Skip to content

Instantly share code, notes, and snippets.

View johnfosborneiii's full-sized avatar

John Osborne johnfosborneiii

16 followers · 3 following
View GitHub Profile
@johnfosborneiii
johnfosborneiii / search-artifacthub.sh
Created October 27, 2022 20:05
#!/bin/bash
COSIGN_FILE=$(mktemp -q XXXXXX.json)
printf '\n'
printf '===============================================================\n'
printf '=== Searching artifacthub.io for artifacts signed by cosign ===\n'
printf '===============================================================\n'
printf '\n'
@johnfosborneiii
johnfosborneiii / vuln-cve-2022-xxxx-openssl.cue
Last active March 14, 2023 16:49
import (
"encoding/json"
)
#Predicate: {
Data: string
Timestamp: string
}
#ExternalRefs: {
@johnfosborneiii
johnfosborneiii / spdx-23-osi-approved-package-license
Created December 5, 2022 16:11
import (
"encoding/json"
"strings"
"list"
)
#SPDXLicenses: {
licenseListVersion: "3.19"
licenses: [{
reference: "https://spdx.org/licenses/0BSD.html"
isDeprecatedLicenseId: false
@johnfosborneiii
johnfosborneiii / check-vulns.cue
Created April 2, 2023 02:25
import (
"encoding/json"
"strings"
"list"
"tool/http"
)
#Predicate: {
Data: string
Timestamp: string
...
@johnfosborneiii
johnfosborneiii / helpful-bash-scripts-and-one-liners.md
Last active July 25, 2025 14:18

Container Images

Kubernetes

Verify single image

$ cosign verify registry.k8s.io/kube-apiserver-amd64:v1.25.2

Get the download URLs for the latest version of all Wolfi packages

https://github.com/jonjohnsonjr/apkrane

$ apkrane ls https://packages.wolfi.dev/os/x86_64/APKINDEX.tar.gz --latest --full
@johnfosborneiii
johnfosborneiii / grep-wolfi-pull-requests.sh
Created June 13, 2023 14:06
#!/bin/bash
# Check if the script is being run from within a Git repository
if ! git rev-parse --is-inside-work-tree > /dev/null 2>&1; then
echo "Please run this script from within the Git repository you want to analyze."
exit 1
else
# symbolic reference to avoid ambiguous reference errors
git remote set-head origin -a > /dev/null 2>&1
fi
@johnfosborneiii
johnfosborneiii / gnu-makefile-cheat-sheet.md
Created October 16, 2023 11:50
GNU Makefile Convections Cheat Sheet

GNU Makefile Conventions Cheat Sheet (Based on Section 7.2 of GNU Coding Standards)

General Structure

Standard Targets for Users

  • all: Compile the entire program.
  • install: Compile and copy executables, libraries, etc., to their installation directories.
  • install-html, install-dvi, install-pdf, install-ps: Alternative installations for documentation.
  • uninstall: Delete all installed files.
@johnfosborneiii
johnfosborneiii / ics-to-text.py
Last active April 29, 2024 15:34
#!/usr/bin/env python
# This library requires requests and icalendar
# pip install icalendar
from icalendar import Calendar, Event
from datetime import datetime, timedelta
from pytz import timezone, utc
# Prefix for event summaries
@johnfosborneiii
johnfosborneiii / cg-java-Dockerfile
Created June 24, 2024 09:56
FROM cgr.dev/chainguard/jdk:latest-dev AS chainguard-builder
USER 0
# Add nginx and cosign packages to JRE distroless image
ARG PACKAGES="nginx cosign"
RUN mkdir -p /newroot/etc && \
cp -a /etc/apk /newroot/etc && \
apk update && \
apk add --no-cache --initdb --root /newroot $PACKAGES && \
find /newroot -mindepth 1 -maxdepth 1 -type d \( ! -name usr -a ! -name var \) -exec rm -rf {} + && \
@johnfosborneiii
johnfosborneiii / cgr-python-flask-aws-lambda
Created July 3, 2024 19:08
FROM cgr.dev/chainguard-private/python:3.12-dev AS chainguard-builder
USER 0
ARG PACKAGES="cosign"
RUN mkdir -p /newroot/etc && \
cp -a /etc/apk /newroot/etc && \
apk update && \
apk add --no-cache --initdb --root /newroot $PACKAGES && \
find /newroot -mindepth 1 -maxdepth 1 -type d \( ! -name usr -a ! -name var \) -exec rm -rf {} + && \
rm -rf /newroot/usr/share* && \