I'm glad to see that I'm not the only one who had issues with it 😄 This is how I'm using aws-vault in WSL2 and Ubuntu 20.04
# All the commands are executed in a WSL2 terminal
# Download
AWS_VAULT_VERSION="v6.3.1" && \
unfor19
/ generate_self_signed_ca_certificate.sh
Last active
February 18, 2023 10:33
Generate a self-signed CA rootKey, rootCA, certificate per domain (CNAME) for both pem and DER formats
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Name: generate_self_signed_ca_certificate.sh | |
| # Description: Generate a self-signed CA rootKey, rootCA, certificate per domain (CNAME) for both pem and DER formats | |
| # Author: Meir Gabay (unfor19) | |
| set -e | |
| set -o pipefail | |
unfor19
/ wsl2-aws-vault.md
Last active
August 8, 2024 23:23
How to run aws-vault on WSL2 Ubuntu 20.04
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| set -o pipefail | |
| error_msg(){ | |
| local msg=$1 | |
| echo -e "$(date) :: [ERROR] ${msg}" | |
| exit 1 | |
| } |
unfor19
/ global-args-good.Dockerfile
Last active
February 12, 2021 14:05
global-args-good-dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GOOD - 3.9.1 is declared once at the top of the file | |
| ARG PYTHON_VERSION="3.9.1" | |
| FROM python:"$PYTHON_VERSION"-slim as build | |
| # Build stage commands | |
| FROM python:"$PYTHON_VERSION"-slim as app | |
| # App stage commands | |
| ENTRYPOINT ["app"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # BAD - 3.9.1 is hardcoded | |
| FROM python:3.9.1-slim as build | |
| # Build stage commands | |
| FROM python:3.9.1-slim as app | |
| # App stage commands | |
| ENTRYPOINT ["app"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GOOD | |
| # Reminder - My machine's UID:GID is 1000:1000 | |
| # frigga's user UID:GID - 1000:1000 | |
| $ docker run --rm -it -v $PWD/:/code/ --workdir=/code/ --entrypoint=bash unfor19/frigga | |
| appuser@52ad885a9ad5:/code$ echo "file contents" > some-file.txt | |
| appuser@52ad885a9ad5:/code$ ls -lh some-file.txt | |
| # -rw-r--r-- 1 appuser appgroup 28 Feb 12 14:15 some-file.txt |
unfor19
/ mind-the-uid-gid-solve-with-sudo.sh
Created
February 12, 2021 13:53
mind-the-uid-gid-solve-with-sudo-sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ sudo echo "more contents" >> root-file.txt | |
| # success |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # BAD | |
| # Reminder - My machine's UID:GID is 1000:1000 | |
| # root UID:GID is 0:0 | |
| $ docker run --rm -it -v $PWD/:/code/ --user=root --workdir=/code/ --entrypoint=bash unfor19/frigga | |
| root@987c5784a52e:/code$ cat /etc/passwd | grep "$(whoami)" | |
| root:x:0:0:root:/root:/bin/bash | |
| # UID:GID = 0:0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat /etc/passwd | grep "$(whoami)" | |
| myuser:x:1000:1000:,,,:/home/myuser:/bin/bash |
unfor19
/ run-as-non-root-user-good.Dockerfile
Created
February 12, 2021 13:51
run-as-non-root-user-good-dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GOOD | |
| FROM python:3.9.1-slim as app | |
| WORKDIR /myapp/ | |
| # Creates `appuser` and `appgroup` and sets permissions on the app`s directory | |
| RUN addgroup appgroup --gid 1000 && \ | |
| useradd appuser --uid 1000 --gid appgroup --home-dir /myapp/ && \ | |
| chown -R appuser:appgroup /myapp/ |
NewerOlder