Skip to content

Instantly share code, notes, and snippets.

View garethr's full-sized avatar

Gareth Rushgrove garethr

901 followers · 11 following
View GitHub Profile
@garethr
garethr / differences.md
Last active September 11, 2019 09:01
Snyk and NPM audit comparison

NPM audit reports:

found 13 vulnerabilities (9 low, 1 moderate, 1 high, 2 critical) in 3756 scanned package

Snyk test (with the --dev flag) reports:

Tested 731 dependencies for known issues, found 11 issues, 17 vulnerable paths.
@garethr
garethr / count.sh
Created August 27, 2019 06:59
Looking at usage of kubectl commands
#!/bin/bash
declare -a commands=(
create
expose
run
set
explain
get
@garethr
garethr / azure-policy-schema.json
Created August 16, 2019 10:58
{
"id":"https://schema.management.azure.com/schemas/2018-05-01/policyDefinition.json#",
"$schema":"http://json-schema.org/draft-04/schema#",
"title":"Policy Definition",
"description":"This schema defines Azure resource policy definition, please see https://azure.microsoft.com/en-us/documentation/articles/resource-manager-policy/ for more details.",
"type":"object",
"properties":{
"if":{
"oneOf":[
{
@garethr
garethr / kubernetes.rego
Last active June 23, 2025 13:04
Collecting together Kubernetes rego examples, including porting the https://kubesec.io rules to rego
package kubernetes
name = input.metadata.name
kind = input.kind
is_service {
kind = "Service"
}
@garethr
garethr / Dockerfile
Created July 17, 2019 09:25
Use Snyk in a Docker build stage
FROM python:3.7-alpine3.8 AS parent
WORKDIR /app
RUN pip3 install pipenv
FROM parent AS base
COPY Pipfile /app/
COPY Pipfile.lock /app/
@garethr
garethr / load_snyk_db.py
Created June 30, 2019 16:45
An example using the new Python Snky API client to populate a sqlite database for use for datasette
#!/bin/env python3
"""
This script provides a basic example of using the pysnyk Snyk API client
to populate a SQLite database, currently with a list of organizations,
members, projects, vulnerabilies and dependencies.
This is particularly useful combined with datasette, which provides a
handy interface for exploring the data.
@garethr
garethr / snyk.rb
Created May 25, 2019 17:15
Snyk homebrew formula
class Snyk < Formula
desc "Find & fix known vulnerabilities in open-source dependencies"
homepage "https://github.com/snyk/snyk"
url "https://github.com/snyk/snyk/releases/download/v1.167.2/snyk-macos"
version "1.167.2"
sha256 "0d3990873060d9bb7acce02e8971ef3abb969c9207264fce1183dfc98e637605"
def install
mv "snyk-macos", "snyk"
bin.install "snyk"
@garethr
garethr / 0-README.md
Last active February 10, 2019 17:00

A sample test run using the pycnab testing example against the current example bundles.

Summarising:

  • 49 failures and 12 passed
  • 17 of 20 bundle.json files are invalid according to pycnab
  • 12 of 20 bundle.json files are invalid according to the JSON Schema
  • 20 of 20 cnab directories are invalid
@garethr
garethr / bom.json
Created January 13, 2019 18:53
Docker Assemble bill of materials
{
"build": [
{
"base-image": "docker.io/library/maven:3-jdk-10-slim@sha256:66e3ec42ecb6ebba503fb9f684f1def49ce9045058533f4d27873942b61774a6",
"packages": {
"deb": {
"adduser": {
"version": "3.118"
},
"apt": {
@garethr
garethr / survey.md
Created January 8, 2019 14:43
Feedback on Python API

I'm writing a Python library, and trying to decide on a specific, top level, API. Basically is it nicer to pass a list of objects or just pass a dict?

Option 1:

method(credentials=[
    Credential(name="something", value="something else")  
])