GNU/Linux OpenShift Where is My Secret Used?

/ GNU/Linux /

A simple bash-script for OpenShift to determine which deployment configs make use of a specific secret (within the active project). 

#!/bin/bash

oc get dc -o custom-columns="Name:metadata.name,readyReplicas:status.availableReplicas,Volumes:spec.template.spec.volumes,env:spec.template.spec.containers[].env,envFrom:spec.template.spec.containers[].envFrom,Volumes:spec.template.spec.volumes" | grep -E "($1)" | grep -oE "^[a-z0-9-]{3,99}"

$ os-sec-usage.sh secretname

GNU/Linux OpenShift Where is My Secret Used? Read More »

PowerShell Function To Add Filesystem Permissions

/ PowerShell Scripting /

Recently wrote a simple function to add permission to filesystem resources. It defaults to modify permissions, but can also be another basic permission for instance: Read, Write or FullControl.

function fnAddFilesystemPermissions()
{
  param (
    [string]$sPath,
	[string]$sUserName,
	[string]$sPermission = "Modify"
  )

  # Add write permissions to a file using powershell...
  $accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($sUserName,$sPermission,"Allow")
  $acl = Get-ACL -Path $sPath
  $acl.SetAccessRule($accessRule)
  $acl | Set-Acl -Path $sPath

  # Return permissions...
  return (Get-ACL -Path $sPath).Access | Format-Table 
}

PS> fnAddFilesystemPermissions -sPath “C:\Path\To\Resource” -sUserName “User-Principle-Name” [-sPermission “FullControl“]

PowerShell Function To Add Filesystem Permissions Read More »

[Other] Start DevOps Tools From Command line

/ Other /

Some commands I regularly use to start tools from the command line when I need them to start with elevated privileges.

My Frequently Used CLI Commands / Admin Tools (QuickRef)Description
dsa.msc / adsiedit.msc / virtmgmt.msc Active Directory Users & Computers / ADSI Edit / Hyper-V Manager
start-process powershell -verb runasStart PowerShell with Elevated Privileges
rundll32 sysdm.cpl,EditEnvironmentVariablesEdit Windows system environment variables
cacls “C:\Path\To\File.TXT” /E /G username@example.com:CQuick way to add write permission to a filesystem resource
java -Djavax.net.debug=ssl:handshake -jar target/packagename-1.0.0-SNAPSHOT.jarStart package with TLS handshake debugging enabled

[Other] Start DevOps Tools From Command line Read More »

PowerShell Sftp Retrieve multiple Files (and Remove Source files)

/ PowerShell Scripting /

The PowerShell script below retrieves multiple files from a SFTP server source using the native windows SFTP-client in windows After retrieving each individual file it removes the file from the SFTP-server. This specific script makes us of a (preconfigured) ssh-key authentication configuration, but it can easily been rewritten for password authentication.

<#
    Description    : Retrieve (get) and remove files from a sftp source... 
    Keywords       : Sftp, Get and Remove Original, Move

    Majorversion   : 1
    Scriptserver   : LOCALHOST
    Serviceaccount : -

    Author         : Tim van Kooten Niekerk
    Date           : 2023-03-14
#>

<#      CHANGELOG:
        2023-03-14 => Initieel (Tim van Kooten Niekerk)

#>


function fnMoveSftpFiles()
{
  param(
    [string]$sSftpServerHost,
    [string]$sSftpUser,
    [string]$sSftpServerPort = "22",
    [string]$sSftpRemoteFilePath,
    [string]$sSftpRemoteFileMask,
    [string]$sSftpLocalFilePath,
    [string]$sSftpScriptRetrieveClose = "quit"
  )

  # System variables...
  [string]$_sSftpScriptLogFile = $sSftpLocalFilePath + "\get-SftpFiles_" + $(get-date -f yyyy-MM-dd) + '.log'
  [string]$_sSftpScriptRetrieveFiles = "lcd " + $sSftpLocalFilePath + "`ncd " + $sSftpRemoteFilePath + "`n" + "ls -1 " + [string]$sSftpRemoteFileMask
  [string]$_sSftpScriptRetrieveOpen = "lcd " + $sSftpLocalFilePath + "`ncd " + $sSftpRemoteFilePath + "`n"
  [string]$_sSftpScriptRetrieveBody = $_sSftpScriptRetrieveOpen
  [string]$_CurrentTimeStamp = $(get-date -f 'yyyy-MM-dd HH:mm:ss')
  [string]$_InfoDoneWithFiles = $_CurrentTimeStamp + " | INFO | Commands executed: "
  [string]$_InfoDoneWithoutFiles = $_CurrentTimeStamp + " | INFO | No remote files found"
  [string]$_Return = $_CurrentTimeStamp + " | ERROR | Unknown Error"

  # Retrieve file list...
  [array]$aFiles = (write-output $_sSftpScriptRetrieveFiles) | sftp -b - -o Port=$sSftpServerPort $sSftpUser@$sSftpServerHost | select-string -notmatch "sftp>"

  # Create script for retrieving files...
  if ($aFiles.length -gt 0) {
    # Create get and rm script lines for every file in the listing...
    for (($n=0); $n -lt $aFiles.length; $n++) { 
      if ($aFiles[$n].line.length -gt 0)
      { 
        $_sSftpScriptRetrieveBody = $_sSftpScriptRetrieveBody + "get " + $aFiles[$n].Line + "`n"
        $_sSftpScriptRetrieveBody = $_sSftpScriptRetrieveBody + "rm " + $aFiles[$n].Line + "`n"
      }
    }

    # Close script file...
    $_sSftpScriptRetrieveBody = $_sSftpScriptRetrieveBody + $sSftpScriptRetrieveClose

    # Process script...
    [array]$aProcess = (write-output $_sSftpScriptRetrieveBody) | sftp -b - -o Port=$sSftpServerPort $sSftpUser@$sSftpServerHost
  
    # Audit log - Commands executed...
    $_InfoDoneWithFiles + $aProcess | Out-File $_sSftpScriptLogFile -Append
    $_Return = $_InfoDoneWithFiles + $aProcess
    [array]$aProcess = ""
  
  } else {
    # Audit log - No remote files...
    $_InfoDoneWithoutFiles | Out-File $_sSftpScriptLogFile -Append
    $_Return = $_InfoDoneWithoutFiles

  }
  return $_Return
}

PS> fnMoveSftpFiles -sSftpServerHost “example.com” -sSftpUser “user” -sSftpRemoteFilePath “/test” -sSftpRemoteFileMask “*.txt” -sSftpLocalFilePath “D:\Tim\Test” [-sSftpServerPort “22“]

PowerShell Sftp Retrieve multiple Files (and Remove Source files) Read More »