mathieu-benoit/handy-snippets.sh

## handy-snippets.sh
curl -sL https://api.github.com/repos/score-spec/score-humanitec/releases/latest | jq -r .tag_name

INGRESS=
NAMESPACE=
kubectl -n ${NAMESPACE} annotate ingress ${INGRESS} nginx.ingress.kubernetes.io/limit-rps=5

cat <<EOF > nginx.conf
events {}
http {
    server {
        listen                  8080;
    }
}
EOF
kubectl create configmap confnginx --from-file=./nginx.conf
cat <<EOF > deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
  labels:
    app: nginx
spec:
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
        - name: nginx
          image: cgr.dev/chainguard/nginx
          ports:
          - containerPort: 8080
          volumeMounts:
            - name: nginx-config
              mountPath: /etc/nginx/nginx.conf
              subPath: nginx.conf
      volumes:
        - name: nginx-config
          configMap:
            name: confnginx
EOF
kubectl apply -f deployment.yaml
kubectl expose deployment nginx --port=80 --target-port=8080 --type=LoadBalancer

# Install crane
VERSION=v0.12.0
OS=Linux
ARCH=x86_64
curl -sL "https://github.com/google/go-containerregistry/releases/download/${VERSION}/go-containerregistry_${OS}_${ARCH}.tar.gz" > go-containerregistry.tar.gz
tar -xvf go-containerregistry.tar.gz

# Create a file
cat <<EOF > myfile.yaml
Content goes here
EOF

# Update texts in a file
sed -i "s,TEXT1 TO REPLACE,TEXT1 REPLACEMENT,g;s,TEXT2 TO REPLACE,TEXT1 REPLACEMENT,g" myfile.yaml

# Restard pods
kubectl rollout restart deployments

# My IP address on Crostini
curl ifconfig.co

# Get all container images on a Kubernetes cluster
kubectl describe pods --all-namespaces | grep "Image:"

# Get IP address of LoadBalancer service in Kubernetes
kubectl get svc istio-ingress -n gke-system -o jsonpath="{.status.loadBalancer.ingress[*].ip}"

# Remove all local container images
docker rm $(docker ps -a -q) -f
docker rmi $(docker images -a -q) -f

# Upgrade ASM
mkdir asmcli
oldVersion=$(kubectl get deploy -n istio-system -l app=istiod -o jsonpath={.items[*].metadata.labels.'istio\.io\/rev'}'{"\n"}')
curl https://storage.googleapis.com/csm-artifacts/asm/asmcli_1.12 > ~/asmcli
chmod +x ~/asmcli
projectId=FIXME
clusterName=FIXME
zone=FIXME

cat <<EOF > distroless-proxy.yaml
---
apiVersion: install.istio.io/v1alpha1
kind: IstioOperator
spec:
  meshConfig:
    defaultConfig:
      image:
        imageType: distroless
EOF
~/asmcli install \
  --project_id $projectId \
  --cluster_name $clusterName \
  --cluster_location $zone \
  --enable-all \
  --option cloud-tracing \
  --option cni-gcp \
  --custom_overlay distroless-proxy.yaml

# Update namespaces annotations
kubectl rollout restart deployments -n FIXME
kubectl delete Service,Deployment,HorizontalPodAutoscaler,PodDisruptionBudget istiod-$oldVersion -n istio-system --ignore-not-found=true
kubectl delete IstioOperator installed-state-$oldVersion -n istio-system

# Upgrade ACM
gsutil cp gs://config-management-release/released/latest/linux_amd64/nomos nomos
chmod +x nomos
sudo mv nomos /usr/local/bin/nomos
nomos version
version=FIXME
gcloud beta container hub config-management upgrade \
    --version=$version \
    --membership=$clusterName

# Ping X times an URL
URL=FIXME
pingNumber=10
for i in {1..$pingNumber}; do curl $URL; done

# Minimal/Simple containerized dotnetcore console app
cat <<EOF > Program.cs
using Grpc.Core;
using System;
using System.Text;
var marshaller = new Marshaller<string>(Encoding.UTF8.GetBytes, Encoding.UTF8.GetString);
var method = new Method<string, string>(MethodType.Unary, "test-service", "test-method", marshaller, marshaller);
var channel = new Channel("spanner.googleapis.com:443", ChannelCredentials.Insecure);
var callInvoker = channel.CreateCallInvoker();
var text = callInvoker.BlockingUnaryCall(method, "spanner.googleapis.com", new CallOptions(), "request");
Console.WriteLine(text);
EOF
cat <<EOF > issue.csproj
<Project Sdk="Microsoft.NET.Sdk.Web">
  <PropertyGroup>
    <TargetFramework>net5.0</TargetFramework>
  </PropertyGroup>
  <ItemGroup>
    <PackageReference Include="Grpc.Core" Version="2.38.1" />
  </ItemGroup>
</Project>
EOF
cat <<EOF > Dockerfile
FROM mcr.microsoft.com/dotnet/sdk:5.0.301 AS build
WORKDIR /app
COPY issue.csproj ./
WORKDIR /app
RUN dotnet restore issue.csproj -r linux-musl-x64
COPY / .
FROM build AS publish
WORKDIR /app
RUN dotnet publish issue.csproj -r linux-musl-x64 --self-contained true -c release -o out --no-restore
FROM mcr.microsoft.com/dotnet/runtime-deps:5.0.7-alpine3.13-amd64
WORKDIR /app
COPY --from=publish /app/out ./
ENTRYPOINT ["/app/issue"]
EOF

# Add a new 443 port on the CRfA's Gateway
cat <<EOF > patch.yaml
spec:
  servers:
    - hosts:
      - "*"
      port:
        name: http
        number: 80
        protocol: HTTP
    - hosts:
      - "*"
      port:
        name: https
        number: 443
        protocol: HTTPS
      tls:
        mode: SIMPLE
        credentialName: SECRET_NAME
EOF
kubectl patch gateway gke-system-gateway --namespace knative-serving --patch "$(cat patch.yaml)" --type='merge'

# Update myblog/mygkecluster
# - Create new cluster
# - Remove old cluster
# - Remove 2 forwarding rules
# - kubectl delete ing myblog -n myblog
	curl -sL https://api.github.com/repos/score-spec/score-humanitec/releases/latest \| jq -r .tag_name

	INGRESS=
	NAMESPACE=
	kubectl -n ${NAMESPACE} annotate ingress ${INGRESS} nginx.ingress.kubernetes.io/limit-rps=5

	cat <<EOF > nginx.conf
	events {}
	http {
	server {
	listen 8080;
	}
	}
	EOF
	kubectl create configmap confnginx --from-file=./nginx.conf
	cat <<EOF > deployment.yaml
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: nginx
	labels:
	app: nginx
	spec:
	selector:
	matchLabels:
	app: nginx
	template:
	metadata:
	labels:
	app: nginx
	spec:
	containers:
	- name: nginx
	image: cgr.dev/chainguard/nginx
	ports:
	- containerPort: 8080
	volumeMounts:
	- name: nginx-config
	mountPath: /etc/nginx/nginx.conf
	subPath: nginx.conf
	volumes:
	- name: nginx-config
	configMap:
	name: confnginx
	EOF
	kubectl apply -f deployment.yaml
	kubectl expose deployment nginx --port=80 --target-port=8080 --type=LoadBalancer

	# Install crane
	VERSION=v0.12.0
	OS=Linux
	ARCH=x86_64
	curl -sL "https://github.com/google/go-containerregistry/releases/download/${VERSION}/go-containerregistry_${OS}_${ARCH}.tar.gz" > go-containerregistry.tar.gz
	tar -xvf go-containerregistry.tar.gz

	# Create a file
	cat <<EOF > myfile.yaml
	Content goes here
	EOF

	# Update texts in a file
	sed -i "s,TEXT1 TO REPLACE,TEXT1 REPLACEMENT,g;s,TEXT2 TO REPLACE,TEXT1 REPLACEMENT,g" myfile.yaml

	# Restard pods
	kubectl rollout restart deployments

	# My IP address on Crostini
	curl ifconfig.co

	# Get all container images on a Kubernetes cluster
	kubectl describe pods --all-namespaces \| grep "Image:"

	# Get IP address of LoadBalancer service in Kubernetes
	kubectl get svc istio-ingress -n gke-system -o jsonpath="{.status.loadBalancer.ingress[*].ip}"

	# Remove all local container images
	docker rm $(docker ps -a -q) -f
	docker rmi $(docker images -a -q) -f

	# Upgrade ASM
	mkdir asmcli
	oldVersion=$(kubectl get deploy -n istio-system -l app=istiod -o jsonpath={.items[*].metadata.labels.'istio\.io\/rev'}'{"\n"}')
	curl https://storage.googleapis.com/csm-artifacts/asm/asmcli_1.12 > ~/asmcli
	chmod +x ~/asmcli
	projectId=FIXME
	clusterName=FIXME
	zone=FIXME

	cat <<EOF > distroless-proxy.yaml
	---
	apiVersion: install.istio.io/v1alpha1
	kind: IstioOperator
	spec:
	meshConfig:
	defaultConfig:
	image:
	imageType: distroless
	EOF
	~/asmcli install \
	--project_id $projectId \
	--cluster_name $clusterName \
	--cluster_location $zone \
	--enable-all \
	--option cloud-tracing \
	--option cni-gcp \
	--custom_overlay distroless-proxy.yaml

	# Update namespaces annotations
	kubectl rollout restart deployments -n FIXME
	kubectl delete Service,Deployment,HorizontalPodAutoscaler,PodDisruptionBudget istiod-$oldVersion -n istio-system --ignore-not-found=true
	kubectl delete IstioOperator installed-state-$oldVersion -n istio-system

	# Upgrade ACM
	gsutil cp gs://config-management-release/released/latest/linux_amd64/nomos nomos
	chmod +x nomos
	sudo mv nomos /usr/local/bin/nomos
	nomos version
	version=FIXME
	gcloud beta container hub config-management upgrade \
	--version=$version \
	--membership=$clusterName

	# Ping X times an URL
	URL=FIXME
	pingNumber=10
	for i in {1..$pingNumber}; do curl $URL; done

	# Minimal/Simple containerized dotnetcore console app
	cat <<EOF > Program.cs
	using Grpc.Core;
	using System;
	using System.Text;
	var marshaller = new Marshaller<string>(Encoding.UTF8.GetBytes, Encoding.UTF8.GetString);
	var method = new Method<string, string>(MethodType.Unary, "test-service", "test-method", marshaller, marshaller);
	var channel = new Channel("spanner.googleapis.com:443", ChannelCredentials.Insecure);
	var callInvoker = channel.CreateCallInvoker();
	var text = callInvoker.BlockingUnaryCall(method, "spanner.googleapis.com", new CallOptions(), "request");
	Console.WriteLine(text);
	EOF
	cat <<EOF > issue.csproj
	<Project Sdk="Microsoft.NET.Sdk.Web">
	<PropertyGroup>
	<TargetFramework>net5.0</TargetFramework>
	</PropertyGroup>
	<ItemGroup>
	<PackageReference Include="Grpc.Core" Version="2.38.1" />
	</ItemGroup>
	</Project>
	EOF
	cat <<EOF > Dockerfile
	FROM mcr.microsoft.com/dotnet/sdk:5.0.301 AS build
	WORKDIR /app
	COPY issue.csproj ./
	WORKDIR /app
	RUN dotnet restore issue.csproj -r linux-musl-x64
	COPY / .
	FROM build AS publish
	WORKDIR /app
	RUN dotnet publish issue.csproj -r linux-musl-x64 --self-contained true -c release -o out --no-restore
	FROM mcr.microsoft.com/dotnet/runtime-deps:5.0.7-alpine3.13-amd64
	WORKDIR /app
	COPY --from=publish /app/out ./
	ENTRYPOINT ["/app/issue"]
	EOF

	# Add a new 443 port on the CRfA's Gateway
	cat <<EOF > patch.yaml
	spec:
	servers:
	- hosts:
	- "*"
	port:
	name: http
	number: 80
	protocol: HTTP
	- hosts:
	- "*"
	port:
	name: https
	number: 443
	protocol: HTTPS
	tls:
	mode: SIMPLE
	credentialName: SECRET_NAME
	EOF
	kubectl patch gateway gke-system-gateway --namespace knative-serving --patch "$(cat patch.yaml)" --type='merge'

	# Update myblog/mygkecluster
	# - Create new cluster
	# - Remove old cluster
	# - Remove 2 forwarding rules
	# - kubectl delete ing myblog -n myblog