When a GitLab CI/CD pipeline needs to persist job output or a rendered report, it will typically save it as an artifact on the job, or perhaps write it to an external storage service or as a GitLab Release archive. But it is also capable of pushing this file to its own git repository, stored … GitLab: add files to source repository as part of GitLab pipeline
Google’s API supports OAuth2 and OIDC, and can be used to both authenticate and authorize users. In this article, I will show how to use the Google web console to configure an Application that can support OAuth2/OIDC. We will then use a small, local Docker image to implement the Client Application side and smoke test … OAuth2: Configuring Google for OAuth2/OIDC
The Kubernetes Dashboard provides a convenient web interface for viewing cluster resources. However, if you are logged using a token tied to the ‘cluster-admin’ role, you will have privileges beyond what are typically necessary. In this article, I will show you how to create a ServiceAccount and ClusterRole with limited privileges that can be used … Kubernetes: accessing the Kubernetes Dashboard with least privilege
A Kubernetes Service Account (KSA) can be used to provide least-privileged access to a pod for a cluster that has Role-based access control (RBAC) enabled. This is done by making the KSA the subject in an RBAC role. But it can be challenging to discover and test whether the KSA has the correct set of … Kubernetes: testing RBAC authorization of a Kubernetes Service Account
By default, ‘qemu-image info’ will throw an error if it cannot get exclusive access to the disk file it is trying to read. $ sudo qemu-img info mydisk.qcow2 qemu-img: Could not open ‘mydisk.qcow2’: Failed to get shared “write” lock Is another process using the image [mydisk.qcow2]? Although it is not listed in the man page, … KVM: running qemu-img info without exclusive access using force-share flag
Updated April 2023: Tested on Ubuntu 22.04 LTS with X2GO sever 4.1.0 X2Go provides remote desktop access for Linux, similar to VNC or xRDP. It tunnels over ssh which can provide SSH public key authentication for security and is easily understood when opening firewall rules. Additionally, it is optimized for narrow bandwidth requirements, making it … Ubuntu: X2Go on Ubuntu bionic for remote desktop access
Nginx is a powerful application level proxy server. Whether for troubleshooting or analysis, enabling log levels and custom formats for the access/error logs is a common requirement. Error Logs By default, only messages in the error category are logged. If you want to enable more details, then modify nginx.conf like: error_log file [level] Enabling debug … Nginx: Custom access log format and error levels