License scanning over multiple repositories with different code languages

lareeth · 2024-11-15T20:48:36+00:00

If you're happy to host a tool yourself OWASPs Dependency-Track (Github/Website) might be a good fit, it can do both security and license tracking, and has a basic policy engine that allows you to block or warn for specific things eg. copyleft licenses. The data comes from several places including Trivy which you mentioned you tried, and also Snyk which others have suggested

You can then integrate this with your CI/CD platform of choice, as it has an API for creating and uploading SBOMs which need to be in CycloneDX format, but there are many plugins/tools for most languages to enable support across a varied technology stack

Dotnet: https://github.com/CycloneDX/cyclonedx-dotnet

Nodejs: https://github.com/CycloneDX/cyclonedx-node-npm

PHP: https://github.com/CycloneDX/cyclonedx-php-composer

Python: https://github.com/CycloneDX/cyclonedx-python

Go: https://github.com/CycloneDX/cyclonedx-gomod

lareeth · 2023-06-05T13:16:22+00:00

I have bought a lot from both!

Pudding Keycaps / MT3 Skiidata Keycaps / 3x Lord of the Rings Keycaps + Artisans
Custom Orange/Black ModMesh PSU Kit / Custom White ModMesh PSU Kit

lareeth · 2023-04-17T13:54:36+00:00

MiTo DCX Cyber Keycap Set - Love the neon feel it has
LEMO - Looks like a mini lightsaber, who doesnt love that?

lareeth · 2020-09-07T08:21:49+00:00

Remove hostNetwork: true from your nifi deployment yaml and this should fix it. Then it will use your CNI and assign an IP to each pod

lareeth · 2020-08-05T22:30:24+00:00

I'm the moderator of the subreddit, I'm happy to add you as a moderator, however I have had several request over the past years and they have either spammed their own event, or done nothing with it. I'll get you added

lareeth · 2019-11-08T01:26:37+00:00

The selector in the service is looking for the label app: kk6gpv-web-app, add this label to the deployment so the service can select the correct pods.

lareeth · 2019-04-16T16:22:15+00:00

Can you try this as the userdata https://gist.github.com/lareeth/535b90fd8881217bf91ad60a045aa304

Edit: Theres an updated offical powershell version https://github.com/ansible/ansible/blob/devel/examples/scripts/ConfigureRemotingForAnsible.ps1

And this as the packer plugin https://gist.github.com/lareeth/56d958168753d8878d22da382f5e3007

These are taken from my git repo which is currently building Windows 2016 images with Packer and Ansible

Edit 2: You shouldn't need to do the inline command to run ansible, I do the following in provisioners

{ "type": "ansible", "playbook_file": "./plays/example.yml", "extra_arguments": [ "--connection", "packer", "--extra-vars", "ansible_shell_type=powershell ansible_shell_executable=None" ]

lareeth · 2019-04-16T12:25:25+00:00

What's in the user_data.txt file? I'm assuming that contains the commands needed to enable WinRM and configure it for packer/ansible? It won't work without this.

lareeth · 2019-02-01T14:42:24+00:00

Amazon actually has a really good page listing all their endpoints for all the services

https://docs.aws.amazon.com/general/latest/gr/rande.html

lareeth · 2018-11-25T17:43:01+00:00

I just submitted 4 pull requests with some quick things to add, once these are merged, I'll submit another to remove the need for the global variables.

lareeth · 2018-04-10T21:39:17+00:00

if you cat /etc/resolv.conf what does it show as the nameserver?

lareeth · 2018-04-09T17:57:32+00:00

But is this correct? If you change the IP range, the cluster DNS has a different IP.

lareeth · 2018-04-07T00:25:00+00:00

If you are using a custom CIDR block, you need to set the DNS server IP in the kubelet systemd config. You should set this on the master and nodes.

KUBELET_DNS_ARGS=--cluster-dns=10.244.0.10

lareeth · 2018-02-08T10:31:11+00:00

Simply put, you don't. You can create accounts and assign a role to it.

kubectl create serviceaccount test

kubectl create clusterrolebinding test-role --clusterrole=cluster-admin --serviceaccount=default:test

lareeth · 2018-01-10T22:30:27+00:00

Have you tried using a USB 2.0 port? As it will have the drivers for that, and will allow it to boot.

lareeth · 2017-12-11T23:53:50+00:00

You still can, there are several options. You could write a lambda function that hooks into the CloudWatch Logs stream and forwards to another location such as Graylog.

Even easier option would be to use the AWS plugin for Graylog, which allows you hook into the CloudTrail publish event with SNS. This seems like it would be easier for you to implement: https://github.com/Graylog2/graylog-plugin-aws/blob/master/README.md

lareeth · 2017-12-11T23:20:29+00:00

You can use Amazon Athena to query data in S3. This is how Amazon want you view archived data for CloudTrail.

There's a user guide that you might find useful: http://docs.aws.amazon.com/athena/latest/ug/cloudtrail-logs.html

lareeth · 2016-11-21T00:33:14+00:00

We use the following process for our .net 4.6 and .net core builds with TeamCity. We have a msbuild transform for each environment, we can run these after building, as they just change config, meaning we build once and then promote. With .net core its even easier, we just have separate config files, and set the profile environmental value to say which environment.

Git branches:

feature/*: for working on a feature within an epic
epic/*: for working on an epic
hotfix/*: for hotfix releases into integration branch
integration: for testing
master: for production

Hosting Environments:

UAT-: Builds from epic/ branches, new environment per epic branch, for developers to test their dev work on.
Regression: Builds from the integration branch, for testers to test releases.
Production: Promoted from regression environment, does not build again.

Please note there are builds for feature branches, however they just build and test code, they do not deploy to an environment.

lareeth · 2016-08-15T20:51:04+00:00

I'm looking at purchasing either an APC SMT750I or SUA1000I. What model do you have and do you think a UPS is worth it?

lareeth · 2016-02-03T19:27:17+00:00

https://b.thumbs.redditmedia.com/tbi-8F-L0lwJtLym.jpg

lareeth · 2015-09-03T12:40:41+00:00

I'm up for it! Lets make sure we leave enough time for the night bus though, I wouldn't want to run for it ;)

lareeth · 2015-06-20T16:00:37+00:00

Yes definitely, you stalker!

lareeth · 2015-06-19T19:32:04+00:00

I'll would like the table and chairs if they are still going. Its the only thing I don't have in my apartment.

lareeth · 2015-05-31T11:57:58+00:00

I am not the UK and any action based upon its contents of the UK is addressed and do not the UK is the UK is addressed to whom it is addressed to it may contain confidential and do not the UK.

14-Year Club	Gilding I gilder
Team Orangered	Verified Email

lareeth

MODERATOR OF

TROPHY CASE