Microsoft has been making a lot of inroads in the Open Source and Linux communities lately. Linux and Unix purists undoubtedly have been skeptical of this recent shift. Canonical for example, has caught flak for partnering with Microsoft recently. But the times are changing, so instead of resenting this progress, I chose to embrace it. I’ll even admit that I actually like many of the Open Source contributions Microsoft has been making – including a flourishing Github account, as well as an increasingly rich, and cross platform platform set of tools that includes Visual Studio Code, Ubuntu/Bash for Windows, .NET Core and many others.
If you want to take the latest and greatest in Powershell v6 for a spin on a Linux system, I recommend using a Docker container if available. Otherwise just spin up an Ubuntu (14.04+) VM and you should be ready. I do not recommend trying out Powershell for any type of workload outside of experimentation, as it is still in alpha for Linux. The beta v6 release (with Linux support) is around the corner but there is still a lot of ground that needs to be covered to get there. Since Powershell is Open Source you can follow the progress on Github!
If you use the Docker method, just pull and run the container:
docker run -it --rm ubuntu:16.04 bash
Then add the Microsoft Ubuntu repo:
# apt-transport-https is needed for connecting to the MS repo
apt-get update && apt-get install curl apt-transport-https
If it worked, you should see a message for Powershell and a new command prompt:
# powershell
PowerShell
Copyright (C) 2016 Microsoft Corporation. All rights reserved.
PS />
Congratulations, you now have Powershell running in Linux. To take it for a spin, try a few commands out.
Write-Host "Hello Wordl!"
This should print out a hello world message. The Linux release is still in alpha, so there will surely be some discrepancies between Linux and Windows based systems, but the majority of cmdlets should work the same way. For example, I noticed in my testing that the terminal was very flaky. Reverse search (ctrl+r) and the Get-History cmdlet worked well, but arrow key scrolling through history did not.
You can even run Powershell on OSX now if you choose to. I haven’t tried it yet, but is an option for those that are curious. Needless to say, I am looking for the
Does the Windows built-in version of “curl” confuse or intimidate you? Maybe you come from a Linux or Unix background, and yearn for some of your favorite go-to tools? Newer versions of Powershell include a cmdlet for interacting with the web called Invoke-WebRequest, which is useful, but is not a great drop in replacement for those with experience in non Windows environments. The Powershell cmdlets are a move in the right direction to unifying CLI experiences but there are still many folks that have become attached to curl over the years, including myself. It is worth noting that a Windows compatible version of curl has existed for a long time, however it has always been a nuisance dealing with the zip file, just as using SSH has always been a hassle on Windows. It has always been possible to use the *nix equivalent tools, it is just clunky.
I found a low effort solution for adding curl to my Windows CLI flow, that acts as a nice middle ground between learning Invoke-WebRequest and installing curl binaries directly, which I’d like to share. This alias trick is a simple way to use curl for working with API’s and other various web testing in Windows environments without getting tangled in managing versions, and dealing with vulnerabilities. Just download the latest Docker image to update curl to the newest version, and don’t worry about its implementation across different systems.
Prerequisites are light. First, make sure to have the Docker for Windows app installed (stable or beta are both fine) as well as a semi-recent version of Powershell.
Next step. If you haven’t set up a Powershell profile, there are also lots of links and resources about how to do it. I even wrote about it recently, so I am skipping that step as well. Start by adding the following snippet to your Powershell profile (by default located in C:\Users\<user>\Documents\WindowsPowerShell\Microsoft.PowerShell_profile.ps1) and saving.
# Curl alias using docker
function Docker-Curl {
docker run --rm byrnedo/alpine-curl $args
}
# Aliases
New-Alias dcurl Docker-Curl
Then source you terminal and run the curl command that was just created.
dcurl -h
One issue you might notice from the snippet above is that the Docker image is not an “official” image. If this bothers you (security concerns, etc.), it is really easy to create your own, secure image. There are lots of examples of how to create minimal images with Curl pre-installed. Just be aware that your custom image will need to be maintained and occasionally rebuilt/published to guard against future vulnerabilities. For brevity, I have skipped this process, but here’s an example of creating a custom image.
Optional
To update curl, just run the docker pull command.
docker pull apline-curl
Now you have the best of both worlds. The built-in Invoke-WebRequest cmdlet provided by Powershell is available, as well as the venerable curl command.
My number one case for using curl in a container is that it has been in existence for such a long time (less bugs and edge cases) and it can be used for nearly any web related task. It is also much handier to use curl for those with a background using *nix systems, rather than digging around in unfamiliar Powershell docs for similar functionality. Having the ability to run some of my favorite tools in an easy, reproducible way on Windows has been a refreshing experience while sliding back into the Windows world.
We have all heard about DNS catastrophes. I just read about horror story on reddit the other day, where an Azure root DNS zone was accidentally deleted with no backup. I experienced a similar disaster a few years ago – a simple DNS change managed to knock out internal DNS for an entire domain, which contained hundreds of records. Reading the post hit close to home, uncovering some of my own past anxiety, so I began poking around for solutions. Immediately, I noticed that backing up DNS records is usually skipped over as part of the backup process. Folks just tend to never do it, for whatever reason.
I did discover, though, that backing up DNS is easy. So I decided to fix the problem.
I wrote a simple shell script that dumps out all Route53 zones for a given AWS account to a json file, and uploads the zones to an S3 bucket. The script is a handful lines, which is perfect because it doesn’t take much effort to potentially save your bacon.
If you don’t host DNS in AWS, the script can be modified to work for other DNS providers (assuming they have public API’s).
Here’s the script:
#!/usr/bin/env bash
set -e
# Dump route 53 zones to a text file and upload to S3.
BACKUP_DIR=/home/<user>/dns-backup
BACKUP_BUCKET=<bucket>
# Use full paths for cron
CLIPATH="/usr/local/bin"
# Dump all zones to a file and upload to s3
function backup_all_zones () {
local zones
# Enumerate all zones
zones=$($CLIPATH/aws route53 list-hosted-zones | jq -r '.HostedZones[].Id' | sed "s/\/hostedzone\///")
for zone in $zones; do
echo "Backing up zone $zone"
$CLIPATH/aws route53 list-resource-record-sets --hosted-zone-id $zone > $BACKUP_DIR/$zone.json
done
# Upload backups to s3
$CLIPATH/aws s3 cp $BACKUP_DIR s3://$BACKUP_BUCKET --recursive --sse
}
# Create backup directory if it doesn't exist
mkdir -p $BACKUP_DIR
# Backup up all the things
time backup_all_zones
Be sure to update the <user> and <bucket> in the script to match your own environment settings. Dumping the DNS records to json is nice because it allows for a more programmatic way of working with the data. This script can be run manually, but is much more useful if run automatically. Just add the script to a cronjob and schedule it to dump DNS periodically.
For this script to work, the aws cli and jq need to be installed. The installation is skipped in this post, but is trivial. Refer to the links for instructions.
The aws cli needs to be configured to use an API key with read access from Route53 and the ability to write to S3. Details are skipped for this step as well – be sure to consult the AWS documentation on setting up IAM permissions for help with setting up API keys. Another, simplified approach is to use a pre-existing key with admin credentials (not recommended).
Update: Thanks to Torben Kerr for adding instructions for setting up these properties at the multibranch build level rather then for each Jenkinsfile. You can check out his “fix” here.
As the Jenkins pipeline functionality continues to rapidly evolve – the project documentation (or lack thereof), has been a consistent pain point as a user. Invariably, the documentation is either out of date or completely missing. I expect the docs to improve as the project matures, but for now, the cake is a lie. I ran into this roadblock recently, looking for a way to limit the number of concurrent builds that happen in Jenkins, using the pipeline. In all of my anguish, I hope this post will help others in avoiding the tediousness of finding the seemingly simple functionality of limiting concurrent builds, as well as give some insight into strategies for figuring out how to find undocumented features in Jenkins.
While this feature is fairly obvious for old-style Jenkins jobs, a simple check box in the job configuration – finding the same functionality for pipelines is seemingly non existent. Through extensive Googling and Stack Overflowing, I discovered this feature was recently added to the Multibranch plugin. Specifically, I found an issue in the (awful) issue tracker used by Jenkins, which in turn led me to uncover some code in a semi recent PR that basically allows concurrency to be turned on or off. Of course when I tried to use the code from the PR it didn’t work right away. So I had to go deeper.
Eventually, I stumbled across a SO post that discusses how to use the properties functionality of pipelines. Equipped with this new piece of information, I finally had enough substance to start playing around with the code. To make the creation of pipelines easier, Jenkins also recently added a snippet generator, which allows users to build out sample snippets quickly.
To use the snippet generator, either drill into an existing pipeline style job using a similar URL as below:
Or create a new job, and click on the “Pipeline Syntax” link after it has been created to test out different snippets.
Inside the snippet generator there are a number of “steps” to choose from. From the information I had already gathered, I just selected the properties step to create the basic skeleton of what I wanted and was able to use the disableConcurrentBuilds() function I found earlier. Below is a snippet of what the code in your Jenkinsfile might actually look like:
node {
// This oneliner is what limits concurrent builds
properties([disableConcurrentBuilds()])
// Do stuff
...
}
Yep. That’s it. Just make sure to put the properties() function at the beginning of the node block, otherwise concurrency won’t be adjusted right away and could lead to problems. Another thing to note; the step to disable concurrency could just as easily be moved into workflow libraries and applied at the global level and applied at the beginning of all jobs if you wanted to limit concurrency for all pipeline builds, since the code is just Groovy. Finally, the code will disable concurrent builds on a per branch basis. Essentially, if you push many different branches it will still build all of them, it will just limit each branch to one build at a time and will queue up jobs for any commits that get pushed after the initial job has been created. I know that is a mouthful. Let me know in the comments if this explanation needs any clarification.
While I love open source software, sometimes project’s move so fast that certain areas of it get neglected. I am thankful for things like Github, because I was able use it to piece together all the other information I found to come up with a solution. But, I would argue having good documentation not only saves folks like me the time and energy of the crazy searches, it also makes it much easier for potentially new users to look at, and understand what is going on. I will be 100% honest and say that Jenkins pipelines are not for the faint of heart, and I’m sure there are many others who will agree with this sentiment. I know it is easier said than done, but anything right now would be an improvement in my opinion.
One thing I have quickly discovered as I get acclimated to my new Windows machine is that by default the Windows Powershell CLI appends the executable file extension to the command that gets run, which is not the case on Linux or OSX. That got me wondering if it is possible to modify this default behavior and remove the extension. I’m going to ruin the surprise and let everybody know that it is definitely possible change this behavior, thanks to the flexibility of Powershell and friends. Now that the surprise is ruined, read on to find out how this solution works.
To check which file types Windows considers to be executable you can type $Env:PathExt.
The problem though, is that when you start typing in an extension that is part of this path, say python, and tab complete it, Windows will automatically append the file extension to the executable. Since I am more comfortable using a *nix style shell it is an annoyance having to deal with the file extensions.
Below I will show you a hack for hiding these from you Powershell prompt. It is actually much more work than I thought to add this behavior but with some help from some folks over at stackoverflow, we can add it. Basically, we need to overwrite the functionality of the default Powershell tab completion with our own, and then have that override get loaded into the Powershell prompt when it gets loaded, via a custom Profile.ps1 file.
To get this working, the first step is to look at what the default tab completion does.
(Get-Command 'TabExpansion2').ScriptBlock
This will spit out the code that handles the tab completion behavior. To get our custom behavior we need to override the original code with our own logic, which I have below (I wish I came up with this myself but alas). This is note the full code, just the custom logic. The full script is posted below.
The code looks a little bit intimidating but is basically just looking to see if the command is executable and on our system path, and if it is just strips out the extension.
So to get this all working, we need to create a file with the logic, and have Powershell read it at load time. Go ahead and paste the following code into a file like no_ext_tabs.ps1. I place this in the Powershell path (~/Documents/WindowsPowerShell), but you can put it anywhere.
To start using this tab completion override file right away, just source the file as below and it should start working right away.
. .\no_ext_tabs.ps1
If you want the extensions to be hidden every time you start a new Powershell session we just need to create a new Powershell profile (more reading on creating Powershell profiles here if you’re interested) and have it load our script. If you already have a custom profile you can skip this step.
New-Item -path $profile -type file -force
After you create the profile go ahead and edit it by adding the following configuration.
# Dot source not_ext_tabs to remove file extensions from executables in path
. C:\Users\jmreicha\Documents\WindowsPowerShell\no_ext_tabs.ps1
Close your shell and open it again and you should no longer see the file extensions.
There is one last little, unrelated tidbit that I discovered through this process but thought was pretty handy and worth sharing with other Powershell N00bs.
Powershell 3 and above provides some nice key bindings for jumping around the CLI, similar to a bash based shell if you are familiar or have a background using *nix systems.
You can check the full list of these key bindings by typing ctrl+alt+shift+? in your Powershell prompt (thanks Keith Hill for this trick).
