Skip to content

Instantly share code, notes, and snippets.

View dmc5179's full-sized avatar

Dan Clark dmc5179

46 followers · 8 following
  • Red Hat
View GitHub Profile
@dmc5179
dmc5179 / httpd_deployment.yaml
Created May 9, 2024 18:08
httpd pod test
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: httpd-pv-claim
labels:
app: httpd-frontend
spec:
accessModes:
- ReadWriteMany
@dmc5179
dmc5179 / nginx_stig.sh
Created February 22, 2024 01:03
NGINX STIG Check
#!/bin/bash
DETAILS=$(nginx -V 2>&1)
# 2.1.1 Ensure only required modules are installed (Manual)
#echo $DETAILS
# 2.1.2 Ensure HTTP WebDAV module is not installed (Automated)
echo -n '2.1.2: '
if [[ $DETAILS =~ 'http_dav_module' ]]; then echo 'fail'; else echo 'pass'; fi
@dmc5179
dmc5179 / snowball.sh
Last active January 24, 2024 15:19
OpenShift 4 on an AWS Snowball Edge
#!/bin/bash -xe
SNOWBALL_IP='192.168.1.240'
S3="aws --profile snowballEdge --region snow --endpoint https://${SNOWBALL_IP}:8443 --ca-bundle /etc/pki/ca-trust/source/anchors/sbe.crt s3"
EC2="aws --profile snowballEdge --region snow --endpoint https://${SNOWBALL_IP}:8243 --ca-bundle /etc/pki/ca-trust/source/anchors/sbe.crt ec2"
BUCKET="redhat-dan"
IGN_CONFIGS='/home/danclark/openshift_clusters/snow/'
IGN_BASE='/home/danclark/openshift_clusters/install-config.yaml'
@dmc5179
dmc5179 / Dockerfile
Created December 14, 2023 20:55
IBM RTC SCM CLI
FROM registry.access.redhat.com/ubi9
MAINTAINER Dan Clark <danclark@redhat.com>
LABEL description="IBM RTC SCM CLI"
COPY EWM-scmTools-Linux64-7.0.3.zip /usr/local
RUN dnf -y update && \
dnf -y install unzip && \
dnf clean all && \
pushd /usr/local && \
@dmc5179
dmc5179 / httpd_server_deployment.yaml
Created April 29, 2021 16:43
Example OpenShift 4 Deployment of an Apache HTTPD server
#---
#apiVersion: v1
#kind: PersistentVolumeClaim
#metadata:
# name: httpd-pv-claim
# labels:
# app: httpd-frontend
#spec:
# accessModes:
# - ReadWriteOnce
@dmc5179
dmc5179 / imageset-config.yaml
Created March 30, 2023 17:05
Basic oc-mirror imageset-config.yaml for mirroring OpenShift platform content
apiVersion: mirror.openshift.io/v1alpha2
kind: ImageSetConfiguration
archiveSize: 2
storageConfig:
local:
path: /opt/data/mirror
mirror:
platform:
channels:
- name: stable-4.10
@dmc5179
dmc5179 / openshift_haproxy.cfg
Created March 30, 2023 16:57
HAProxy config used with OpenShift 4 Bare Metal Clusters
global
log /dev/log local0
log /dev/log local1 notice
stats socket /var/lib/haproxy/stats level admin
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
@dmc5179
dmc5179 / azure_setup.sh
Created March 7, 2023 20:49
Script to configure an Azure account for OpenShift 4 Deployment
#!/bin/bash
az login
az account set --subscription "Azure subscription 1"
az account show
OCP_TENANT_ID=$(az account show --query tenantId -o tsv)
echo $OCP_TENANT_ID
OCP_SUBSCRIPTION_ID=$(az account show --query id -o tsv)
echo $OCP_SUBSCRIPTION_ID
PREFIX=$SUBSCRIPTION_CODE-ocp-dev
@dmc5179
dmc5179 / operator_cve_scanner.sh
Last active February 3, 2023 14:47
Script to generate an ACS CVE report on all images required for a specific operator and version of that operator. Requires oc-mirror and access to an ACS cluster
#!/bin/bash
# Tool to generate an ACS scan of container images needed for any particular operator/version
# Requires a running ACS system.
OC_MIRROR="${OC_MIRROR:-oc-mirror}"
OCP_VERSION="${OCP_VERSION:-4.11}"
OPERATOR_CATALOG="${OPERATOR_CATALOG:-registry.redhat.io/redhat/redhat-operator-index}"
OPERATOR="${OPERATOR:-compliance-operator}"
#OPERATOR_CHANNEL=""
@dmc5179
dmc5179 / gist:09d8b50af8567d3b68ce660d387a07d1
Created November 8, 2022 14:36
Script to pull the list of container images that are part of the OpenShift 4 Samples Operator
#!/bin/bash -xe
REGEX="registry.redhat.io|registry.access.redhat.com|quay.io"
OCP_VER="4.11.13"
CONT_NAME="samples_export"
IMG=$(curl -s https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/${OCP_VER}/release.txt | grep cluster-samples-operator | awk '{print $2}')