kmcquade

# .github/workflows/app.yaml
name: My Python Project
on: push

jobs:
  test:
    runs-on: ubuntu-latest
    timeout-minutes: 10

    services:

kmcquade

from __future__ import absolute_import, print_function, unicode_literals
import boto3


def clean_old_lambda_versions():
    client = boto3.client('lambda')
    functions = client.list_functions()['Functions']
    for function in functions:
        versions = client.list_versions_by_function(FunctionName=function['FunctionArn'])['Versions']
        for version in versions:

kmcquade

#!/usr/bin/python3

# ldbdump - dumps LevelDB keys/values
#
# a LevelDB is a dir with files such a these:
# 000050.ldb  000100.log  CURRENT  LOCK  LOG  MANIFEST-000099
#
# sources: https://github.com/tos-kamiya/levelobjdb dump()

import os

kmcquade

#!/bin/bash

# Clone the Firing Range Repository
git clone https://github.com/google/firing-range.git

# Change to 'firing-range' directory
cd firing-range

# Download the AppEngine SDK
wget https://storage.googleapis.com/appengine-sdks/featured/appengine-java-sdk-1.9.23.zip

kmcquade

def parse_arn(arn):
    # http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
    elements = arn.split(':')
    result = {'arn': elements[0],
            'partition': elements[1],
            'service': elements[2],
            'region': elements[3],
            'account': elements[4]
           }
    if len(elements) == 7:

kmcquade

#!/bin/bash
# virtualenv-auto-activate.sh
# 
# Installation:
#   Add this line to your .bashrc or .bash-profile:
#
#       source /path/to/virtualenv-auto-activate.sh
#
#   Go to your project folder, run "virtualenv .venv", so your project folder
#   has a .venv folder at the top level, next to your version control directory.

kmcquade

packer build packer.json 2>&1 | sudo tee output.txt
tail -2 output.txt | head -2 | awk 'match($0, /ami-.*/) { print substr($0, RSTART, RLENGTH) }' > sudo ami.txt

kmcquade

jenkins.model.Jenkins.getInstance().getUpdateCenter().getSites().each { site ->
  site.updateDirectlyNow(hudson.model.DownloadService.signatureCheck)
}

hudson.model.DownloadService.Downloadable.all().each { downloadable ->
  downloadable.updateNow();
}

def plugins = jenkins.model.Jenkins.instance.pluginManager.activePlugins.findAll {
  it -> it.hasUpdate()

kmcquade

# first class expresssion
variable "ami" {}
resource "aws_instance" "example" {
  ami           = var.ami
}

###

# list & map
resource "aws_instance" "example" {

kmcquade

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
ProtectHome=read-only
ProtectControlGroups=yes
ProtectKernelModules=yes