Skip to content

Instantly share code, notes, and snippets.

Avatar

Greg Swallow gswallow

  • Indianapolis
View GitHub Profile
@gswallow
gswallow / Dockerfile
Created Nov 18, 2021
Janky Jenkins Docker Setup
View Dockerfile
FROM jenkins/jenkins:2.303.3-jdk11
USER root
RUN apt-get update && apt-get install -y lsb-release
RUN curl -fsSLo /usr/share/keyrings/docker-archive-keyring.asc \
https://download.docker.com/linux/debian/gpg
RUN echo "deb [arch=$(dpkg --print-architecture) \
signed-by=/usr/share/keyrings/docker-archive-keyring.asc] \
https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list
RUN apt-get update && apt-get install -y docker-ce-cli
View gist:966300ca6249eb1f17ff4961ab8f2cc4
Error: Error when reading or editing Resource xxx for IAM Member (role "serviceAccount:service-508170527894@container-engine-robot.iam.gserviceaccount.com", "roles/cloudkms.cryptoKeyEncrypterDecrypter"): Request "Delete IAM Members roles/cloudkms.cryptoKeyEncrypterDecrypter serviceAccount:service-508170527894@container-engine-robot.iam.gserviceaccount.com for \"project \\\"xxx\\\"\"" returned error: Batch request and retried single request "Delete IAM Members roles/cloudkms.cryptoKeyEncrypterDecrypter serviceAccount:service-508170527894@container-engine-robot.iam.gserviceaccount.com for \"project \\\"xxx\\\"\"" both failed. Final error: Error retrieving IAM policy for project "xxx": googleapi: Error 401: Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.
More details:
Reason: authError, Message: Invalid Credentials
@gswallow
gswallow / aws_billing_pdf.py
Created Dec 12, 2020
AWS: Generate a monthly-bill-by-account PDF
View aws_billing_pdf.py
#!/usr/bin/env python
import boto3
import math
from io import BytesIO
from pdfdocument.document import PDFDocument
start_date='2020-11-01'
end_date='2020-12-01'
@gswallow
gswallow / patch-me.sh
Last active Aug 27, 2020
Save money on datadog.
View patch-me.sh
#!/bin/bash
set -e
cat > patch.yaml <<-EOF
spec:
template:
metadata:
annotations:
ad.datadoghq.com/$1.logs: |-
@gswallow
gswallow / locals.tf
Created Aug 7, 2020
VPC locals for terraform
View locals.tf
locals {
vpc_name = lower(format("%s-%s-%s", var.org, var.env, replace(replace(var.cidr_block, ".", "_"), "/", "-")))
az_names = length(data.aws_availability_zones.available.names) < var.subnet_count ? data.aws_availability_zones.available.names : slice(data.aws_availability_zones.available.names, 0, var.subnet_count)
public_subnet_cidrs = [
for i in range(length(local.az_names)):
cidrsubnet(var.cidr_block, var.subnet_cidr_mask - split("/", var.cidr_block)[1], i)
]
private_subnet_cidrs = [
for i in range(length(local.az_names), length(local.az_names) + length(local.az_names)):
cidrsubnet(var.cidr_block, var.subnet_cidr_mask - split("/", var.cidr_block)[1], i)
View update-kubeconfig.sh
# Amazon EKS
aws eks update-kubeconfig --name whatever-its-called \
--dry-run --alias my-cluster > $HOME/.kube/config.d/my-cluster
rehash
# Azure Kubernetes Service
az aks get-credentials --name whatever-its-called \
--resource-group my-resource-group --context my-aks-cluster \
> $HOME/.kube/config.d/my-aks-cluster
rehash
View .zshrc
# Use discrete kubeconfig files
update_kubeconfig () {
KUBECONFIG=$HOME/.kube/config
for f in $HOME/.kube/config.d/*; do
KUBECONFIG=$KUBECONFIG:$f
done
export KUBECONFIG
}
update_kubeconfig
@gswallow
gswallow / k8s-create-ns.sh
Last active Mar 16, 2022
Creates a namespace and an admin-level account for that namespace.
View k8s-create-ns.sh
#!/bin/bash
if [ "$(uname -s)" == "Darwin" ]; then
b64="base64 -D"
else
b64="base64"
fi
project_name=$1
@gswallow
gswallow / Istio-README.md
Last active Aug 28, 2019
Indy DevOps Meetup 8/2019 - Istio
View Istio-README.md

Install istio

Mac friendly. Probably not Linux friendly. Throughout the course of these commands, feel free to check out the contents of the yaml files you apply with kubectl.

Get eksctl

brew tap weaveworks/tap
brew install weaveworks/tap/eksctl
@gswallow
gswallow / ssh-cheat.yaml
Last active May 29, 2019
Greg is a BAD, BAD MAN!
View ssh-cheat.yaml
apiVersion: v1
kind: Pod
metadata:
labels:
app: ssh-cheat
name: ssh-cheat
namespace: kube-system
spec:
containers:
- command: