Glen Yu Neutrollized

## cloudbuild.yaml
---
steps:
- id: 'Lint Dockerfile'
  name: 'ghcr.io/hadolint/hadolint'
  entrypoint: '/bin/hadolint'
  args: ['cloud-run/Dockerfile']
- id: 'Build container image'
  name: 'gcr.io/cloud-builders/docker'
  args: ['build', '-t', '${_GAR_REGION}-docker.pkg.dev/${PROJECT_ID}/${_GAR_REPO_NAME}/vault-server:${COMMIT_SHA}', '-f', 'cloud-run/Dockerfile', '.']
- id: 'Image efficiency scan'

## tf_benchmark.py
#! /usr/bin/env python3

import tensorflow as tf
import tensorflow_datasets as tfds


(ds_train, ds_test), ds_info = tfds.load(
    'mnist',
    split=['train', 'test'],
    shuffle_files=True,

## vault-auth.sh
#!/bin/bash

export VAULT_ADDR='http://127.0.0.1:8100'

TOKEN_FILE_DIR='/path/to/dir'
TOKEN_FILENAME='vault-token-via-agent'

AUTOAUTH_TOKEN=$(find ${TOKEN_FILE_DIR} -type f -name ${TOKEN_FILENAME} -exec cat {} +)

ROLE_ID=$(VAULT_TOKEN=${AUTOAUTH_TOKEN} vault read -field=role_id auth/medium/role/jenkins/role-id)

## vault-agent.hcl
vault {
  address = "https://10.234.56.78:8200"
  retry {
    num_retries = 3
  }
}

auto_auth {
  method "gcp" {
    mount_path = "auth/my-project-123"

## bindings.hcl
resource "//cloudresourcemanager.googleapis.com/projects/my-project-123" {
  roles = [
    "roles/compute.instanceAdmin.v1",
    "roles/compute.networkAdmin",
    "roles/compute.securityAdmin",
    "roles/iam.serviceAccountUser",
  ]
}

## store_route.yaml
---
kind: HTTPRoute
apiVersion: gateway.networking.k8s.io/v1alpha2
metadata:
  name: store
  namespace: store-ns
spec:
  parentRefs:
  - kind: Gateway
    name: external-http

## store.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: store-v1
  namespace: store-ns
spec:
  replicas: 2
  selector:
    matchLabels:

## gateway.yaml
---
kind: Gateway
apiVersion: gateway.networking.k8s.io/v1alpha2
metadata:
  name: external-http
  namespace: infra-ns
spec:
  gatewayClassName: gke-l7-gxlb
  listeners:
  - name: http

## gke_ingress.yaml
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: gxlb-ingress
  namespace: default
  annotations:
    kubernetes.io/ingress.class: "gce"
    kubernetes.io/ingress.allow-http: "true"
spec:

## nginx_ingress_rewrite.yaml
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx-ingress-rewrite
  annotations:
    kubernetes.io/ingress.class: "nginx"
    nginx.ingress.kubernetes.io/ssl-redirect: "false"
    nginx.ingress.kubernetes.io/rewrite-target: /$2
spec:
	---
	steps:
	- id: 'Lint Dockerfile'
	name: 'ghcr.io/hadolint/hadolint'
	entrypoint: '/bin/hadolint'
	args: ['cloud-run/Dockerfile']
	- id: 'Build container image'
	name: 'gcr.io/cloud-builders/docker'
	args: ['build', '-t', '${_GAR_REGION}-docker.pkg.dev/${PROJECT_ID}/${_GAR_REPO_NAME}/vault-server:${COMMIT_SHA}', '-f', 'cloud-run/Dockerfile', '.']
	- id: 'Image efficiency scan'
	#! /usr/bin/env python3

	import tensorflow as tf
	import tensorflow_datasets as tfds


	(ds_train, ds_test), ds_info = tfds.load(
	'mnist',
	split=['train', 'test'],
	shuffle_files=True,
	#!/bin/bash

	export VAULT_ADDR='http://127.0.0.1:8100'

	TOKEN_FILE_DIR='/path/to/dir'
	TOKEN_FILENAME='vault-token-via-agent'

	AUTOAUTH_TOKEN=$(find ${TOKEN_FILE_DIR} -type f -name ${TOKEN_FILENAME} -exec cat {} +)

	ROLE_ID=$(VAULT_TOKEN=${AUTOAUTH_TOKEN} vault read -field=role_id auth/medium/role/jenkins/role-id)
	vault {
	address = "https://10.234.56.78:8200"
	retry {
	num_retries = 3
	}
	}

	auto_auth {
	method "gcp" {
	mount_path = "auth/my-project-123"
	resource "//cloudresourcemanager.googleapis.com/projects/my-project-123" {
	roles = [
	"roles/compute.instanceAdmin.v1",
	"roles/compute.networkAdmin",
	"roles/compute.securityAdmin",
	"roles/iam.serviceAccountUser",
	]
	}
	---
	kind: HTTPRoute
	apiVersion: gateway.networking.k8s.io/v1alpha2
	metadata:
	name: store
	namespace: store-ns
	spec:
	parentRefs:
	- kind: Gateway
	name: external-http
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: store-v1
	namespace: store-ns
	spec:
	replicas: 2
	selector:
	matchLabels:
	---
	kind: Gateway
	apiVersion: gateway.networking.k8s.io/v1alpha2
	metadata:
	name: external-http
	namespace: infra-ns
	spec:
	gatewayClassName: gke-l7-gxlb
	listeners:
	- name: http
	---
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: gxlb-ingress
	namespace: default
	annotations:
	kubernetes.io/ingress.class: "gce"
	kubernetes.io/ingress.allow-http: "true"
	spec: