Skip to content
/ cg-scripts Public

Scripts to assist with the configuration and operation of Cloud Foundry.

License

View license
19 stars 13 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cloud-gov/cg-scripts

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

655 Commits
.github
.github
 
 
apps
apps
 
 
asg-tool
asg-tool
 
 
audit
audit
 
 
aws
aws
 
 
bosh
bosh
 
 
buildpack-eol
buildpack-eol
 
 
cert-validator
cert-validator
 
 
certbot
certbot
 
 
cloudfoundry
cloudfoundry
 
 
concourse
concourse
 
 
email
email
 
 
github
github
 
 
jumpbox-utils
jumpbox-utils
 
 
lib
lib
 
 
logs
logs
 
 
pages
pages
 
 
s3
s3
 
 
services
services
 
 
uaa
uaa
 
 
.gitignore
.gitignore
 
 
.shellcheckrc
.shellcheckrc
 
 
CODEOWNERS
CODEOWNERS
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
add-global-cf-auditor-permissions.sh
add-global-cf-auditor-permissions.sh
 
 
add-main-branch.sh
add-main-branch.sh
 
 
check-for-module-loaded.sh
check-for-module-loaded.sh
 
 
check_ca.sh
check_ca.sh
 
 
clone-all-repos.sh
clone-all-repos.sh
 
 
cloudtrail-check.sh
cloudtrail-check.sh
 
 
cloudybunch.py
cloudybunch.py
 
 
count-sandbox-logs.py
count-sandbox-logs.py
 
 
credhub-format.sh
credhub-format.sh
 
 
customer-pentest-instances.sh
customer-pentest-instances.sh
 
 
delete-expired-server-certificates.py
delete-expired-server-certificates.py
 
 
dump-all-cloudfronts.py
dump-all-cloudfronts.py
 
 
generate-POAM-inventory.py
generate-POAM-inventory.py
 
 
generate-passphrase
generate-passphrase
 
 
get-all-external-dependencies.py
get-all-external-dependencies.py
 
 
get-all-gh-repos.sh
get-all-gh-repos.sh
 
 
get-all-users.sh
get-all-users.sh
 
 
get-bucket-sizes-for-org.sh
get-bucket-sizes-for-org.sh
 
 
get_govcloud_production_releases.sh
get_govcloud_production_releases.sh
 
 
handy-functions.sh
handy-functions.sh
 
 
jumpbox
jumpbox
 
 
make-ops-admin.sh
make-ops-admin.sh
 
 
make-ops-viewer.sh
make-ops-viewer.sh
 
 
make-prometheus-support.sh
make-prometheus-support.sh
 
 
non_agreement_sandboxusers.sh
non_agreement_sandboxusers.sh
 
 
parse-nessus-xml.py
parse-nessus-xml.py
 
 
parse-owasp-zap-xml.py
parse-owasp-zap-xml.py
 
 
poke-cdn.sh
poke-cdn.sh
 
 
print_cves_for_release.sh
print_cves_for_release.sh
 
 
rebalance-k8s.py
rebalance-k8s.py
 
 
renew_certs.sh
renew_certs.sh
 
 
reset-totp.sh
reset-totp.sh
 
 
retarget-prs.sh
retarget-prs.sh
 
 
update-cloudfront-distributions.py
update-cloudfront-distributions.py
 
 
update-cloudfront.sh
update-cloudfront.sh
 
 
update-pipeline.sh
update-pipeline.sh
 
 
validate-admins.sh
validate-admins.sh
 
 
validate-pages-admins.sh
validate-pages-admins.sh
 
 

Repository files navigation

cloud-foundry-scripts

Scripts to assist with the configuration and operation of Cloud Foundry.

Managing cloud.gov team

Creating Concourse "navigator" team members

  1. uaac target <OPS_UAA_FQDN>

  2. uaac token client get admin -s <OPS_UAA_ADMINCLIENT_PASSPHRASE>

  3. Run

    ./make-concourse-navigator.sh <EMAIL_ADDRESS>

Removing Concourse "navigator" team members

  1. uaac target <OPS_UAA_FQDN>

  2. uaac token client get admin -s <OPS_UAA_ADMINCLIENT_PASSPHRASE>

  3. Run

    ./make-concourse-navigator.sh -r <EMAIL_ADDRESS>

Creating platform admins

These steps correspond to the steps for creating admins.

  1. Have the user log in to CF first.

  2. uaac target <CF_UAA_FQDN>

  3. uaac token client get admin -s <CF_UAA_ADMINCLIENT_PASSPHRASE>

  4. Run

    ./make-cf-admin.sh <EMAIL_ADDRESS>

  5. uaac target <OPS_UAA_FQDN>

  6. uaac token client get admin -s <OPS_UAA_ADMINCLIENT_PASSPHRASE>

  7. Run

    ./make-ops-admin.sh <EMAIL_ADDRESS>

Removing platform admins

  1. uaac target <CF_UAA_FQDN>

  2. uaac token client get admin -s <CF_UAA_ADMINCLIENT_PASSPHRASE>

  3. Run

    ./make-cf-admin.sh -r <EMAIL_ADDRESS>

  4. uaac target <OPS_UAA_FQDN>

  5. uaac token client get admin -s <OPS_UAA_ADMINCLIENT_PASSPHRASE>

  6. Run

    ./make-ops-admin.sh -r <EMAIL_ADDRESS>

Creating deployer users

  1. Ensure the user running this is a CF admin (see Creating admins)

  2. Run

    ./cf-create-deployer-user.sh <ORG>

Creating CSV for recent users since a given date

  1. pip install pyyaml
  2. gem install cf-uaac
  3. uaac target uaa.fr.cloud.gov
  4. uaac token sso get cf -s '' --scope scim.read
  1. python cf-get-recent-users.py YYYY-MM-DD

Creating CSV for counting sandboxes logs over the last three months

  1. apt update
  2. apt install python3
  3. pip install -U requests
  4. pip install -U dateutil
  5. export ES_HOST="${IP_ADDRESS_LOGSEARCH_MASTER_NODE}"
  6. python3 count-sandbox-logs.py
  7. ls -l summary.csv

About

Scripts to assist with the configuration and operation of Cloud Foundry.

Resources

Readme

License

View license

Security policy

Security policy
Activity
Custom properties

Stars

19 stars

Watchers

23 watching

Forks

13 forks
Report repository

Releases

3 tags

Packages

No packages published

Contributors 38

+ 24 contributors

Languages