Securely publish Jenkins build artifacts on Salt Master

Do you want a secure setup for publishing and staging build artifacts from a Jenkins build server to a Salt Master? This guide describes my fully automated pipeline to transport binaries using Salt’s encrypted “bus”. We start off with some Salt States to stand up a Jenkins build server “client”: jenkins/client.sls: # http://russell.ballestrini.net/securely-publish-jenkins-build-artifacts-on-salt-master/ # manage […]

Set postgres user password on PostgreSQL SmartOS Zone

Connect to zone and determine the auto generated password for postgres user: cat /var/svc/log/system-zoneinit\:default.log | grep PGSQL_PW document the result and log into postgres with the following command, entering the password when prompted: [root@psql ~]# psql –user postgres Alter the postgres role’s password: postgres=# ALTER ROLE postgres UNENCRYPTED PASSWORD ‘new-password'; Now exit (\q) then try […]

Risk, Process, and Balance

The operations of a company will have intrinsic risk. Risk occurs each time we decide to take an action or an inaction. This means that anything we choose to do, or not do, has associated risk. An organization which has an unhealthy aversion to risk has a much higher chance of failure. As time goes […]

autofs /net automount stopped working

So autofs randomly stopped working on one of my Ubuntu hosts (this issue has been found on Arch as well so its most likely a change upstream). I found this error in the logs: attempting to mount entry /net/freenas.example.net get_exports: lookup(hosts): exports lookup failed for freenas.example.net key “freenas.example.net” not found in map source(s). failed to […]

Custom Rundeck HipChat notification templates

Today I built a GUI and workflow around Ansible using Rundeck. Tonight I started diving into sending HipChat notifications and after a bit of research, I managed to create a custom notification template for each Rundeck project. Modify your project’s configuration file, on Ubuntu it was in /var/rundeck/projects/pname/etc/project.properties, and add the following line to the […]

Build release pipelines on S3 with s3p

This weekend I finished my first sprint on s3p which is a Python library and CLI application that manages release pipelines on AWS S3. I put a lot of effort into the readme.rst file, so look there for usage and examples. The main purpose of s3p is to use code to enforce process when promoting […]

Dealing with pagination in Python

So I’m working with a API (AWS ElastiCache) that offers mandatory pagination of results. I need to get all results, so I took some time to work out this logic. def combine_results(function, key, marker=0, **kwargs): “””deal with manditory pagination of AWS result descriptions””” results = [] while marker != None: result = function(marker = marker, […]

Turn python dict into a key=value string

I’m currently refactoring a script that tags AWS resources and I came up with this one liner to generate pretty output. It basically turns {‘tag1′:’value1′,’tag2′:’value2′} into tag1=value1, tag2=value2. Here is the code: ‘, ‘.join([‘=’.join(key_value) for key_value in {‘a':’1′,’b':’2′}.items() ]) Oh and here is a function if you love this! def dict_to_key_value(data, sep=’=’, pair_sep=’, ‘): “””turns […]

Migrating MongoDB from Ubuntu to SmartOS

I installed the mongodb 14.2.0 (uuid a5775e36-2a02-11e4-942a-67ae7a242985) dataset and launched a new zone. The zone automatically creates a username and password for admin and “quickbackup”. You can find these passwords by running the following command inside the zone: cat /var/svc/log/system-zoneinit\:default.log | grep -i mon First thing I did was disable authentication by modifying /opt/local/etc/mongod.conf: #auth […]

Set Root Password SmartOS Percona MySQL Zone

I used project-fifo to launch the percona (14.2.0) MySQL dataset. I couldn’t get into the MySQL instance so I reached out on IRC. Johngrasty, a friendly guy in the #smartos IRC channel, provided a command to display the randomly generated MySQL password emitted to the zone-init log: cat /var/svc/log/system-zoneinit\:default.log | grep MYSQL_PW I used this […]