maelvls

#! /bin/bash
set -euo pipefail

# Source: https://gist.github.com/maelvls/bd9b48ed236a4622e5c7794a04d73752

help() {
    cat <<EOF
Usage: gh gocover --pr <number> --bucket gs://bucket/path [flags]

Description:

maelvls

#!/bin/bash
#
#
# Copy auto-approve to the VM:
#   gcloud compute ssh cronjob-gitlab-approval --zone europe-west2-b -- sudo tee /usr/local/bin/auto-approve <~/bin/auto-approve >/dev/null
#
# Then:
#   gcloud compute ssh cronjob-gitlab-approval --zone europe-west2-b
#   crontab -e
#

maelvls

Tired of having to wait for Cloudshare's progress bar to fill up? Here is a script that does it for you.

maelvls

#! /bin/bash

set -euo pipefail

help() {
    cat <<EOF
USAGE
  $(basename "$0") --url https://jenkins/job/foo/job/bar --user <username> --token <token> --arg param=value --arg param2=value2

DETAILS

maelvls

Visualize the interaction between the Kubernetes apiserver and the cert-manager webhook using mimtproxy

This mitmproxy file was created using Kubernetes 1.21 and cert-manager 1.7.

To visualize this HTTP interaction, install mitmproxy and run:

curl -sSLO https://raw.githubusercontent.com/maelvls/kubectl-incluster/main/josejson.py
curl -sSLO https://gist.githubusercontent.com/maelvls/8a7fd6e6f1e92045813b120ad063d9ae/raw/22ece3844cb21c76d3077090d06368d5943729c9/apiserver-to-webhook.mitmproxy

maelvls

Building ksnip to work around images growing on each save

The issue in question is kImageAnnotator#257.

Updated on 16 April 2023 with ksnip 1.10.1.

git clone https://github.com/ksnip/kColorPicker
git clone https://github.com/ksnip/kImageAnnotator
git -C kImageAnnotator remote add maelvls https://github.com/maelvls/kImageAnnotator

maelvls

The slight differences between Unix tools across BSD (incl. macOS), GNU/Linux, and Busybox

This is a list of discrepencies I came across while trying to while cross-system compatible makefiles and Bash scripts.

sed

-i (in-place editing) can work without an argument with GNU sed, but won't work without an argument on BSD sed and on Busybox.

maelvls

Deploy a dev version of cert-manager to your GKE or OpenShift cluster

If you would like to use the new Make flow (we dropped Bazel!), here is a tutorial on how test cert-manager on a non-kind cluster such as GKE or OpenShift. In this tutorial, I assume that you have cloned cert-manager/cert-manager and that you have a shell session open in that folder. I also assume that your GKE or OpenShift cluster has access to the Docker Hub registry (i.e., you cluster has access to the internet).

You will need docker, helm, and crane installed. If you are on macOS or on Linux, you can install helm and crane using Homebrew:

maelvls

Dev Assistant (chrome extension) settings

This gist can be shared, no problem.

Update 6 June 2022: it seems like dev assistant, which was published as a Chrome extension, has been withdrawn (probably by their authors). The source code for the extension is on GitHub: https://github.com/shridhar-tl/dev-assist. I don't know how to add the extension "manually" using the source code.

maelvls

Investigation: cert-manager ACME solver uses the jwk field instead of kid in neworder call for non-letsencrypt calls

In the Stackover question 70897574, user1563721 suggests that cert-manager's ACME solver is not behaving as it should with non-let's encrypt servers. More specifically, that new-order is called using kid instead of jwk. In the remainder of this page, I detail how to reproduce this issue using Pebble (a smaller version of Boulder, which is the ACME server Let's Encrypt uses).

Related:

• Erratic No Key ID in JWS header

Install cert-manager but turn off the deployment: