helm -n securecodebox-system upgrade --install --create-namespace securecodebox-operator oci://ghcr.io/securecodebox/helm/operator --version 4.9.0
helm upgrade -n securecodebox-system --install persistence-defectdojo oci://ghcr.io/securecodebox/helm/persistence-defectdojo --version 4.6.0
helm upgrade -n securecodebox-system --install trivy oci://ghcr.io/securecodebox/helm/trivy --version 4.9.0
Bulat paraddise
paraddise
/ SecureCodeBox - Overview.md
Last active
November 5, 2024 07:16
SecureCodeBox - Overview.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| #set -x | |
| # Usage: zipslip <host_to_send_and_read> <zip_file_name> <entry_name> <symlink_path> | |
| # This scripts is just a sample, edit to fit your needs | |
| host=$1 | |
| file_name=$2 | |
| entry_name=$3 | |
| spath=$4 |
paraddise
/ ESO-SharedSecretStore.md
Last active
December 24, 2023 20:21
Writing Kyvenro policy to disallow acccess for not permitted keys in Shared Secret Store
paraddise
/ Kubernetes: restore deleted manifests wuth auger from etcd backup.md
Last active
November 15, 2023 04:55
Kubernetes: restore deleted manifests wuth auger from etcd backup
One day I accidentally deleted the argoprojects and applications for argocd.
I could have restarted 300 pipelines and generated these templates, but I chose a different path.
This morning I read an article Post-exploiting a compromised etcd – Full control over the cluster and its nodes Seems, it's nice case to try auger in action.
Install auger, I built from 6922d3a04e360a144f166f73e4056c34b3472750 commit for macos
paraddise
/ Linstor snapshots in kubernetes with piraeus operator.md
Last active
October 13, 2023 11:00
Linstor snapshots in kubernetes with piraeus operator
Snapshots allow you to remember state of the disk (block device/filesystem) and give you ability restore or create new volumes from it in the future.
Volume managers that supports snapshots: LVM thin and ZFS. Snapshots there works almost similarly, but have nuances. When we create snapshot, we create new volume with zero size (metadata doesn't count), when you rewrite block in original volume, volume manager copies old block to snapshot volume and writes new block to original volume. With that strategy you now blocks, that was replaced after snapshot creation and that blocks lie in snapshot volume. When you create new volume from snapshot you copy original volume with replace of changed block from snapshot volume.