Skip to content

Instantly share code, notes, and snippets.

View jkeam's full-sized avatar
🍻

Jon Keam jkeam

🍻
View GitHub Profile
@jkeam
jkeam / dotnet-publish-task.yaml
Created August 4, 2023 21:18
Dotnet Publish Task
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: dotnet-build-publish
namespace: dotnet
spec:
steps:
- env:
- name: WORKSPACE_SSL_CA_DIRECTORY_BOUND
value: $(workspaces.ssl-ca-directory.bound)
@jkeam
jkeam / get_top_pods.sh
Created July 12, 2023 16:41
Get the top pods in all the projects
#!/bin/bash
# Taken from: https://www.redhat.com/architect/openshift-usage-metrics
for project in `oc get project|grep -v NAME`; \
do echo $project; \
oc project $project 2> /dev/null; \
oc adm top pods; \
done;
https://www.redhat.com/sysadmin/openshift-terminating-state
@jkeam
jkeam / deploy-vista-ocp.sh
Created April 25, 2023 04:40
Deploy vista on OCP
#!/bin/bash
# create namespace
oc new-project vista
# sa
# can use default, this is convenient but not best practice
# oc adm policy add-scc-to-user anyuid -z default
oc create sa root
oc adm policy add-scc-to-user privileged -z root
@jkeam
jkeam / update-openshift-certs.sh
Last active April 24, 2023 19:56
Update certs in OpenShift
#!/bin/bash
# delete config map
oc delete configmap custom-ca -n openshift-config
# re-create it
oc create configmap custom-ca --from-file=ca-bundle.crt=</path/to/example-ca.crt> -n openshift-config
# make sure config map is being used
oc patch proxy/cluster --type=merge --patch='{"spec":{"trustedCA":{"name":"custom-ca"}}}'
@jkeam
jkeam / add_users_to_openshift.sh
Created April 10, 2023 03:26
Add users to OpenShift via htpasswd
#!/bin/bash
# create admin and user1 with password `openshift`
htpasswd -c -B -b ./openshift.htpasswd admin openshift
htpasswd -B -b ./openshift.htpasswd user1 openshift
# add secret with username/passwords
oc create secret generic htpass-secret --from-file=htpasswd=./openshift.htpasswd -n openshift-config
# setup identity provider to use that secret
@jkeam
jkeam / rootful-priv.yaml
Created March 3, 2023 02:17
Privileged Podman Pod
apiVersion: v1
kind: Pod
metadata:
name: podman-priv
spec:
containers:
- name: priv
image: quay.io/podman/stable:v4.4.1
args:
- sleep
@jkeam
jkeam / setup-gitlab-with-rancher-and-ocp.md
Last active March 3, 2023 02:20
Setup for Demo for GitLab with Rancher and OpenShift runners

Setup for Demo for GitLab with Rancher and OpenShift runners

Git Repo

The code for this project is here git@github.com:jkeam/spring-petclinic-pac.git and the file we should be using is .gitlab-ci-kube.yml so in the repo that's in GitLab, make sure to blow away the original .gitlab-ci.yml and rename .gitlab-ci-kube.yml to .gitlab-ci.yml.

GitLab Variables

Something like below:

@jkeam
jkeam / gitlab-with-rancher-and-ocp.md
Last active March 3, 2023 02:01
Demo for GitLab with Rancher and OpenShift runners

Demo for GitLab with Rancher and OpenShift runners

Pre Demo

  1. Generate new KUBE_CONFIG with fresh OCP token

Demo