I hereby claim:
- I am lewismarshall on github.
- I am lmarshall (https://keybase.io/lmarshall) on keybase.
- I have a public key ASDra5yIULK_NRZbL7UDVm6Wza94GCB-KTNkX_2wKksauQo
To claim this, I am signing this object:
type getManagedAppIdInputs struct { | |
subscriptionId string | |
nodeResourceGroupName string | |
clientId string | |
} | |
// getManagedAppID will return the managed app ID | |
// will return the managedAppID if it is set | |
// otherwise will return the managed app ID by: | |
// 1. auditing the Metadata API to get the resource group |
#!/bin/bash | |
# Deletes all open-id-connect-providers that are NOT used by EKS instances... | |
${TRACE:+set -x} | |
if ! command -v aws &>/dev/null; then | |
echo "awscli is not installed. Please install it and re-run this script." | |
exit 1 | |
fi |
# AWS DANGER TOYS - delete some stuff ;) | |
function aws-delete-policy { | |
local policy=${1:?'must specify policy arn'} | |
# find all things this policy referes to | |
local attached_roles=$(aws iam list-entities-for-policy --policy-arn "${policy}" --entity-filter Role | jq -r .PolicyRoles[].RoleName) | |
# for now just roles | |
for role in ${attached_roles}; do | |
# detach policy from role |
I hereby claim:
To claim this, I am signing this object:
# 1. Create nodes | |
# 2. Attach EBS of type "standard" to all nodes | |
# 3. Create ceph operator and THEN this ceph cluster | |
apiVersion: ceph.rook.io/v1 | |
kind: CephCluster | |
metadata: | |
name: rook-ceph | |
namespace: rook-ceph | |
spec: |
{ | |
"CN": "Keto ETCD CA", | |
"CA": { | |
"expiry": "87600h" | |
}, | |
"key": { | |
"algo": "rsa", | |
"size": 2048 | |
}, | |
"names": [ |
#!/usr/bin/env bash | |
function generate_ca() { | |
if [[ ! -f tests/certs/${1}/ca.key ]]; then | |
mkdir -p tests/certs/${1} | |
cfssl gencert -initca tests/certs/ca-csr.json | cfssljson -bare tests/certs/${1}/ca | |
mv tests/certs/${1}/ca.pem tests/certs/${1}/ca.crt | |
mv tests/certs/${1}/ca-key.pem tests/certs/${1}/ca.key | |
fi | |
} |
function aws-ar() { | |
local profile=${1:-hod-central} | |
local role_arn=$(grep ${profile} ~/.aws/credentials -A 3 | grep role_arn | cut -d'=' -f2) | |
local creds_json=$(aws sts assume-role --output json --role-arn ${role_arn} --profile ${profile} --role-session-name ${profile} ) | |
aws-unset | |
export AWS_ACCESS_KEY_ID=$(echo ${creds_json} | jq -r '.Credentials.AccessKeyId') | |
export AWS_SECRET_ACCESS_KEY=$(echo ${creds_json} | jq -r '.Credentials.SecretAccessKey') | |
export AWS_SECURITY_TOKEN=$(echo ${creds_json} | jq -r '.Credentials.SessionToken') | |
export AWS_SESSION_EXPIRE=$(echo ${creds_json} | jq -r '.Credentials.Expiration') |
#!/usr/bin/env python3 | |
# Taken from: | |
# string as file: http://stackoverflow.com/a/142251 | |
# yaml !include: http://stackoverflow.com/a/9577670 | |
import sys | |
import os.path | |
import yaml | |
import jinja2 | |
import io |
#!/bin/bash | |
function get_config() { | |
conf_name="${1}" | |
conf_file="${CONFIG_DIR}/${conf_name}" | |
if [ -f ${conf_file} ]; then | |
echo "Using config from ${conf_file}" | |
value="$(cat ${conf_file})" | |
else |