Skip to content

Instantly share code, notes, and snippets.

View jimangel's full-sized avatar
🌤️
around

Jim Angel jimangel

🌤️
around
111 followers · 7 following
View GitHub Profile
@IanColdwater
IanColdwater / twittermute.txt
Last active April 22, 2024 17:26
Here are some terms to mute on Twitter to clean your timeline up a bit.
Mute these words in your settings here: https://twitter.com/settings/muted_keywords
ActivityTweet
generic_activity_highlights
generic_activity_momentsbreaking
RankedOrganicTweet
suggest_activity
suggest_activity_feed
suggest_activity_highlights
suggest_activity_tweet
@bgeesaman
bgeesaman / CVE-2019-11253-poc.sh
Last active December 29, 2022 14:25
CVE-2019-11253 Kubernetes API Server YAML Parsing Remote Denial of Service PoC aka "Billion Laughs"
#!/usr/bin/env bash
# CVE-2019-11253
# https://github.com/kubernetes/kubernetes/issues/83253
# Shout out: @raesene for poc collab, @iancoldwater + @mauilion for
# HONKing inspiration and other guidance.
# Description: In Kubernetes 1.13 and below, the default configuration
# is that system:anonymous can request a selfsubjectaccessreview
# via mechanisms such as "kubectl auth can-i". This request can
# include POSTed YAML, and just the act of trying to parse it causes
@HenriTEL
HenriTEL / daemonset.yml
Created October 17, 2019 10:09
A custom driver installer for gke ubuntu based images that includes nvidia-docker.
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: nvidia-driver-installer
namespace: kube-system
labels:
k8s-app: nvidia-driver-installer
spec:
selector:
matchLabels:
@jmhobbs
jmhobbs / Dockerfile
Created December 27, 2018 22:02
Google Cloud Build Secret Environment Demo
FROM busybox
ARG THE_SECRET
RUN echo "::${THE_SECRET}::"
@gochist
gochist / find_outdated.py
Last active March 25, 2024 19:07
import os
import subprocess
DEVNULL = open(os.devnull, 'w')
BASE_CONTENT = "content/en"
WORK_CONTENT = "content/ko"
L_COMMIT = "website/dev-1.13-ko.3"
R_COMMIT = "website/master"
@dims
dims / e2e_manifests.go
Last active August 24, 2018 03:22
package main
import (
"fmt"
"k8s.io/apimachinery/pkg/util/sets"
imageutils "k8s.io/kubernetes/test/utils/image"
"os"
"os/exec"
)
@ernoaapa
ernoaapa / list-failing-pods.sh
Last active March 26, 2024 14:07
Script to list all Kubernetes Pods what are NOT ready
#!/bin/sh
#
# Print Pods which are Pending or not Ready for some reaosn
#
kubectl get pods --all-namespaces -o go-template='{{ range $item := .items }}{{ range .status.conditions }}{{ if (or (and (eq .type "PodScheduled") (eq .status "False")) (and (eq .type "Ready") (eq .status "False"))) }}{{ $item.metadata.name}} {{ end }}{{ end }}{{ end }}'
@lizrice
lizrice / Vagrantfile
Last active February 3, 2023 02:21
Vagrant file for setting up a single-node Kubernetes cluster that I can access from my desktop. Read more: https://medium.com/@lizrice/kubernetes-in-vagrant-with-kubeadm-21979ded6c63
# -*- mode: ruby -*-
# vi: set ft=ruby :
# This script to install Kubernetes will get executed after we have provisioned the box
$script = <<-SCRIPT
# Install kubernetes
apt-get update && apt-get install -y apt-transport-https
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
@kevinsimper
kevinsimper / dump-secrets-kubernetes.sh
Last active May 3, 2024 09:54
kubectl get — no-headers secret | awk '{print $1}' | \
xargs -I{} sh -c 'kubectl get secret -o yaml "$1" > "$1.yaml"' — {}
@pydevops
pydevops / gcloud-cheat-sheet.md
Last active May 10, 2024 08:28
gcp gcloud cheat sheet