Skip to content

Instantly share code, notes, and snippets.

View anthisfan's full-sized avatar

anthisfan anthisfan

0 followers · 1 following
View GitHub Profile
@anthisfan
anthisfan / sbom-by-bom.md
Created January 2, 2026 08:21
sbom (bom)
bom を利用して sbom を生成する
(venv) root@k8s-operation-1:~/cks-practice/bom# bom generate spdx-json --image nginx@sha256:8c329d819008c669731d333c44c766c1d9de3492beb03f8fc035bb5ef7081000 --output spdx-nginx.json
INFO bom v0.7.1: Generating SPDX Bill of Materials 
INFO Processing image reference: nginx@sha256:8c329d819008c669731d333c44c766c1d9de3492beb03f8fc035bb5ef7081000 
INFO Reference nginx@sha256:8c329d819008c669731d333c44c766c1d9de3492beb03f8fc035bb5ef7081000 points to a single image 
INFO Generating single image package for nginx@sha256:8c329d819008c669731d333c44c766c1d9de3492beb03f8fc035bb5ef7081000 
INFO Package describes image index.docker.io/library/nginx:8c329d819008c669731d333c44c766c1d9de3492beb03f8fc035bb5ef7081000 
INFO Image manifest lists 7 layers
@anthisfan
anthisfan / sbom-by-trivy.md
Last active January 2, 2026 07:54
sbom (trivy)
trivy を利用して SBOM を生成する
(venv) root@k8s-operation-1:~/cks-practice/trivy# trivy image --format spdx-json --output nginx-spdx.json nginx:latest
2026-01-02T07:42:53Z	INFO	"--format spdx-json" disables security scanning. Specify "--scanners vuln" explicitly if you want to include vulnerabilities in the "spdx-json" report.
2026-01-02T07:42:55Z	INFO	Detected OS	family="debian" version="13.2"
2026-01-02T07:42:55Z	INFO	Number of language-specific files	num=0
(venv) root@k8s-operation-1:~/cks-practice/trivy# cat nginx-spdx.json 
{
  "spdxVersion": "SPDX-2.3",
@anthisfan
anthisfan / checkov-test-dockerfile.md
Created January 2, 2026 06:27
checkov test (Dockerfile)

checkov test

セットアップ
$ pip3 install checkov
テスト用 Dockerfile 作成
@anthisfan
anthisfan / checkov-test-cfn.md
Created January 2, 2026 04:28
checkov test (cloudformation)

checkov test

セットアップ
$ pip3 install checkov
テスト用テンプレート作成
@anthisfan
anthisfan / checkov-test-terraform.md
Last active January 2, 2026 04:07
checkov test (terraform)

checkov test

セットアップ
$ pip3 install checkov
テスト用 TF ファイル作成
@anthisfan
anthisfan / checkov-test-k8s.md
Last active January 2, 2026 03:12
checkov test (k8s-manifest)

checkov test

セットアップ
$ pip3 install checkov
テスト用マニフェスト作成
@anthisfan
anthisfan / tproxy.yaml
Created December 11, 2024 14:46
apiVersion: v1
kind: ConfigMap
metadata:
name: squid-config
data:
squid.conf: |
acl localnet src 0.0.0.1-0.255.255.255
acl localnet src 10.0.0.0/8
acl localnet src 100.64.0.0/10
acl localnet src 169.254.0.0/16
@anthisfan
anthisfan / ratelimit-with-prefix-match.yaml
Last active September 4, 2024 15:42
ratelimit-with-prefix-match.yaml
apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
labels:
argocd.argoproj.io/instance: mistral-appcluster
name: filter-local-ratelimit-svc
namespace: mistral
spec:
configPatches:
- applyTo: HTTP_FILTER
@anthisfan
anthisfan / setup-vnet.sh
Created August 31, 2024 16:33
#!/bin/bash
############################
# 仮想ネットワーク環境作成 #
############################
# +------------------+
# | Host |
# | |
# | +------------+ |
# | | br1 | |
@anthisfan
anthisfan / benchmark_3.md
Last active August 30, 2024 05:12

GoogleCloudEngine Benchmark

目的とか

  • SMT 有効時と無効時のパフォーマンスさについて調査する
  • benchmark_2 の結果を受けて、さらに大量のスレッドで試験を行う
  • 負荷試験モニタを入れて詳細な負荷データを確認できるようにする
  • GOMAXPROCS を 4 に統一し同一条件で試験できるようにする

テスト用コード

  • ゴルーチンを増やして複数スレッドで同処理を行い、その実行時間を計測し表示する