Andy Motta andymotta
andymotta
/ upcoming_rotations.py
Created
October 30, 2017 23:41
Report AWS IAM access keys that require rotation within 45 days to SNS topic (Compliance)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| from botocore.exceptions import ClientError | |
| import datetime | |
| from datetime import date | |
| import os | |
| from ConfigParser import SafeConfigParser | |
| access_file = os.path.join(os.environ['HOME'], '.aws', 'credentials') | |
| access_list = SafeConfigParser() | |
| access_list.read(access_file) |
andymotta
/ scan_add_pub_key.yml
Created
July 31, 2018 00:12
Scan host for public keys then add keys to knows_hosts (ssh)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # path default of known_hosts module is home of the user running the playbook, i.e. $HOME/.ssh/known_hosts | |
| - name: find public key for stash | |
| command: ssh-keyscan "{{ domain }}" | |
| register: pub_key | |
| - name: add public key for stash to known_hosts | |
| known_hosts: | |
| name: "{{ domain }}" | |
| key: "{{ pub_key.stdout }}" |
andymotta
/ clone_or_pull.sh
Last active
August 17, 2018 18:29
Clone or pull git repo in Shell script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| function clone_pull { | |
| DIRECTORY=$(basename "$1" .git) | |
| if [ -d "$DIRECTORY" ]; then | |
| cd "$DIRECTORY" | |
| git pull | |
| cd ../ | |
| else | |
| git clone "$1" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| function hurryup () { | |
| until ssh -o ConnectTimeout=2 "$1"@"$2" | |
| do sleep 1 | |
| done | |
| } | |
| hurryup root "10.10.0.3" | |
| # -o ConnectTimeout=2 is a slightly hacky way of getting around not responding to network packets, | |
| # reporting ssh: connect to host 10.10.0.3 port 22: Operation timed out until it's responsive. |
andymotta
/ remote_state.tf
Created
December 28, 2018 18:05
Parameterize Terraform remote state (AWS)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| data "aws_caller_identity" "current" {} | |
| resource "aws_s3_bucket" "terraform_state" { | |
| bucket = "${data.aws_caller_identity.current.account_id}-tfstate" | |
| versioning { | |
| enabled = true | |
| } | |
| policy = <<POLICY | |
| { | |
| "Version": "2012-10-17", |
andymotta
/ Jenkinsfile.groovy
Created
December 28, 2018 21:26
Use Terraform latest docker image in Declarative Jenkins Pipeline
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pipeline { | |
| agent { | |
| docker { | |
| image 'hashicorp/terraform:latest' | |
| label 'LINUX-SLAVE' | |
| args '--entrypoint="" -u root -v /opt/jenkins/.aws:/root/.aws' | |
| } | |
| } | |
| options { | |
| ansiColor('xterm') |
andymotta
/ getEventValues.groovy
Created
March 11, 2019 18:22
Event-driven Cloudbees Operations Center Pipeline to run Terraform code with Marker file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def call () { | |
| def map = [:] | |
| def causeClass = currentBuild?.getBuildCauses()[0]?._class | |
| if(causeClass == "com.cloudbees.jenkins.plugins.pipeline.events.EventTriggerCause") { | |
| // This run was triggered by an event and not by a person | |
| map = [ | |
| event: currentBuild?.getBuildCauses()[0]?.event?.event?.toString(), | |
| action: currentBuild?.getBuildCauses()[0]?.event?.action?.toString(), | |
| awsprofile: currentBuild?.getBuildCauses()[0]?.event?.awsprofile?.toString(), | |
| tfver: currentBuild?.getBuildCauses()[0]?.event?.tfver?.toString(), |
andymotta
/ microservices.yaml
Last active
April 24, 2020 01:01
Kubernetes: Deploy Microservices under the nginx-ingress controller
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: product-web | |
| spec: | |
| type: ClusterIP | |
| selector: | |
| app: product-web | |
| ports: | |
| - protocol: TCP |
andymotta
/ cloudformation.groovy
Created
April 4, 2019 01:58
Declarative Jenkins Pipeline Cloudformation Release Stage
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| stage ('Release') { | |
| steps { | |
| script { | |
| def apply = true | |
| def status = null | |
| try { | |
| status = sh(script: "aws cloudformation describe-stacks --stack-name WEBAPP-${STACK_ENV} \ | |
| --query Stacks[0].StackStatus --output text --profile ${PROFILE}", returnStdout: true) | |
| apply = true | |
| } catch (err) { |
andymotta
/ update_confluence.py
Created
April 10, 2019 19:42
Update/create a page containing a table w/ Confluence REST API
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ''' | |
| Update/create a page containing a table w/ Confluence REST API | |
| ''' | |
| import requests | |
| import json | |
| # Get api credentials from local config file |