Jonathon Brouse jonbrouse
jonbrouse
/ Jenkinsfile
Created
December 22, 2020 07:23
— forked from jonico/Jenkinsfile
Example for a full blown Jenkins pipeline script with multiple stages, kubernetes templates, shared volumes, input steps, injected credentials, heroku deploy, sonarqube and artifactory integration, Docker containers, multiple Git commit statuses, PR merge vs branch build detection, REST API calls to GitHub deployment API, stage timeouts, stage c…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!groovy | |
| import groovy.json.JsonOutput | |
| import groovy.json.JsonSlurper | |
| def label = "mypod-${UUID.randomUUID().toString()}" | |
| podTemplate(label: label, yaml: """ | |
| spec: | |
| containers: | |
| - name: mvn | |
| image: maven:3.3.9-jdk-8-alpine |
jonbrouse
/ Jenkinsfile
Created
December 22, 2020 07:22
— forked from ysegorov/Jenkinsfile
Jenkinsfile example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env groovy | |
| // https://github.com/freebsd/freebsd-ci/blob/master/scripts/build/build-test.groovy | |
| // http://stackoverflow.com/a/40294220 | |
| // https://JENKINS_HOST/scriptApproval/ - for script approval | |
| import java.util.Date | |
| def isMaster = env.BRANCH_NAME == 'master' | |
| def isDevelop = env.BRANCH_NAME == 'develop' |
jonbrouse
/ AWS access key grep
Created
October 6, 2020 15:03
— forked from hsuh/AWS access key grep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| url - https://aws.amazon.com/blogs/security/a-safer-way-to-distribute-aws-credentials-to-ec2/ | |
| Finding hard-coded credentials in your code | |
| Hopefully you’re excited about deploying credentials to EC2 that are automatically rotated. Now that you’re using Roles, a good security practice would be to go through your code and remove any references to AKID/Secret. We suggest running the following regular expressions against your code base: | |
| Search for access key IDs: (?<![A-Z0-9])[A-Z0-9]{20}(?![A-Z0-9]). In English, this regular expression says: Find me 20-character, uppercase, alphanumeric strings that don’t have any uppercase, alphanumeric characters immediately before or after. | |
| Search for secret access keys: (?<![A-Za-z0-9/+=])[A-Za-z0-9/+=]{40}(?![A-Za-z0-9/+=]). In English, this regular expression says: Find me 40-character, base-64 strings that don’t have any base 64 characters immediately before or after. | |
| If grep is your preferred tool, run a recursive, Perl-compatible search using the following commands |
jonbrouse
/ vpc-flowlog
Created
November 25, 2016 16:21
— forked from brandond/vpc-flowlog
logstash-grok-pattern-vpc-flow-log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # VPC Flow Log fields | |
| # version account-id interface-id srcaddr dstaddr srcport dstport protocol packets bytes start end action log-status | |
| # http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/flow-logs.html#flow-log-records | |
| %{NUMBER:version} %{NUMBER:account-id} %{NOTSPACE:interface-id} %{NOTSPACE:srcaddr} %{NOTSPACE:dstaddr} %{NOTSPACE:srcport} %{NOTSPACE:dstport} %{NOTSPACE:protocol} %{NOTSPACE:packets} %{NOTSPACE:bytes} %{NUMBER:start} %{NUMBER:end} %{NOTSPACE:action} %{NOTSPACE:log-status} |