Skip to content

Instantly share code, notes, and snippets.

View jsierles's full-sized avatar
🎯
Focusing

Joshua Sierles jsierles

🎯
Focusing
View GitHub Profile
@jsierles
jsierles / haproxy.yaml
Created June 27, 2024 12:54
Percona MySQL manifests
apiVersion: v1
kind: Pod
metadata:
annotations:
cloud.google.com/cluster_autoscaler_unhelpable_since: 2024-06-26T16:50:07+0000
cloud.google.com/cluster_autoscaler_unhelpable_until: Inf
percona.com/configuration-hash: 9f86ee66f3b72440e51b8a220faeb794
percona.com/env-secret-config-hash: 95eba1819981f96adcff77fbec158260
creationTimestamp: "2024-06-26T16:50:06Z"
generateName: mysql-sr4-haproxy-
@jsierles
jsierles / fly_clone_secrets.sh
Last active March 22, 2022 15:21
Clone Fly app secrets
#!/bin/sh
#
# Clone secrets from one Fly app to another
TEMPFILE=`mktemp`
trap "rm -rf $TEMPFILE" EXIT
SECRET_KEYS=`fly secrets list -a $1 | tail -n +2 | cut -f1 -d" "`
fly ssh console -a $1 -C env | tr -d '\r' > $TEMPFILE
@jsierles
jsierles / rsync_cache.sh
Created September 8, 2021 13:18
Use rsync to cache intermediate build artifacts with Docker buildkit
#!/bin/bash
set -ue
# Sync the cache back to the source path.
# Use --times to preserve timestamps
# Use --update to make sure that newer files in the source path
# aren't overwritten by older files in the cache.
cache_root_path=$1
# Wrap Rails' built-in encrypted credentials to allow environment variable overrides
module Credential
class << self
def fetch(*args)
env_fetch(*args) || Rails.application.credentials.dig(*args)
end
def env_fetch(*args)
ENV[args.join("__").upcase]
@jsierles
jsierles / Dockerfile
Created May 11, 2021 20:47
Deploying Rails assets as a CI step with Docker
# syntax = docker/dockerfile:experimental
FROM node
ARG NPM_TOKEN=no
ARG APP_ENV=production
ENV AWS_DEFAULT_REGION=ams3
ARG AWS_ACCESS_KEY_ID
ARG AWS_SECRET_ACCESS_KEY
RUN pip install awscli
#!/bin/bash
#
# Fetch DO registry credentials and set them in Convox
doctl_path=$(which doctl)
convox_path=$(which convox)
if [ ! -x "$doctl_path" ] || [ ! -x "$convox_path" ]; then
echo "'doctl' and 'convox' CLIs must be installed to run this script."
fi
- syslog {
- address = "syslog-a.logdna.com" -> null
- format = "%h %l %u %t \"%r\" %>s %b" -> null
- format_version = 1 -> null
- message_type = "classic" -> null
- name = "LogDNA" -> null
- port = 12345 -> null
- tls_ca_cert = <<~EOT
-----BEGIN CERTIFICATE-----
MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
steps:
- label: ":docker: Build"
env:
- DOCKER_BUILDKIT=1
- COMPOSE_DOCKER_CLI_BUILD=1
plugins:
- docker-compose#v3.1.0:
build: app
- wait
current_subscription_phase = stripe_schedule.phases.first
stripe_schedule.save(
phases: [
current_subscription_phase,
{
start_date: current_subscription_phase.end_date,
plans: [
{ plan: target_plan.code }
]
}
Error: serviceaccounts "fluentd" is forbidden: User "system:anonymous" cannot get resource "serviceaccounts" in API group "" in the namespace "kube-system"
Error: clusterroles.rbac.authorization.k8s.io "router" is forbidden: User "system:anonymous" cannot get resource "clusterroles" in API group "rbac.authorization.k8s.io" at the cluster scope
Error: clusterroles.rbac.authorization.k8s.io "cb-staging-eu-do-fluentd" is forbidden: User "system:anonymous" cannot get resource "clusterroles" in API group "rbac.authorization.k8s.io" at the cluster scope