename moj repos to cnp
{"query":"{\n search(last: 100, type: REPOSITORY, query: \"user:hmcts moj\") {\n nodes {\n ... on Repository {\n name\n }\n }\n repositoryCount\n }\n}\n","variables":{},"operationName":null}
@timja
timja / jenkins-dump-credentials.groovy
Last active November 22, 2024 16:29
Dump jenkins credentials - use in script console
import com.cloudbees.plugins.credentials.*
import com.cloudbees.plugins.credentials.common.*
import com.cloudbees.plugins.credentials.domains.*
import com.cloudbees.plugins.credentials.impl.*
import com.cloudbees.jenkins.plugins.sshcredentials.impl.*
import org.jenkinsci.plugins.plaincredentials.impl.*
// def item = Jenkins.instance.getItem("your-folder")
@timja
timja / az-keyvault-full-permissions
Last active December 13, 2018 16:05
az keyvault full permissions
#
# Usage: ./az-keyvault-full-permissions <vault-name> John.Smith@example.com
# Ensure your account is in the right subscription
az keyvault set-policy --name $1 --secret-permissions backup delete get list purge recover restore set --certificate-permissions create delete deleteissuers get getissuers import --key-permissions backup create decrypt delete encrypt get import list purge recover restore sign unwrapKey update verify wrapKey --upn $2
@timja
timja / copy-from-old-to-new-keyvault
Last active October 10, 2019 10:05
dump and copy to new keyvault
#!/bin/bash
set -e
old_vault_name=$1
new_vault_name=$2
for file in $old_vault_name/*
do
echo $file | cut -d '/' -f 2 | xargs -n1 -I % sh -c 'az keyvault secret set --vault-name '${new_vault_name}' --name '%' --value $(cat '$file')'
done
@timja
timja / kano-motion-sensor-spotify.py
Created December 2, 2018 15:21
import serial
import json
import time
import osascript
s = serial.Serial('/dev/cu.usbmodem14201')
while True:
data = json.loads(s.readline())
proximity = (data['detail']['proximity'])
@timja
timja / reload-jcasc.groovy
Created February 1, 2019 16:28
Reload JCASC
stage("Reload") {
sh "curl -fsSLO ${JENKINS_URL}jnlpJars/jenkins-cli.jar"
withCredentials([usernamePassword(credentialsId: 'jenkins-remoting', passwordVariable: 'JENKINS_API_TOKEN', usernameVariable: 'JENKINS_USER_ID')]) {
sh "java -jar jenkins-cli.jar -s ${JENKINS_URL} reload-jcasc-configuration"
}
archiveArtifacts artifacts: 'dist/**', fingerprint: true, onlyIfSuccessful: true
}
@timja
timja / platform-fourth-wall.json
Last active October 29, 2019 09:31
platform-fourth-wall.json
[
{
"userName": "hmcts",
"repo": "draft-store"
},
{
"userName": "hmcts",
"repo": "rpe-pdf-service"
},
{
@timja
timja / dump-vault
Created February 26, 2019 13:12
dump-vault
#!/bin/bash
vault_name=$1
mkdir -p ${vault_name}
az keyvault secret list --vault-name ${vault_name} -o tsv --query [].id | cut -d '/' -f 5 | xargs -n1 -I % sh -c "az keyvault secret show --vault-name ${vault_name} --name % -o tsv --query value > ${vault_name}/%"
@timja
timja / white-list-registry-policy.rego
Created May 23, 2019 06:35
white-list-registry-policy
package admission
import data.k8s.matches
###############################################################################
#
# Policy : Container image name check if it matches the whitelisted patterns
# e.g. should be from an organization registry.
#
###############################################################################
@timja
timja / key-vault-copy-cert-to-different-vault
Last active October 21, 2019 12:42
copy cert between keyvault
#!/bin/bash
SRC_SECRET_NAME=${1}
SRC_VAULT=${2}
DEST_VAULT=${3}
DEST_SECRET_NAME=${4}
CERTIFICATE_NAME=${1}
function usage() {
echo "usage: ./key-vault-copy-cert-to-different-vault <src-secret-name> <src-vault> <dest-vault> <dest-secret-name>"