Skip to content

Instantly share code, notes, and snippets.

View joerx's full-sized avatar
💭
I may be slow to respond.

Jörg Henning joerx

💭
I may be slow to respond.
36 followers · 1 following
  • Transferwise
  • Singapore
View GitHub Profile
@joerx
joerx / script.sh
Created October 25, 2018 10:53
inspect kubeconfig client cert
#!/bin/sh
# Kubeconfig contains client keys and certs in base64 encoded form. The command below will decode the cert and show the plaintext output
# Note: 'yq' is a yaml wrapper around the awesome 'jq' - https://yq.readthedocs.io/en/latest/
# If anybody has an idea how to get kubeconfig output _including_ certs in json, let me know
cat ~/.kube/config | yq -r '.users[] | select(.name == "ap-southeast-1b.staging.kube.honestbee.com").user["client-certificate-data"]' | base64 -D | openssl x509 -text -noout
@joerx
joerx / kube-masters.sh
Last active October 26, 2018 02:27
Get k8s masters from node list, output name
kubectl get node -o json | jq -r '.items[] | select(.metadata.labels["kubernetes.io/role"] == "master") | .metadata.name'
@joerx
joerx / tf-rename.sh
Last active April 11, 2019 03:33
Terraform batch rename
#!/bin/sh
SOURCE=module.foo
TARGET=module.bar
tf state list $SOURCE | sed "s/$SOURCE\(.*\)/$SOURCE\1 $TARGET\1/" | xargs -n2 echo terraform state mv
@joerx
joerx / main.go
Created September 14, 2018 05:45
Boolean flags with cobra
package main
import (
"fmt"
"os"
"github.com/spf13/cobra"
)
var cfgFile string
@joerx
joerx / Readme.md
Created August 27, 2018 17:05
Create SA for helm to talk to tiller inside a kube cluster.

Minimal SA for helm client to connect to tiller running inside k8s cluster. Actual permissions needed for deployments are assigned to tiller's own SA and not shown here.

More details for setting up Tiller with RBAC can be found in the helm docs

This works if helm is running inside a pod as well as from CLI. Useful for CI/CD tools like drone-helm

List pods:

kubectl --kubeconfig helm.kubecfg -n util get pod
@joerx
joerx / remove-memberships.sh
Last active August 24, 2018 06:49
Delete member from all Github team memberships. Careful with this!
curl -H "Authorization: token $GITHUB_TOKEN" https://api.github.com/user/teams | jq -r '.[] | [.organization.name, .name, (.id|tostring)] | join("|")' | grep -v $DONT_DELETE_FROM_THIS | awk -F '|' '{ print "https://api.github.com/teams/" $3 "/memberships/$USERNAME" }' | xargs -I {} curl -H"Authorization: token $GITHUB_TOKEN" -XDELETE {}
@joerx
joerx / jq.sh
Last active July 18, 2018 08:42
AWS CLI and jq fu
# Using AWS CLI with jq can be a very powerful tool to collect various reports from your AWS account.
# With the `@tsv` filter we can write TSV output for easy copy & pasting into our favourite spreadsheet app
# Use `@csv` to get a CSV output instead
# List VPCs with names
aws ec2 describe-vpcs | jq -r '.Vpcs[]|[.VpcId,(.Tags|map(select(.Key=="Name"))[0].Value)]|@tsv'
# List EC2 instances with selected attributes
aws ec2 describe-instances | jq -r '.Reservations[].Instances[]|[.InstanceId,.InstanceType,.State.Name,.VpcId,(.Tags|map(select(.Key=="Name"))[0].Value)]|@tsv'
@joerx
joerx / list-rds-instances.sh
Created June 20, 2018 02:37
List RDS instances, select some fields and render as CSV with aws cli, bash and jq
#!/bin/sh
if [ "$INSTANCE" == "" ]; then
CMD="aws rds describe-db-instances"
else
CMD="aws rds describe-db-instances --db-instance-identifier=$INSTANCE"
fi
echo '"DBInstanceIdentifier","DBInstanceStatus","DBInstanceClass"'
@joerx
joerx / main.go
Created March 29, 2018 01:54
Read data from stdin in go
package main
import (
"bufio"
"fmt"
"os"
)
func main() {
in := os.Stdin
@joerx
joerx / main.tf
Created January 29, 2018 05:49
RDS subnet group vs VPC
terraform {
required_version = ">= 0.11"
}
provider "aws" {
region = "${var.aws_region}"
version = "~> 1.6"
}
variable "aws_region" {