gitlab-ci-local
iamlive
Our great sponsors
gitlab-ci-local | iamlive | |
---|---|---|
10 | 30 | |
1,862 | 2,952 | |
- | - | |
9.1 | 6.2 | |
4 days ago | about 2 months ago | |
TypeScript | Go | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gitlab-ci-local
-
🦊 GitLab CI YAML Modifications: Tackling the Feedback Loop Problem
Among these options, the one that has gained the most traction is gitlab-ci-local :
-
🦊 GitLab CI: 10+ Best Practices to Avoid Widespread Anti-patterns
The main reason behind this change is to have consistent scripts for local testing and remote runners during testing and debugging. However, there are already tools available, such as gitlab-ci-local, that allow you to run jobs locally, partially invalidating this argument. Additionally, working locally may not provide access to all necessary variables.
- GitHub Actions could be so much better
-
How do you debug CI/CD pipelines? Breakpoints?
Two tools I've used for local Gitlab CI runs: - https://github.com/firecow/gitlab-ci-local - https://gitlab.com/AdrianDC/gitlabci-local
-
makefiles in stages
What you might want to look at is this, to meet both needs https://github.com/firecow/gitlab-ci-local
-
Looking for a way to test CI pipeline (gitlab) locally
https://github.com/firecow/gitlab-ci-local exists but its not quite there yet. Personally Ive resorted to setting up a self-managed instance at home, relying on the included linter/validator and pushing repeatedly as before.
-
Selfhosted Gitlab for CI only
If you already have/had a working pipeline then maybe https://github.com/firecow/gitlab-ci-local has something worth looking at.
-
The End of CI
> One thing that would be nice, however, would be the ability to run the entire pipeline locally.
This cost me many hours of waiting for the Gitlab CI runner when debugging non-trivial pipelines, when the issue was something that did not have to do with the script steps inside of the jobs but rather how the Gitlab runner handled things.
I've found gitlab-ci-local [1] which actually does run the Gitlab pipeline locally, although I had to write some boilerplaye scripts to set up all the necessary 'CI_FOO_SOMETHING' environment variables before running the tool. (Which sometimes came back to bite me because the issue was actually in the content of some of those environment variables). It's still a very good tool.
[1] https://github.com/firecow/gitlab-ci-local
-
How to develop CI pipeline effectively?
Most CI/CD tools let you run pipelines locally. Just one example: https://circleci.com/blog/using-runner-for-local-testing/ . In my opinion Gitlab and Circleci have the test tools for this.
- firecow/gitlab-ci-local : Tired of pushing to test your .gitlab-ci.yml?
iamlive
-
Why has AWS made IAM Actions impossible to find?
Also things like this (same guy) if you have a sandbox to play in with wider permissions and are trying to build a more scoped profile: https://github.com/iann0036/iamlive
- iann0036/iamlive: Generate an IAM policy from AWS calls using client-side monitoring (CSM) or embedded proxy
-
Why Companies Still Struggle with Least Privilege in the Cloud?
I know there is a tool called iamlive that logs all API calls on your local machine. So you can run commands as an admin user locally while this is running, and find out what permissions were needed. Then you tear down the infra you just deployed, and add those same permissions to a service user of some kind (e.g. a CICD role) to avoid over-privileging it. It's messy but it can be helpful.
-
AWS Creates New Policy-Based Access Control Language Cedar
actually Ian (aws hero) has a tool that does exactly this
https://github.com/iann0036/iamlive
- Permissions Map
- iamlive
-
Show HN: Slauth.io (YC S22) – IAM Policy Auto-Generation
I have used https://github.com/iann0036/iamlive with great success in the past. On high level, the approach you are describing is iamlive on steroids and UX improved.
Kudos on launch, will check your beta
- IAM Live
-
Pike: Tool to determine your IAM requirements from code
Thanks! Permissions are determined per resource or datasource. There's no easy way that I had found, especially if you want this done statically, https://github.com/iann0036/iamlive does it by inspecting your api calls but there's always a look up somewhere. Hopefully ill manage to get a few community contributions and get the ball rolling, i've made it as easy as I could to add support for other resources without you even really having to know golang.
-
The End of CI
IAM isn’t fun, but there’s lots of options.
https://pypi.org/project/access-undenied-aws/ will allow you to start with least privilege and fix specific issues.
https://github.com/iann0036/iamlive allows an admin to perform the action via CLI and capture the policy.
Access advisor can inspect how you actually use the role and give suggestions on what to remove.
A more helpful suggestion is to experiment with these tools and then find gaps in IAM actions and submit those as feature requests via your TAM.
What are some alternatives?
dagger - Application Delivery as Code that Runs Anywhere
aws-leastprivilege - Generates an IAM policy for the CloudFormation service role that adheres to least privilege.
tekton-kickstarter - Templates, scripts and samples for quickly building CI/CD with Tekton.
consoleme - A Central Control Plane for AWS Permissions and Access
act - Run your GitHub Actions locally 🚀
policy_sentry - IAM Least Privilege Policy Generator
pypyr automation task runner - pypyr task-runner cli & api for automation pipelines. Automate anything by combining commands, different scripts in different languages & applications into one pipeline process.
iamzero - Identity & Access Management simplified and secure.
action-tmate - Debug your GitHub Actions via SSH by using tmate to get access to the runner system itself.
iamlive-lambda-extension - Lambda Extension for iamlive
goonstation - Repository for the Goonstation branch of SS13
trailscraper - A command-line tool to get valuable information out of AWS CloudTrail