lox

steps:
  - label: ":key: Test OIDC Token"
    command: |
      # Request an OIDC token
      echo "--- :buildkite: Requesting OIDC token"
      BUILDKITE_OIDC_TOKEN="$(buildkite-agent oidc request-token)"
      
      echo "--- :mag: Token details"
      # Print token (redacted in logs for security)
      echo "Token: \$BUILDKITE_OIDC_TOKEN"

lox

Step Templates

As there get to be more Buildkite plugins that are useful, the challenge is they clutter up pipelines and it's hard to make cross-cutting changes to the plugin configuration.

What if there was top-level block for creating templates for steps that was basically just top-level properties that would be copied to the steps?

It's an incremental solution vs a redesign of plugins, but it would allow for much cleaner templates.

The attached example is a very simple pipeline, but I've seen long pipelines with lots and lots of plugins, it's a mess!

lox

import os
import argparse
import requests
from datetime import datetime

# Define the parser for command line arguments
parser = argparse.ArgumentParser(description='Groq Whisper transcribe')
parser.add_argument('file', type=str, help='Audio file to transcribe')
parser.add_argument('--output_file', type=str, help='File to write output', default="transcription.txt")
args = parser.parse_args()

lox

# Check for Nvidia Hardware
lspci | grep -i nvidia

# Update
apt update
apt upgrade

# Install Nvidia drivers
apt install nvidia-driver-535 nvtop

lox

# https://help.drata.com/en/articles/4994112-gcp-connection-details

# Create a new project for Drata Integration
resource "google_project" "drata" {
  name                = var.project_name
  project_id          = var.project_id
  org_id              = var.org_id
  billing_account     = var.billing_account_id
  auto_create_network = false
}

lox

import { BatchInterceptor } from '@mswjs/interceptors'
import { ClientRequestInterceptor } from '@mswjs/interceptors/ClientRequest'
import { FetchInterceptor } from '@mswjs/interceptors/fetch'
import http from 'http'

const interceptor = new BatchInterceptor({
  name: 'my-interceptor',
  interceptors: [new ClientRequestInterceptor(), new FetchInterceptor()],
})

lox

// See https://cloud.namespace.so/docs/federation/gcp

locals {
  roles = [
    "roles/resourcemanager.projectIamAdmin", # allow managing identity
    "roles/editor",                          # allow to manage all resources
    "roles/iam.serviceAccountAdmin",         # allow to manage service accounts
  ]
}

lox

addEventListener('fetch', (event) => {
  event.respondWith(handleRequest(event.request))
})

/**
 * Intercept requests and redirect to Firestore API
 * @param {Request} request
 */
async function handleRequest(request) {
  const url = new URL(request.url)

lox

#!/bin/bash

# Enable bash strict mode
set -euo pipefail
IFS=$'\n\t'

# Disable the pager for aws commands (no less on the host)
export AWS_PAGER=""

# Get the log group arn as a parameter and cut the group name out of it

lox

#!/bin/bash
set -euo pipefail

# Buildkite pre-bootstrap hook that fails a build if there are any
# dangerous environment variables set.

blocklist=(
  # General Linux
  "PATH"                # Executable search path
  "LD_PRELOAD"          # Preloaded shared libraries