Datadog Dashboard [Ex/Im]port Script

I had a need recently to copy a developed dashboard between orgs within Datadog and ran across this Github Gist post that I’ve wrapped into a shell utility:

 

#!/bin/bash

api_key='REPLACEME'
app_key='REPLACEME'
dash_id=$2

if [[ $1 == "import" ]]; then

    curl -X POST -H "Content-type: application/json" -d @${dash_id}.json "https://app.datadoghq.com/api/v1/dash?api_key=${api_key}&application_key=${app_key}"

else

    curl -X GET "https://app.datadoghq.com/api/v1/dash/${dash_id}?api_key=${api_key}&application_key=${app_key}" | jq '.dash' > ${dash_id}.json

fi

Archival Policies With CloudFormation

Draft of this has been untouched for 6 months, posting in case anyone needs a snippet for a CF template.

"S3BackupBucket": {
    "Type" : "AWS::S3::Bucket",
    "Properties" : {
        "BucketName" : "my-unique-s3-bucket"},
        "LifecycleConfiguration": {
            "Rules": [
                {
                "Id": "GlacierRuleDBData",
                "Status": "Enabled",
                "ExpirationInDays": "460",
                "Prefix" : "backup/database",
                "Transitions": [
                    {
                    "TransitionInDays": "35",
                    "StorageClass": "GLACIER"
                    }
                ]
                },
                {
                    "Id": "IARuleAppData",
                    "Status": "Enabled",
                    "Prefix" : "backup/appdata",
                    "Transitions": [
                        {
                            "TransitionInDays": "30",
                            "StorageClass": "STANDARD_IA"
                        }
                    ]
                }
            ]
        }
    }
}

Jenkins Job DSL

I’ve wanted to post for some time a couple of thoughts and templates for good DSL job scripts for Jenkins(Hudson) but haven’t been able to pull enough details together to make it cohesive. Nothing’s changed in that regard but I’m fed up with looking at the draft…

Assuming you have all the pre-reqs for running DSL scripts (possibly a boot strap job [check this example job] as well) you’re biggest hurdle is going to be making sense of the DSL script. Below is a basic example that includes some of the preliminary needs for my application of this.

def gitBaseUrl = 'git@github.com/Scriobhaim/'
def shortCode = 'ACME'
def phpGitName = shortCode.toLowerCase() + '-appstatic'
def groupID = 'im.scriobha'

//------------ View --------------------------------------------------------------------------------------------------//
listView(shortCode){
    description('All jobs for ACME')
    filterBuildQueue(false)
    filterExecutors(false)
    jobs {
        name(shortCode)
        regex(shortCode + '_.+')
    }
    columns {
        status()
        weather()
        name()
        lastSuccess()
        lastFailure()
        lastDuration()
        buildButton()
    }
}

//------------ [NAME] Jobs -------------------------------------------------------------------------------------------//

mavenJob (shortCode + '_DEV_AppStatic'){
    logRotator(daysToKeepInt = -1, numToKeepInt = 5, artifactDaysToKeepInt = 30, artifactNumToKeepInt = -1)
    concurrentBuild(allowConcurrentBuild = true)
    quietPeriod(600)
    triggers {
        githubPush()
    }
    scm {
        git{
            remote{
                url("git@github.com:Synegen/${phpGitName}.git")
            }
            branches('*/master')
            configure { git ->
                git / 'extensions' / 'hudson.plugins.git.extensions.impl.SparseCheckoutPaths' / 'sparseCheckoutPaths' {
                    'hudson.plugins.git.extensions.impl.SparseCheckoutPath' {
                        path("AppSubStatic")
                    }
                }
            }
        }
    }
    rootPOM('PHPSubStatic/pom.xml')
    goals('clean package -Dmaven.test.failure.ignore=false')
    postBuildSteps('UNSTABLE'){
        shell('# Fail on first error: \n' +
            'set -e\n' +
            '\n' +
            'scp target/phpstatic-*.zip '+ shortCode.toLowerCase() + '-dev-app1:/tmp/.\n' +
            'ssh '+ shortCode.toLowerCase() + '-dev-app1 \'sudo unzip -d /mnt/app-www/ -o /tmp/drupal-*.zip\'\n' +
            'ssh '+ shortCode.toLowerCase() + '-dev-app1 \'sudo chown -R www-data:www-data /mnt/app-www\'\n' +
            'ssh '+ shortCode.toLowerCase() + '-dev-app1 \'sudo rm /tmp/phpstatic-*.zip\'')
    }
    publishers {
        mailer('developers@acme.com', false, true)
    }
}

Well that explains the low cost

A co-worker recommended Vizio as a top notch TV a while back and the price was ridiculously cheap when I shopped around to price one out. It was only for an occasionally used room and I figured even if it went bad after a couple of years it was worth the cost. Now I understand why the price tag is so low despite appearing to be a quality TV and I’ve turned as much of the default settings as I could find off since it’s used with an external device.

Its watching you (ArsTechnica) http://arstechnica.com/security/2015/11/own-a-vizio-smart-tv-its-watching-you/

Shell Script for Apt-Get Security Based Updates

I’ve been slowly working this script into a cheap method of notifying me of updates available for Linux instances (Ubuntu specific) instead of purchased product or managed solution. It’s not fancy, flashy, API driven, cloud hosted, OAuth authenticating, or any other buzzwords. It does work though…

#!/bin/bash

#-------------------------------------------------------------------------------------------------#
#- Name....: checkSecurityupdates.sh
#- Notes...:
#-------------------------------------------------------------------------------------------------#

# create fresh securities file each run
grep "-security" /etc/apt/sources.list | sudo grep -v "#" > /etc/apt/security.sources.list
echo "created security specific source list"


# Create the security file list
echo 'n' | apt-get upgrade -o Dir::Etc::SourceList=/etc/apt/security.sources.list >> /root/securities-to-update.txt
echo "created list of security updates"



# What's the mimetype
get_mimetype(){
  # warning: assumes that the passed file exists
  file --mime-type "$1" | sed 's/.*: //'
}


# some variables

from="SecUpdates-Report@example.com"
to="monitor-this-mailbox@example.com"
subject=`hostname`
boundary="ZZ_/afg6432dfgkl.94531q"
body="Please see attached"
declare -a attachments
attachments=( "securities-to-update.txt" )

# Build headers
{

printf '%s\n' "From: $from
To: $to
Subject: $subject
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=\"$boundary\"

--${boundary}
Content-Type: text/plain; charset=\"US-ASCII\"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

$body
"

# now loop over the attachments, guess the type
# and produce the corresponding part, encoded base64
for file in "${attachments[@]}"; do

  [ ! -f "$file" ] && echo "Warning: attachment $file not found, skipping" >&2 && continue

  mimetype=$(get_mimetype "$file")

  printf '%s\n' "--${boundary}
Content-Type: $mimetype
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=\"$file\"
"

  base64 "$file"
  echo
done

# print last boundary with closing --
printf '%s\n' "--${boundary}--"

} | sendmail -t -oi   
echo "sent security updates list"



# cleanup security files
rm /etc/apt/security.sources.list
rm /root/securities-to-update.txt