jervis VS home

Clone my jervis project which has some java-based encryption

I have some open licensed code for vault and AppRole client management you can draw inspiration from if you wanted to create your own client for devs or even directly copy (following its license/attribution/etc).

If you wanted to learn more about SBOMs the DependencyTrack website has great videos on the subject by Steve Springett. If you wanted to try DependencyTrack from your laptop I have it integrated in my open source project along with sonarqube. https://github.com/samrocketman/jervis/tree/main/dependencytrack

In my groovy project, VSCode is integrated with the source code within the same repository. A local instance of SonarQube (for code coverage and static analysis), DependencyTrack (security scanning of dependencies), and HashiCorp Vault for my Vault API client for development. It has several tasks for generating documentation, running codenarc, submitting code coverage reports, etc.

README

Hopefully my description is specific enough that others can replicate it easily. Currently, working on building out GitHub App support for cloneable so that you need only grant readonly access to all repositories to be backed up using service credentials. The backend API client I wrote is called Jervis.

My pet project named Jervis. This is an example of VSCode dev containers integrated directly with the project source code. This VSCode dev container is for Groovy/Java development. It also provisions sonarqube for static analysis and code coverage metrics. It provisions DependencyTrack for dependency vulnerability scanning. Can set breakpoints for Java debugging and Groovy Console for REPL.

Are you referring to a CI/CD environment? I built one out based on Jenkins called Jervis where it focuses on ephemeral agents, CI code in repositories, self service onboarding, and isolation. I currently run it in AWS.

From a server perspective, you make all user writable space noexec but that’s not very practical for desktop. I also configure a firewall with inbound and outbound rules, but that’s a bit more advanced than configuring fstab for new users. Although, I’m an admin I don’t like posting in admin subreddits.

github_wait_actions.sh

Reading the man page will blow your mind. You can make a bash e-book for easier reading outside of the terminal like a tablet.

Jenkins infrastructure relies on AWS features. It's uptime is maintained by an autoscaling group. The active half (say blue) sets desired capacity of green to 1 and follows up by setting its own ASG to desired capacity 0. AWS takes over from that point. Green waits for the volume to become available and if the volume is blue it takes a snapshot and waits for the snapshot to complete. After the snapshot completes it updates the AWS tag of the data volume from blue to green. Then, it hands off to this attach volume script. The script attaches, mounts the volume and sets up /etc/fstab in case of a reboot. After the storage is available then systemctl start jenkins.service is called.

Hmm, I'm using EBS as well. I use a script on the autoscaling EC2 instance which attaches EBS before starting Nexus.

On boot, EBS store is auto mounted and pulls secrets from secrets manager.

Functions take compound commands. People treat bash like other programming languages but it is more powerful at specific things. Functions can take more than {} which is unlike other programming languages.