Skip to content

Instantly share code, notes, and snippets.

View magickatt's full-sized avatar

Andrew Kirkpatrick magickatt

View GitHub Profile
@magickatt
magickatt / github_clone_using_token.sh
Created September 6, 2019 17:31
Clone a GitHub repository using a Personal Access Token
export GITHUB_USER=magickatt
export GITHUB_TOKEN=secret
export GITHUB_REPOSITORY=magickatt/ContainerisingLegacyApplicationsTalk
git clone https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}
@magickatt
magickatt / latest_release.yml
Created January 18, 2024 20:43
Upload multi-architecture Go binaries to GitHub release
name: Latest Release
# Customise for the tag format you are using
on:
push:
tags:
- v*
# Required for the release action to upload artifacts
permissions:
@magickatt
magickatt / filebeat.yaml
Created November 23, 2020 18:55
Filebeat configuration to ignore Consul Connect container logs
filebeat.autodiscover:
providers:
- type: kubernetes
hints.enabled: true
hints.default_config.enabled: false
add_resource_metadata:
namespace:
enabled: true
processors:
- add_kubernetes_metadata:
@magickatt
magickatt / check_container_status.sh
Last active July 29, 2023 02:28
Use Bash to wait for container to start
#!/bin/bash
IMAGE_NAME=test-1
# 1-liner
until [ $(docker inspect -f "{{json .State.Status }}" $(docker ps -a -q --filter ancestor=$IMAGE_NAME --format="{{.ID}}" | head -n 1)) == '"running"' ]; do echo "Waiting for container to start..." && sleep 1; done
# More readable
CONTAINER_ID=$(docker ps --all --quiet --filter ancestor=$IMAGE_NAME --format="{{.ID}}" | head -n 1)
CONTAINER_STATUS=$(docker inspect --format "{{json .State.Status }}" $CONTAINER_ID)
until [ $CONTAINER_STATUS == '"running"' ]
@magickatt
magickatt / adopt_helm_deployment_pod_resources.sh
Created April 28, 2023 15:06
Adopt Deployment Pod resources into a Helm install
# Can use https://gist.github.com/magickatt/e7885f748c2ecd5bb88dd64828b30fbf
# to adopt the Deployment resources themselves
NAME=test
NAMESPACE=default
kubectl get -n $NAMESPACE deployment -o name \
| xargs -I % kubectl patch -n $NAMESPACE % -p \
'{"spec": {"template":{"metadata":{"annotations":{"meta.helm.sh/release-name": "$NAME"}}}}}'
@magickatt
magickatt / adopt_helm_resources.sh
Created April 28, 2023 15:03
Adopt most resources into a Helm install
#!/bin/bash
NAME=test
NAMESPACE=default
RESOURCES=service,role.rolebinding # Comma-delimited
kubectl get -n $NAMESPACE $RESOURCES -o name \
| xargs -I % kubectl label -n $NAMESPACE % app.kubernetes.io/managed-by=Helm
kubectl get -n $NAMESPACE $RESOURCES -o name \
| xargs -I % kubectl annotate -n $NAMESPACE % meta.helm.sh/release-name=$NAME
@magickatt
magickatt / gmp_version.py
Created April 19, 2023 15:01
Show GMP (GNU MP Bignum Library) version using Python
# https://stackoverflow.com/a/22981757
import ctypes
so_name='/usr/lib64/libgmp.so.10' # or /usr/lib/libgmp.so, etc
var_name='__gmp_version'
L=ctypes.cdll.LoadLibrary(so_name)
v=ctypes.c_char_p.in_dll(L,var_name)
print(v.value)
@magickatt
magickatt / gke_iam.yaml
Created February 24, 2023 15:21
Google Kubernetes Engine manifest for Workload Identity using Google Cloud IAM
apiVersion: v1
kind: ServiceAccount
metadata:
# Create a GKE Service Account that binds to a GCP Service Account
name: my_service_gke_serviceaccount
namespace: default
annotations:
iam.gke.io/gcp-service-account: my-project-gcp-serviceaccount@project-123456.iam.gserviceaccount.com
---
apiVersion: v1
@magickatt
magickatt / gcp_iam.tf
Last active February 24, 2023 15:19
Google Cloud IAM for Google Kubernetes Engine Workload Identity
locals {
gcp_project_id = "project-123456"
gke_namespace = "default"
gke_service_account_name = "my-service-gke-serviceaccount"
}
# GCP Service Account (not to be confused with the GKE Service Account)
resource "google_service_account" "my_service" {
account_id = "my_service_gcp_serviceaccount"
display_name = "my_service"
@magickatt
magickatt / helm_chart_validate_matrix.yml
Created February 24, 2023 15:06
GitHub Action to validate multiple Helm charts at once
name: Validate Helm charts
on:
push:
branches: [ main, master ]
pull_request:
jobs:
validate:
runs-on: ubuntu-latest