Tag Archives: Github

Git: scan repositories for secrets using Gitleaks

16 August 2021
 

 A confidential data leak such as RDS keys or passwords to a Git repository, even if it is a private Github repository, is a very bad thing and it’s good to check your repositories to know if any developer pushed a commit with such data. Scanning utilities To check Git repositories for a leak, at… Read More »

ArgoCD: declarative Projects, Applications, and ArgoCD deploy from Jenkins

19 May 2021
 

 An application, cluster, or repository can be created In ArgoCD from its WebUI, CLI, or by writing a Kubernetes manifest that then can be passed to kubectl to create resources. For example, Applications are Kubernetes CustomResources and described in Kubernetes CRD applications.argoproj.io: And are accessible in ArgoCD’s namespaces as common Kubernetes resources: Such an approach… Read More »

Github: Github Actions overview and ArgoCD deployment example

7 May 2021
 

 Github Actions actually is very similar to the TravisCI, but have much more closer integration with Github, and even its interface is included in the Github WebUI: So, let’s take a closer look at its abilities, how to use it, and in the following posts will deploy its self-hosted runners to a Kubernetes cluster and will… Read More »

ArgoCD: an overview, SSL configuration, and an application deploy

22 November 2020
 

 ArgoCD helps to deliver applications to Kubernetes by using the GitOps approach, i.e. when a Git-repository is used as a source of trust, thus all manifest, configs and other data are stored in a repository. It can b used with Kubernetes manifest, kustomize, ksonnet, jsonnet, and what we are using in our project – Helm-charts.… Read More »

Git: git clone – fatal: unable to fork and RSA key fingerprint

23 October 2020
 

 We have a Docker image with Git client installed. The task is to automatically clone a repository when running a container from this image. git clone – fatal: unable to fork When running the git clone command in a container from this Docker image it fails with the “unable to fork” error: The cause is… Read More »

Github: SAML, Okta, and Github Enterprise Cloud – Organization SSO configuration

21 October 2019
 

 As a follow-up to the SSO, Okta, and SAML. We already did everything for our Jenkins (see the Jenkins: SAML, Okta, user groups, and Role-Based Security plugin post) – now it’s time to do the same thing with our Github organization. The idea is the same as for the Jenkins’ setup: keep all users in… Read More »

Jenkins: running PHPUnit from Codeception by a Pull Request in Github and Allure-reports

6 June 2019
 

 The task is to create a Jenkins Scripted Pipeline job to run PHPUnit with our PHP-based backend unit-tests. To run PHPUnit Codeception will be used. This Jenkins job must be triggered from a Github repository after creating Pull Request so will use Github Pull-Request Builder plugin here. To view generated reports – Allure Jenkins plugin… Read More »

Linux: GPG-keys, Pass – passwords manager, and passwords import from the KeePass database

25 April 2019
 

 pass – a password manager for Linux/UNIX. Stores data in tree-based directories/files structure and encrypts files with a GPG-key. In Arch Linux present by default, in Debian can be installed using apt from default repositories: For macOS can be installed with Homebrew: The pass itself is just a bash-script: GPG keys management Creating GPG key… Read More »

Authy: step by step Multi-Factor Authentication configuration for Github and AWS

17 April 2019
 

  I’m sure that using MFA (Multi-Factor Authentication) today is oblivious. For 2FA (2-Factor Authentication) the most used method is TOTP – Time-based One-time Password, when alongside with the common login:password also needs to enter a code generated by a device or software. The most known implementation is Google Authenticator but also there is a… Read More »

Jenkins: a job to check a Github organization’s public repositories list

16 April 2019
 

 Proceeding with a Github repositories checker. To recall: the idea is to have such a check in case if somebody from developers accidentally will share our project’s private repository as public, or will create a public repository instead of making it as a private one – we will get a Slack alarm about such a… Read More »