profile
viewpoint
Tobias Schug HappyTobi @microsoft Stuttgart, Germany

HappyTobi/cf-puppeteer 17

CF-Puppeteer is a zero-downtime deployment plugin bases on autopilot

HappyTobi/autopilot 3

cf plugin for hands-off, zero downtime application deploys

HappyTobi/dotfiles 2

Dotfiles for macOS

HappyTobi/otfcc-font-parser 1

OTFCC Font parser

HappyTobi/beercloak 0

BeerCloak: a comprehensive Keycloak extension example

HappyTobi/cf-puppeteer-site 0

cf-puppeteer-static-site

HappyTobi/cli-plugin-repo 0

Public repository for community created CF CLI plugins.

HappyTobi/credhub 0

CredHub centralizes and secures credential generation, storage, lifecycle management, and access

push eventHappyTobi/terraform-provider-azurerm

magodo

commit sha aea2bf09588f0099e7bd7bd5cbeb4aa8e600d3c7

`azurerm_monitor_metric_alert` supports multiple scopes and different criterias Originally, the resource only allows user to specify one scope. Furthermore, it only allow user to specify static criteria, while there are dynamic criterias and "webtest available location" criterias. This PR tries to support both facets and not to introduce breaking change.

view details

magodo

commit sha b30f6ce0f3c4e672935fb009729f4fda3b34f1c0

Fix CI

view details

magodo

commit sha fa94069c01a06f2deeea0dae4333a45eaced1439

resolve review comment

view details

magodo

commit sha f5a49aa48179bc52c26f5f32f62060d9ab9e15ca

typo

view details

Rik Ribbers

commit sha 1d99b7093d68793b171b9c0716cf3ca90e9f1c12

Merge pull request #1 from terraform-providers/master updated master

view details

Tao Yang

commit sha c322093599b351a1dd9acc1e47f2bdf572929587

add metadata to policy assignment resource

view details

njucz

commit sha d5570787605a5f2c98895fd5edd265b33bd6b8b9

add validation for notification Hub Id

view details

Konstantin Kosinsky

commit sha 71c0a623c60026bf988161e32db4094a4e95b2aa

Move Hadoop tests to 4.0

view details

Konstantin Kosinsky

commit sha f8a45ebdbb40e7a721a5e22ae0b4574d3e2f95d3

Move HBase tests to 4.0

view details

Konstantin Kosinsky

commit sha 05e8a045549d2017b5327ed6717b75f41897d4d7

Move Interactive Hive tests to 4.0

view details

njucz

commit sha e6cc65d34d464ad11335c27aa180cf8486c74d02

update import func

view details

njucz

commit sha e828f1e37a94a4ed4dd005932c9ef229a8d88dce

update

view details

magodo

commit sha d7e49cb93c50fdd4dd6c681d3ffc5643bd542196

modify per review

view details

Konstantin Kosinsky

commit sha 1ed382bda4af774766eba45155c7a92b138adbaf

Move Kafka tests to 4.0

view details

Konstantin Kosinsky

commit sha ba07c26190b20c4cb0ffc2a3d01cd12a2765a0b4

Move Spark tests to 4.0

view details

Damien Pontifex

commit sha a15ab4ecebbd05f0976f08931998d9d19e3f62be

Property for hbi_enabled with ML Workspace - Updates ML workspace API version from 2019-11-01 -> 2020-04-01 - Adds hbi_enabled property to workspace to indicate high business impact resulting in reduced sensitive data and telemetry collected by Microsoft

view details

Konstantin Kosinsky

commit sha f0b8a5ef007761328d258ed9e1e41956d6203377

Mark Storm as deprecated. Fix requireImports test

view details

Konstantin Kosinsky

commit sha d8e0871d38286ebadcc269bab7a03be62e3a2036

Malr RServer and MLService as deprecated

view details

justinbarias

commit sha fd757d26f1b5b3aac3745825d61bd068facaf86f

Make changes to compile

view details

Tao Yang

commit sha ca1aa744fd8966a348f25c88bfc5db7f7fd1d70f

updated policy_assignment test for metadata

view details

push time in 2 hours

push eventHappyTobi/terraform-provider-azurerm

push time in 21 hours

startedaxboe/liburing

started time in 17 days

startedJean-Tinland/simple-bar

started time in 20 days

startedfelixhageloh/uebersicht

started time in 20 days

startedsprout2000/leafview

started time in 22 days

startedAzure/azure-sdk-for-go

started time in 22 days

startedhome-assistant/core

started time in 22 days

startedbottlerocket-os/bottlerocket

started time in a month

issue commentcloudfoundry-incubator/credhub

Importing a self-signed certificate not possible

@damzog,

I don't know when thy will release it, but it's a server side issue.

@bruce-ricard can you help here?

Br

dueckminor

comment created time in a month

startedopenservicemesh/osm

started time in 2 months

push eventHappyTobi/HappyTobi

Tobias Schug

commit sha eac6cdf2ac5da4d50d95e481e0fead321424eee1

Update README.md

view details

push time in 2 months

push eventHappyTobi/HappyTobi

Tobias Schug

commit sha 9d44ba5a96ca82b142d7b0d85f6d121d9260cceb

Update README.md

view details

push time in 2 months

startedtimoknapp/sound-on-fire

started time in 2 months

startedtimoknapp/timoknapp

started time in 2 months

push eventHappyTobi/credhub

Tobias Schug

commit sha c54e186a95d8af97705acbd153d0d6b9ba7e4fd2

UPDATE add missing certificate field

view details

Tobias Schug

commit sha e064b56dd1d5c2cd36aa954eb7b5956fb20f9a30

UPDATE add more tests to check certificate ca combinations

view details

Tobias Schug

commit sha 9a6ebf7889c478c75636c3de88724ac83ce40ea6

FIX accept a ca certificate without ca flag when equals to cert

view details

push time in 2 months

Pull request review commentcloudfoundry-incubator/credhub

FIX accept CA Certificate without CA flag

 public void whenCAValueIsNotACertificateAuthority_isInvalid() {       CertificateSetRequest.class     ); +    assertThat(violations.size(), equalTo(0));

Thanks I checked the code again and yes that's not correct. At the test there should be an violation but not the "old one" there should be the violation CERTIFICATE_WAS_NOT_SIGNED_BY_CA I will change that.

HappyTobi

comment created time in 2 months

Pull request review commentcloudfoundry-incubator/credhub

FIX accept CA Certificate without CA flag

 import org.cloudfoundry.credhub.validators.ValidCertificateLength @MutuallyExclusive(message = ErrorMessages.MIXED_CA_NAME_AND_CA, fields = ["ca", "caName"]) @ValidCertificateLength(message = ErrorMessages.INVALID_CERTIFICATE_LENGTH, fields = ["certificate", "ca"]) @RequireValidCertificate(message = ErrorMessages.INVALID_CERTIFICATE_VALUE, fields = ["certificate"])-@RequireCertificateSignedByCA(message = ErrorMessages.CERTIFICATE_WAS_NOT_SIGNED_BY_CA, fields = ["ca"])+@RequireCertificateSignedByCA(message = ErrorMessages.CERTIFICATE_WAS_NOT_SIGNED_BY_CA, fields = ["certificate","ca"])

Yes I will do that

HappyTobi

comment created time in 2 months

Pull request review commentcloudfoundry-incubator/credhub-acceptance-tests

UPDATE Import certs without ca flag

 var _ = Describe("Import/Export test", func() { 			Expect(getTrimmedCertificateForComparison(intermediateSignedLeafCredPath)).To(Equal(intermediateSignedLeaf)) 		}) 	})++	When("Importing an export a self signed cert without a ca", func() {+		const (+			credentialRootPath = "/bruce"+			selfSignedCertPath = credentialRootPath + "/bruce-self-cert"+		)++		var (+			session    *Session+			exportFile *os.File+		)++		BeforeEach(func() {+			var err error+			exportFile, err = ioutil.TempFile("", "export-data")+			Expect(err).NotTo(HaveOccurred())++			session = RunCommand("generate",+				"--name", selfSignedCertPath,+				"--type", "certificate",+				"--self-sign",+				"--common-name", "bruce-ca",+			)+			Expect(session).To(Exit(0))+		})++		AfterEach(func() {+			session = RunCommand("delete",+				"--path", credentialRootPath,+			)+			Expect(session).To(Exit(0))+		})++		It("should restore the exported credentials", func() {+			selfSignedCert := getTrimmedCertificateForComparison(selfSignedCertPath)++			session = RunCommand("export",+				"--path", credentialRootPath,+				"--file", exportFile.Name(),+			)+			Expect(session).To(Exit(0))++			session = RunCommand("delete",+				"--path", credentialRootPath,+			)+			Expect(session).To(Exit(0))++			session = RunCommand("import",+				"-f", exportFile.Name(),+			)+			Expect(session).To(Exit(0))++			Expect(getTrimmedCertificateForComparison(selfSignedCertPath)).To(Equal(selfSignedCert))+		})+	}) }) -	func getTrimmedCertificateForComparison(name string) map[string]interface{}{-		session = RunCommand("get", "--name", name)-		Expect(session).To(Exit(0))+func getTrimmedCertificateForComparison(name string) map[string]interface{} {

Yes

HappyTobi

comment created time in 2 months

push eventHappyTobi/credhub-acceptance-tests

Tobias Schug

commit sha de0c4993a311fb6f39575ab72ddffbee3a97be8d

UPDATE ginkgo installation comment

view details

Tobias Schug

commit sha 40df32dd7855a08e439fe266f0a5b4538c0dc514

UPDATE format code

view details

Tobias Schug

commit sha e9c551b69de83faf5fd25bbd8e32ad4934f1d7b2

NEW add test for credhub ca validation test

view details

push time in 2 months

Pull request review commentcloudfoundry-incubator/credhub-acceptance-tests

UPDATE Import certs without ca flag

 var _ = Describe("Import/Export test", func() { 			Expect(getTrimmedCertificateForComparison(intermediateSignedLeafCredPath)).To(Equal(intermediateSignedLeaf)) 		}) 	})++	When("Importing an export a self signed cert without a ca", func() {+		const (+			credentialRootPath = "/bruce"

Yes, I will change that. :-D

HappyTobi

comment created time in 2 months

Pull request review commentcloudfoundry-incubator/credhub-acceptance-tests

UPDATE Import certs without ca flag

 See additional repos for more info:  ### Get prerequisites -Ensure that you have a local version of the CredHub CLI checked out in your $GOPATH+Ensure that you have a local version of the CredHub CLI and ginkgo checked out in your $GOPATH +Install the CredHub CLI ```sh go get code.cloudfoundry.org/credhub-cli ``` +To install grinkgo see [grinkgo installation](https://github.com/onsi/ginkgo#global-installation)

Yes I will change that and add the readme in a separate commit.

HappyTobi

comment created time in 2 months

push eventHappyTobi/HappyTobi

Tobias Schug

commit sha b510c91444216be0b327d81c838d369d74938d84

Update README.md

view details

push time in 2 months

create barnchHappyTobi/HappyTobi

branch : master

created branch time in 2 months

created repositoryHappyTobi/HappyTobi

created time in 2 months

issue commentcloudfoundry-incubator/credhub

Importing a self-signed certificate not possible

Hi all,

The CredHub and CredHub acceptance test was done

CredHub PR: #150 CredHub acceptance test PR: #7

Kind regards

dueckminor

comment created time in 2 months

pull request commentcloudfoundry-incubator/credhub

FIX accept CA Certificate without CA flag

Hi @bruce-ricard,

I just created the PR for the credhub-acceptance-tests

Kind regards Tobi

HappyTobi

comment created time in 2 months

PR opened cloudfoundry-incubator/credhub-acceptance-tests

UPDATE Import certs without ca flag

Hi all,

I just added the test for the latest PR / Change at CredHub plus a small README Update

With the new test, it's possible to validate that the import of a self signed certificate (without a "valid" ca was working)

CredHub PR: #150 CredHub Issue: #134

Other PR (that will be rejected but good to know) #139

Kind regards Tobi

+70 -11

0 comment

2 changed files

pr created time in 2 months

create barnchHappyTobi/credhub-acceptance-tests

branch : import_cert_without_cat

created branch time in 2 months

startedmanosim/gitify

started time in 2 months

pull request commentcloudfoundry-incubator/credhub

FIX accept CA Certificate without CA flag

Hi @bruce-ricard,

Thx!

I will also create a PR for the credhub-acceptance-tests.

Kind regards Tobi

HappyTobi

comment created time in 2 months

PR opened cloudfoundry-incubator/credhub

FIX accept CA Certificate without CA flag

Hi @bruce-ricard

based on the comments of the PR: #139 and the Issue of: #134 the new PR just implement / change the validation of the CA Certificate that we didn't break anything here.

Now there will be no error thrown if you try to import a CA Certificate that it not "valid" (doesn't contain the CA:true flag) The import will be only accepted if the CA is the same as the certificate else the same logic as before will be used.

I also clean up the code a little bit and try that the CAValidator will look like CertificateSignedByCAValidator. I also added CA and the CERTIFICATE fields at the Annotations - CertificateCredentialValue.kt (Not required because we didn't use the String[] fields anymore but its more verbose that everyone can see what kind of fields will be used at the validator

Kind regards Tobi

+81 -15

0 comment

4 changed files

pr created time in 2 months

create barnchHappyTobi/credhub

branch : validate_ca_certificate

created branch time in 2 months

startedpnpm/pnpm

started time in 2 months

pull request commentcloudfoundry-incubator/credhub

FIX Generate self signed certificate without the ca flag #134

Hi @bruce-ricard

Thanks for your Answer.

Hello @HappyTobi .

Thank you for your PR!

You wrote:

it was not correct to export a Certificate as a CA when you didn't pass the is_ca flag or a valid (known) ca that should be used to sign the certificate.

First of all, I believe that instead of

the is_ca flag

you must have meant

the --self-signed flag

didn't you?

No, when you are just using the --self-signed flag, your cert will be signed by the cert itself. (But the cert has no CA:true flag as property)

With the usage of --self-signed and is_ca the cert will be also signed with the cert it self, but it will also get the CA:true flag.

Now, more importantly, I don't believe that I agree with you on that. A "self-signed certificate" is NOT unsigned, it is indeed self-signed, meaning signed by itself. If you try to curl an HTTPS endpoint of a webserver using a self-signed certificate, you'll first get an SSL verification error. If you add the --cacert server.crt option to your curl, where server.crt is your self-signed certificate (which also happens to be its own CA certificate), then the curl passes.

Yes that's correct (sorry if my comment was misunderstanding)

IMHO it makes a lot of sense to add the self-signed certificate in the ca field. If anything else, it's a lot easier for automation: if an SSL client wants to contact an SSL server using certificate C, just go get C.ca from Credhub, and add it to your Client's trusted CAs. Even-though the certificate says CA: false when you parse it, it appears that clients are happy to use it as a CA to validate server certificates.

Thats true! It's not needed for validating certificates or a certificate chain, but if you read the ietf documentation the ca certificate should contain the ca:true constraint to be conforming CA certificate. (That's what I understand when I read the documentation) See: https://tools.ietf.org/html/rfc5280#section-4.2.1.2

The Credhub server appears to enforce during an import that all CA certificates are CA: true, and maybe that's what we should rather fix.

Think that's a point you should think of. If you say that all conforming CA Certificates have the CA:true attribute then the check of today is correct and we should change the exports else you have to think of.

Because of this, I don't believe we'd want to accept this PR. But I am always very happy to keep the conversation going, and hear from you if you have any thoughts or disagreements about what I wrote above.

Thank you again for your interest and your time. You're welcome.

I'm also happy to hear something from you about my comments.

Kind regards

HappyTobi

comment created time in 2 months

push eventHappyTobi/dotfiles

Tobias Schug

commit sha f8c3d24ff0a226b395ea90bd754802b56e7012ea

Update deprecated features

view details

push time in 2 months

pull request commentcloudfoundry/bosh-azure-cpi-release

UPDATE enable https traffic only as default

Hi @mrosecrance,

I changed to options to pass a config value to enable / disable that option. Can you please check that again?

Kind regards

HappyTobi

comment created time in 2 months

push eventHappyTobi/bosh-azure-cpi-release

Tobias Schug

commit sha d5c968379bd151e32ede5f01bbdaa9a9967d61f5

UPDATE add param to enable secure storage traffic

view details

push time in 2 months

pull request commentcloudfoundry/bosh-azure-cpi-release

UPDATE enable https traffic only as default

Hi @mrosecrance,

I will change the option as a parameter

HappyTobi

comment created time in 2 months

startedgoreleaser/goreleaser

started time in 2 months

startedgofiber/recipes

started time in 2 months

startedtauri-apps/tauri

started time in 2 months

fork HappyTobi/yaml2json

a command line tool convert from yaml to json

fork in 2 months

push eventHappyTobi/dotfiles

Tobias Schug

commit sha f260fc8a580a4f19aaf39903d6e056a9ae38c798

Update some settings

view details

Tobias Schug

commit sha 2d1f03279a44947910e222d961c24dbc59a40bde

New tmux config

view details

Tobias Schug

commit sha 1cee503902a03ac467f0dc3d09b2c080cecb9bde

FIX path

view details

push time in 2 months

startednetty/netty

started time in 2 months

PR opened terraform-providers/terraform-provider-azurerm

azurerm_network_interface_application_security_group_association fix example

Hi all,

I just updated the example because the attribute application_security_group_ids was not allowed at that point.

Kind regards

+0 -1

0 comment

1 changed file

pr created time in 3 months

push eventHappyTobi/terraform-provider-azurerm

Tobias Schug

commit sha 1144ae9f3fcd8ff35016e9c8ac3998f7ca632bca

azurerm_network_a_s_g_association doc fix

view details

push time in 3 months

push eventHappyTobi/terraform-provider-azurerm

Steve

commit sha 5da16bb4d9d6c3e7374279a85675d009f28460da

Merge pull request #6925 from terraform-providers/e/role-assignment-consistency

view details

Steve

commit sha 0f78094debfbd8fdd8c41210a2793b695e6c5304

Update for #6925

view details

Tom Harvey

commit sha 5718d547f63435437f291f0b50796b3d661df1c5

Merge pull request #6923 from MrDanao/subnet-nat-gateway-assoc-doc-title Fix azurerm_subnet_nat_gateway_association documentation title

view details

Tom Harvey

commit sha 7968f49d0acaf55a4a9a2d9ba5289b402d7bc7b6

Merge pull request #6917 from ArcturusZhang/fix-vmss-overprovisioned r/`azurerm_linux|windows_virtual_machine_scale_set` - updating do_not_run_extensions_on_overprovisioned_machines

view details

Tom Harvey

commit sha 7a6e8da23289ca27aafb8eec3cac3b3a22dea587

updating to include #6917

view details

kt

commit sha a061bca1cf6e6acf46885ff7fa24daaeb6936b45

update CHANGELOG.md to include #6723

view details

Sune Keller

commit sha 7a9a656cc6c7a876efc4948bc002cde3ad0fd8a1

azurerm_api_management - support key_vault_id's without a version (#6723) Fixes #4408.

view details

kt

commit sha e1d441856b43820ee20f468af6bd9f8b37b0baef

azurerm_postgres_server - support for threat_detection_policy (#6721)

view details

kt

commit sha 0e33974d7dca00acb8159ffb70a6041116141a15

update CHANGEloG.md to include #6721

view details

Chang Li

commit sha 38d4961e1ca662e43c636b015069a837641c3aad

Fix duplicate provider configuration in storage tests (#6748)

view details

Winston Frick

commit sha a07b82305f5a63329ccf9efdd286b083f525fbe6

Address PR comments

view details

Yuping Wei

commit sha 00aaff23a22bb72e2d0fd71901dadd672b90b7a7

`azurerm_api_management_diagnostic` - support required property `api_management_logger_id` (#6682) fix #6619 This will be a breaking change for it adds a required field "logger_id" === RUN TestAccAzureRMApiManagementDiagnostic_basic === PAUSE TestAccAzureRMApiManagementDiagnostic_basic === CONT TestAccAzureRMApiManagementDiagnostic_basic --- PASS: TestAccAzureRMApiManagementDiagnostic_basic (2498.17s) === RUN TestAccAzureRMApiManagementDiagnostic_update === PAUSE TestAccAzureRMApiManagementDiagnostic_update === CONT TestAccAzureRMApiManagementDiagnostic_update --- PASS: TestAccAzureRMApiManagementDiagnostic_update (2566.13s) === RUN TestAccAzureRMApiManagementDiagnostic_requiresImport === PAUSE TestAccAzureRMApiManagementDiagnostic_requiresImport === CONT TestAccAzureRMApiManagementDiagnostic_requiresImport --- PASS: TestAccAzureRMApiManagementDiagnostic_requiresImport (2330.79s) PASS (also fixes #6104)

view details

kt

commit sha c8ec0d84e30227c1bfac0a94a439b2da08d12069

update CHANGELOG.md to include #6682

view details

tf-release-bot

commit sha 69e017588a2447071b52705ce4f7f6392f498327

v2.10.0

view details

tf-release-bot

commit sha 5e53ba67e213398fceb9554d4a4171017cf4d89c

Cleanup after v2.10.0 release

view details

yupwei68

commit sha fff36ea0364acbd3cf78bc96869926cccb82bcb9

Merge branch 'master' of https://github.com/terraform-providers/terraform-provider-azurerm

view details

Sebastian Rosander

commit sha 6425c5a74d31696105b5ad75c91e788e1926108b

Added support for scm ip restrictions.

view details

Jochen Rauschenbusch

commit sha c69699fdb87458e4497a52ebb1c909d6ef72d544

fix: eventgrid id parsers

view details

Chang Li

commit sha 9a280cb24e5c78b2d2c7df01336f459614573474

Support 'PATCH' method in corsRule with blob properties

view details

Sebastian Rosander

commit sha f215a5d28f795fce2bcef738ee5f77c37802a1fb

added functionality for scm_ip_restriction - allow or deny & added to data source.

view details

push time in 3 months

startedcrazybber/awesome-patterns

started time in 3 months

startedmermaid-js/mermaid

started time in 3 months

startedThiht/smocker

started time in 3 months

startedlumaxis/snippet-copy

started time in 3 months

startedfelixge/fgprof

started time in 3 months

fork HappyTobi/fiber

⚡️ Fiber is an Express inspired web framework written in Go with ☕️

https://gofiber.io

fork in 3 months

push eventHappyTobi/dotfiles

Tobias Schug

commit sha 2d30c8f4aced38e3e229977da7a334c01e958240

UPDATE refactor and add some new stuff

view details

push time in 3 months

more