Skip to content

Instantly share code, notes, and snippets.

View abdennour's full-sized avatar
🌴
On vacation

abdennour abdennour

🌴
On vacation
248 followers · 6 following
View GitHub Profile
@abdennour
abdennour / 00-entity-vs-alias-vault.png
Last active July 16, 2020 09:43
Vault Human Authentication : Entity vs Alias
00-entity-vs-alias-vault.png
@abdennour
abdennour / 00-about.html
Last active March 23, 2023 15:09
Vault AppRole Auth Method - Grant Access To App (Jenkins) to get secrets from Vault
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAysAAAFUCAYAAAAkvKNhAAAAAXNSR0IArs4c6QAAQABJREFUeAHsnQeAFMXSgIuckyJJRESfAUQUlIwkQREUJUlQAUHMOef0zPmZE4qBjAqKJFEQJCmKYlYEURAVERAkM3997d/L3HJ3XNi9292r1mVnZ3o6fDM309UVulCgSSwZASNgBIyAETACRsAIGAEjYAQSjEDhBGuPNccIGAEjYASMgBEwAkbACBgBI+AImLBiN4IRMAJGwAgYASNgBIyAETACCUnAhJWEvCzWKCNgBIyAETACRsAIGAEjYARMWLF7wAgYASNgBIyAETACRsAIGIGEJGDCSkJeFmuUETACRsAIGAEjYASMgBEwAias2D1gBIyAETACRsAIGAEjYASMQEISMGElIS9LajXq119/le+++0527NiRWh3T3vz222/y9ddfy/bt2+Patz/++EO++uor2bZtW0zq2bRpk8yePVumTJki33zzjezcuTMm5VohRsAIGAEjYASMgBGIJYGisSwskcv6+eef3WDvhx9+kH79+knFihVj0lzK/fDDD+Wzzz6T33//Xfbaay857LDD5Oijj5b69etLoUKFYlJPMhfy4IMPyoQJExynffbZR7Zu3SpTp06VGjVqSMOGDZO5a/LUU0/Jc889JwsXLpRq1arFrS/Dhg2Tu+66S7744gvHLTcVrV69Wvr06ePu2UqVKsl+++0nr7/+upQvXz43xdq5RsAIGAEjYASMgBGIOYGUF1YYGA8YMEDmzJkjzPAzODv11FNzLawwE/3aa6/J1Vdf7QbfCCYVKlSQzz//XJ555hmpXbu2zJs3T0qXLh3zi5ZegcyUFy9eXIoUKZLe4Xzd988//8i6devErz/6999/S+/evaV79+7CIDyZE9zXrl0bd83E5s2bY1bP2LFj5d1335WZM2fKkUceKWvWrMmz+zSZr7W13QgYASNgBIyAEch7Aikv
@abdennour
abdennour / keycload_oauth.md
Created July 11, 2020 09:23
Keycloak + Oauth2-proxy

I deployed the keycloak-operator as in whats described on operatorhub.io then created a client like:

apiVersion: keycloak.org/v1alpha1
kind: KeycloakClient
metadata:
  name: foo
  namespace: my-keycloak-operator
 labels:
@abdennour
abdennour / auth_user_keys_kubeconfig.md
Last active July 15, 2020 10:11
Kubernetes kubectl Authenticate with Keys ClusterRoleBinding RBAC
@abdennour
abdennour / USAGE.md
Created July 4, 2020 11:06
Generate Load with Apache Benchmark - AB - thru Kubernetes 
chmod +x ab;
./ab -n 10000 -c 900 -s 300 ${url}

-n : total number of requests -c : concurrent requests ( 900 simultaneously ) -s : timeout in second

@abdennour
abdennour / Dockerfile
Created June 27, 2020 04:27
Encrypt tar gz file in Dockerfile
FROM alpine:3.12
RUN apk add --update --no-cache openssl
WORKDIR /src
COPY . .
WORKDIR /dest
ARG KEY
ENV KEY=${KEY}
# compress them &&
RUN tar -C /src -cvzf clear.tgz . &&\
openssl enc -aes-256-cbc -in clear.tgz -out notclear.tgz.enc -pass env:KEY && \
@abdennour
abdennour / config.yaml
Created June 16, 2020 03:30
Seed Job for Declarative Pipelines with Bitbucket
projects:
- name: PROJA
owner: myteam
repositories:
- name: kito
- name: bito
- name: IDEAS
owner: myteam
repositories:
- name: ideas
@abdennour
abdennour / Jenkinsfile.groovy
Created June 8, 2020 05:43
pipeline {
agent any
stages {
stage('Build') {
parallel {
stage("build-ui") {
agent {
@abdennour
abdennour / offline_pull_images
Created May 28, 2020 17:44
Offline Cluster 1 - Pull images from the proxy registry
#!/bin/bash
echo "If you want to make quay.io/coreos/flannel:v0.11.0-amd64 available in the machine :"
echo "- Example Run : ${0} quay.io/coreos/flannel/v0.11.0-amd64"
echo "- Example Run : ${0} myapp-pod.yaml "
echo "- Example Run : ${0} http://some.thing/myapp-pod.yaml "
private_registry=${2}
regex_remote='^(https?|ftp)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]\.[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]$'
@abdennour
abdennour / ReadVaultSecret.groovy
Last active May 21, 2020 15:30
Jenkins steps for vault
#!/usr/bin/env groovy
def call(body){
def config = [:]
body.resolveStrategy = Closure.DELEGATE_FIRST
body.delegate = config
body()
def splited = config.secretPath.split('@')
def chartPath = config.chartPath