Skip to content

Instantly share code, notes, and snippets.

View developer-guy's full-sized avatar
🐾
Every artifact can be verifiably traced to Source Code and Hardware

Batuhan Apaydın developer-guy

🐾
Every artifact can be verifiably traced to Source Code and Hardware
896 followers · 1.7k following
View GitHub Profile
@developer-guy
developer-guy / serve.go
Created November 6, 2020 18:53 — forked from paulmach/serve.go
Simple Static File Server in Go
/*
Serve is a very simple static file server in go
Usage:
-p="8100": port to serve on
-d=".": the directory of static files to host
Navigating to http://localhost:8100 will display the index.html or directory
listing file.
*/
package main
@developer-guy
developer-guy / index.js
Created November 4, 2020 08:22 — forked from Deborah-Digges/index.js
src/index.js for github action
const core = require('@actions/core');
const github = require('@actions/github');
async function run() {
try {
const accessToken = core.getInput('access-token');
const message = core.getInput('message');
const payload = github.context.payload;
const githubClient = github.getOctokit(accessToken);
@developer-guy
developer-guy / restricted-psp-rbac.yaml
Created November 4, 2020 07:56 — forked from shazadbrohi/restricted-psp-rbac.yaml
A set of RBAC resources to enforce the restricted psp across all service accounts
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: restricted-cluster-role
rules:
- apiGroups:
- policy
resourceNames:
- restricted-psp
resources:
@developer-guy
developer-guy / restricted-psp.yaml
Created November 4, 2020 07:53 — forked from shazadbrohi/restricted-psp.yaml
A restricted pod security policy
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: my-restricted-psp
spec:
privileged: false
# Required to prevent escalations to root.
allowPrivilegeEscalation: false
# Allow core volume types.
volumes:
@developer-guy
developer-guy / gitlab-container-scanning.md
Created November 2, 2020 18:14 — forked from saidsef/gitlab-container-scanning.md
Container Security: GitLab Trivy Container Scanning

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI.

It is considered to be used in CI. Before pushing to a container registry, you can scan your local container image easily.

Most of my Docker images are Alpine based. Trivy uses better vulnerability data for Alpine compared to Clair.

This can be easily plugged in to you CI/CD pipeline - in the scenario we we allow the pipeline to fail, the objective here is to provide visibility.

@developer-guy
developer-guy / README-badges.md
Created October 31, 2020 18:50 — forked from tterb/README-badges.md
A collection of README badges

Badges

License

MIT License GPLv3 License AGPL License

Version

Version GitHub Release

@developer-guy
developer-guy / envoy.config.yaml
Created October 28, 2020 09:06 — forked from srenatus/envoy.config.yaml
admin:
access_log_path: /dev/stdout
address:
socket_address: { address: 0.0.0.0, port_value: 9901 }
static_resources:
listeners:
- name: listener1
address:
socket_address: { address: 0.0.0.0, port_value: 51051 }
@developer-guy
developer-guy / golang-tls.md
Created October 27, 2020 14:01 — forked from denji/golang-tls.md
Simple Golang HTTPS/TLS Examples

Moved to git repository: https://github.com/denji/golang-tls

Generate private key (.key)
# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" ≥ secp384r1
# List ECDSA the supported curves (openssl ecparam -list_curves)
@developer-guy
developer-guy / initContainer_main.go
Created October 21, 2020 11:27 — forked from velotiotech/initContainer_main.go
package main
import (
"bytes"
cryptorand "crypto/rand"
"crypto/rsa"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"fmt"
@developer-guy
developer-guy / createConfig.go
Created October 21, 2020 11:26 — forked from velotiotech/createConfig.go
package main
import (
"bytes"
admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"os"
ctrl "sigs.k8s.io/controller-runtime"
)