Skip to content

Instantly share code, notes, and snippets.

View magickatt's full-sized avatar

Andrew Kirkpatrick magickatt

10 followers · 3 following
View GitHub Profile
@magickatt
magickatt / convert_namespace_to_subnamespace.sh
Last active April 19, 2024 21:25
Convert an existing namespace to a subnamespace using the Hierarchical Namespace Controller
PARENT_NAMESPACE=pizzeria
CHILD_NAMESPACE=pepperoni
$ kubectl annotate namespace $CHILD_NAMESPACE \
hnc.x-k8s.io/subnamespace-of=$PARENT_NAMESPACE
# namespace/pepperoni annotated
$ cat <<EOF | kubectl apply -f -
apiVersion: hnc.x-k8s.io/v1alpha2
@magickatt
magickatt / scheduled_deployment_restart.yaml
Last active April 15, 2024 20:39
Restart Kubernetes Deployment on a schedule using a CronJob
apiVersion: batch/v1
kind: CronJob
metadata:
name: "restart-{{ $application.name }}"
namespace: "{{ $.Release.Namespace }}"
spec:
concurrencyPolicy: Forbid
schedule: "* * * * *" # crontab.guru
jobTemplate:
spec:
@magickatt
magickatt / latest_release.yml
Created January 18, 2024 20:43
Upload multi-architecture Go binaries to GitHub release
name: Latest Release
# Customise for the tag format you are using
on:
push:
tags:
- v*
# Required for the release action to upload artifacts
permissions:
@magickatt
magickatt / adopt_helm_deployment_pod_resources.sh
Created April 28, 2023 15:06
Adopt Deployment Pod resources into a Helm install
# Can use https://gist.github.com/magickatt/e7885f748c2ecd5bb88dd64828b30fbf
# to adopt the Deployment resources themselves
NAME=test
NAMESPACE=default
kubectl get -n $NAMESPACE deployment -o name \
| xargs -I % kubectl patch -n $NAMESPACE % -p \
'{"spec": {"template":{"metadata":{"annotations":{"meta.helm.sh/release-name": "$NAME"}}}}}'
@magickatt
magickatt / adopt_helm_resources.sh
Created April 28, 2023 15:03
Adopt most resources into a Helm install
#!/bin/bash
NAME=test
NAMESPACE=default
RESOURCES=service,role.rolebinding # Comma-delimited
kubectl get -n $NAMESPACE $RESOURCES -o name \
| xargs -I % kubectl label -n $NAMESPACE % app.kubernetes.io/managed-by=Helm
kubectl get -n $NAMESPACE $RESOURCES -o name \
| xargs -I % kubectl annotate -n $NAMESPACE % meta.helm.sh/release-name=$NAME
@magickatt
magickatt / gmp_version.py
Created April 19, 2023 15:01
Show GMP (GNU MP Bignum Library) version using Python
# https://stackoverflow.com/a/22981757
import ctypes
so_name='/usr/lib64/libgmp.so.10' # or /usr/lib/libgmp.so, etc
var_name='__gmp_version'
L=ctypes.cdll.LoadLibrary(so_name)
v=ctypes.c_char_p.in_dll(L,var_name)
print(v.value)
@magickatt
magickatt / gke_iam.yaml
Created February 24, 2023 15:21
Google Kubernetes Engine manifest for Workload Identity using Google Cloud IAM
apiVersion: v1
kind: ServiceAccount
metadata:
# Create a GKE Service Account that binds to a GCP Service Account
name: my_service_gke_serviceaccount
namespace: default
annotations:
iam.gke.io/gcp-service-account: my-project-gcp-serviceaccount@project-123456.iam.gserviceaccount.com
---
apiVersion: v1
@magickatt
magickatt / gcp_iam.tf
Last active February 24, 2023 15:19
Google Cloud IAM for Google Kubernetes Engine Workload Identity
locals {
gcp_project_id = "project-123456"
gke_namespace = "default"
gke_service_account_name = "my-service-gke-serviceaccount"
}
# GCP Service Account (not to be confused with the GKE Service Account)
resource "google_service_account" "my_service" {
account_id = "my_service_gcp_serviceaccount"
display_name = "my_service"
@magickatt
magickatt / helm_chart_validate_matrix.yml
Created February 24, 2023 15:06
GitHub Action to validate multiple Helm charts at once
name: Validate Helm charts
on:
push:
branches: [ main, master ]
pull_request:
jobs:
validate:
runs-on: ubuntu-latest
@magickatt
magickatt / helm_chart_validate.yml
Created February 24, 2023 15:00
GitHub Action to validate Helm charts
name: Validate Helm chart
on:
push:
branches: [ main, master ]
pull_request:
jobs:
validate:
runs-on: ubuntu-latest