John Reese jpreese
jpreese
/ kube_resource_diff.go
Created
July 28, 2020 21:01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "io/ioutil" | |
| "os" | |
| "runtime" | |
| "strings" | |
| "github.com/ghodss/yaml" |
jpreese
/ view-gatekeeper-violations.sh
Created
July 28, 2020 02:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CONSTRAINTS=`kubectl get crd -o json | jq -r '.items[] | select(.spec.group == "constraints.gatekeeper.sh") | .spec.names.kind'` | |
| for c in $CONSTRAINTS | |
| do | |
| kubectl get $c -o json | jq -r '.items[] | select(.status.violations) | .status.violations' | |
| done |
jpreese
/ prometheus_rule_policy.rego
Created
July 27, 2020 16:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package policy | |
| import data.lib.core | |
| # @title PrometheusRules must specify a prometheus label | |
| # | |
| # All PrometheusRules created on the cluster must contain a `prometheus` label | |
| # with a value of `prometheus`. This ensures that the rule is found by the prometheus operator. | |
| # | |
| # @kinds monitoring.coreos.com/PrometheusRule |
jpreese
/ first_character_combined.go
Last active
July 4, 2020 18:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // PrintFirstCharacter prints the first character found in a file | |
| func PrintFirstCharacter(path string) error { | |
| contents, err := ioutil.ReadFile(path) | |
| if err != nil { | |
| return fmt.Errorf("read file: %w", err) | |
| } | |
| firstCharacter := contents[0] | |
| fmt.Println(firstCharacter) |
jpreese
/ first_character.go
Created
July 4, 2020 18:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // PrintFirstCharacter prints the first character found in a file | |
| func PrintFirstCharacter(path string) error { | |
| contents, err := ioutil.ReadFile(path) | |
| if err != nil { | |
| return fmt.Errorf("read file: %w", err) | |
| } | |
| result := getFirstCharacter(contents) | |
| fmt.Println(result) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"level":"info","ts":1593614297.4539874,"logger":"setup","msg":"setting up cert rotation"} | |
| {"level":"info","ts":1593614297.4541724,"logger":"setup","msg":"starting manager"} | |
| {"level":"info","ts":1593614297.454658,"logger":"cert-rotation","msg":"starting cert rotator controller"} | |
| {"level":"info","ts":1593614297.4549243,"logger":"controller-runtime.controller","msg":"Starting EventSource","controller":"validating-webhook-controller","source":"kind source: /, Kind="} | |
| {"level":"info","ts":1593614297.45812,"logger":"readiness-tracker","msg":"config resource not found - skipping for readiness"} | |
| {"level":"info","ts":1593614297.458221,"logger":"readiness-tracker","msg":"ExpectationsDone","gvk":"config.gatekeeper.sh/v1alpha1, Kind=Config","expectationCount":0} | |
| {"level":"info","ts":1593614297.4635198,"logger":"readiness-tracker","msg":"ExpectationsDone","gvk":"templates.gatekeeper.sh/v1beta1, Kind=ConstraintTemplate","expectationCount":0} | |
| {"level":"info","ts":1593614297.5550866,"logger":"cert-rotation","msg":"refreshin |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package policy | |
| import data.lib.k8s | |
| violation[msg] { | |
| containers_resource_constraints_required | |
| msg := k8s.format(sprintf("(%s) %s: Container resource constraints must be specified", [k8s.kind, k8s.name])) | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package lib.k8s | |
| default is_gatekeeper = false | |
| is_gatekeeper { | |
| has_field(input, "review") | |
| has_field(input.review, "object") | |
| } | |
| object = input { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| schemaVersion: 2.0.0 | |
| commandTests: | |
| - name: unzip | |
| command: unzip | |
| args: ["-v"] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| schemaVersion: 2.0.0 | |
| # Validate the environment contains the required tooling | |
| commandTests: | |
| - name: Atlantis | |
| command: atlantis | |
| args: ["version"] | |
| - name: Terraform | |
| command: terraform |