Skip to content

Instantly share code, notes, and snippets.

@damoodamoo
Created January 14, 2020 14:53
Show Gist options
  • Save damoodamoo/322c4c76e1fba775a08722463f787752 to your computer and use it in GitHub Desktop.
Save damoodamoo/322c4c76e1fba775a08722463f787752 to your computer and use it in GitHub Desktop.
Makefile for local webhook debugging
copy-running-certs:
kubectl get secret webhook-server-cert -n psc-system -o json | sed 's/ca.crt/cacrt/; s/tls.crt/tlscrt/; s/tls.key/tlskey/' > secrets.json
mkdir -p ./.running-keys
jq -r .data.cacrt < secrets.json | base64 --decode > ./.running-keys/ca.crt
jq -r .data.tlscrt < secrets.json | base64 --decode > ./.running-keys/tls.crt
jq -r .data.tlskey < secrets.json | base64 --decode > ./.running-keys/tls.key
mkdir -p /tmp/k8s-webhook-server/serving-certs
cp ./.running-keys/* /tmp/k8s-webhook-server/serving-certs/
rm secrets.json
create-local-certs:
mkdir -p .keys && openssl req -nodes -new -x509 -keyout ./.keys/ca.key -out ./.keys/ca.crt -subj "/CN=cronprimer CA"
openssl genrsa -out ./.keys/tls.key 2048
openssl req -new -key ./.keys/tls.key -subj "/CN=webhook-server.webhook.svc" | openssl x509 -req -CA ./.keys/ca.crt -CAkey ./.keys/ca.key -CAcreateserial -out ./.keys/tls.crt
mkdir -p /tmp/k8s-webhook-server/serving-certs
cp ./.keys/* /tmp/k8s-webhook-server/serving-certs/
# Deploy and configure ngrok debugger
ngrok-debug: SHELL:=/bin/bash
ngrok-debug:
ngrok tcp 9443 --region eu > /dev/null & \
sleep 3; \
kubectl set selector service/psc-webhook-service -n psc-system ""; \
sed -i "/^\([[:space:]]*- port: \).*/s//\1$$(curl -s localhost:4040/api/tunnels | jq -r '.tunnels[0].public_url | split(":")[-1]')/" debug/debug-endpoint.yaml; \
kubectl apply -f debug/debug-endpoint.yaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment