cognitiaclaeves

def parse_sysargs_to_cmd():

    # Try to reconstruct a reasonable facsimile to the argument that was passed to python
    #     after shell processing ... 

    args_source = list(sys.argv)
    new_args_list = []

    always_quote_after = ['^--inc', '^--exc']
    replace_with_vars = {

cognitiaclaeves

# based on https://stackoverflow.com/questions/38270609/can-i-search-existing-iam-policies-for-a-specific-action
#          https://www.learnaws.org/2021/05/12/aws-iam-boto3-guide/

import boto3, json, sys

iam = boto3.client('iam')


def write_policy(policy_arn):

cognitiaclaeves

# $proj/acg-cf-rt-log/assume-policy.json
# Note: Do not include this comment or preceding whitespace
# Or TF wont treat the contents as valid JSON

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {

cognitiaclaeves

code_quality:
  extends: compeat_code_quality
  variables:
    SOURCE_CODE: '.'
  rules:
    # Run if $CI_MERGE_REQUEST_ID -- unless for branch explicitly listed
    - if: $CI_COMMIT_BRANCH == 'master' && $APP == null
    - if: $CI_MERGE_REQUEST_ID && $CI_MERGE_REQUEST_TARGET_BRANCH_NAME !~  /^(devops-master|devops_testing|devops-new-pipeline)$/

# This seems to fail to even generate html file ... 

cognitiaclaeves

variable "data_bucket_map" {
  type = map(any)
  default = {
    db_connections       = { prod_bkt = "company-prod-db-connections"
                             dr_bkt = "company-dr-db-connections"
                             noncurrent_retention = {
                               days = 30
                               id = "expire-prior-after-30-days"                              
                             }
                             current_retention = []

cognitiaclaeves

resource "aws_s3_bucket" "dr_data_buckets" {
  provider = aws.company_dr
  for_each = var.data_bucket_map
  bucket = var.data_bucket_map[each.key].dr_bkt
  acl    = "private"

  # versioning needed for replication
  versioning {
    enabled = true
  }

cognitiaclaeves

[WARN] An unexpected error occurred during analysis of '/Users/jae/gitrepo/bitwarden-serverless/package-lock.json' (Node.js Package Analyzer): class org.glassfish.json.JsonObjectBuilderImpl$JsonObjectImpl cannot be cast to class javax.json.JsonString (org.glassfish.json.JsonObjectBuilderImpl$JsonObjectImpl and javax.json.JsonString are in unnamed module of loader 'app')
[INFO] Finished Node.js Package Analyzer (1 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Created CPE Index (4 seconds)
[INFO] Skipping CPE Analysis for npm
[INFO] Finished CPE Analyzer (4 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)

cognitiaclaeves

$ kubectl create -f traits-api-ds.yml
replicationcontroller "traits-api" created
You have exposed your service on an external port on all nodes in your
cluster.  If you want to expose this service to the external internet, you may
need to set up firewall rules for the service port(s) (tcp:30500) to serve traffic.

See http://releases.k8s.io/release-1.2/docs/user-guide/services-firewalls.md for more details.
service "traits" created

cognitiaclaeves

group_vars/sandwich-servers/vars:

sandwich_svc_key_ansible = vault_sandwich_svc_key_ansible
sandwich_svc_key_2 = { vault_sandwich_svc_key_2 }
sandwich_svc_key_3 = {{ vault_sandwich_svc_key_3 }}

group_vars/sandwich-servers/vault:

vault_sandwich_svc_key_ansible = '_ansible'
vault_sandwich_svc_key_2 = '2'

cognitiaclaeves

apiVersion: v1
kind: ReplicationController
metadata:
  name: kube-dns-v11
  namespace: kube-system
  labels:
    k8s-app: kube-dns
    version: v11
    kubernetes.io/cluster-service: "true"
spec: