Skip to content

Instantly share code, notes, and snippets.

View mvanholsteijn's full-sized avatar

Mark van Holsteijn mvanholsteijn

76 followers · 8 following
View GitHub Profile
@mvanholsteijn
mvanholsteijn / google_secret_manager_generated_secret_version.md
Created June 16, 2020 09:12

A generated secret version resource.

This will generate a secret and store the value directly in the Google Secret manager secret, to avoid the secret appearing in clear text in the terraform source or the terraform state file.

given secrets should be stored using the google_kms_secret and the google_secret_manager_secret_version.

When the secret version is updated outside the scope of the terraform template, the resource will return the latest version.

@mvanholsteijn
mvanholsteijn / generate_gcp_service_dependencies.py
Last active October 3, 2020 13:31
generates a dot file from to Google Cloud Platform service dependencies
""""
generates a dot file from the output of `google services list --available --format json`.
it only draws services that are referenced as a dependency.
"""
import sys
from re import sub
import json
from typing import Dict, List
ServiceDictionary = Dict[str, "Service"]
@mvanholsteijn
mvanholsteijn / main.py
Last active January 19, 2021 18:40
sample google cloud function exec'ing a python program
import sys
import os
from flask import make_response
import logging as log
import subprocess
def entry(request):
out = ""
err = ""
@mvanholsteijn
mvanholsteijn / deploy.py
Created January 19, 2021 18:41
dummy deploy script demonstrating python script exec
#!/usr/bin/env python3
import sys
if __name__ == "__main__":
print(" ".join(sys.argv))
@mvanholsteijn
mvanholsteijn / copy route53 hosted zone
Last active March 29, 2021 12:08
a short shell script to copy the contents from one Route53 hosted zone to the other
#!/bin/bash
aws route53 list-resource-record-sets \
--hosted-zone ${SOURCE_HOSTED_ZONE_ID} \
--query '{Changes: ResourceRecordSets[?Type != `NS` && Type != `SOA`].{"Action": `UPSERT`, "ResourceRecordSet": @ }}' > changeset.json
aws route53 change-resource-record-sets \
--hosted-zone ${TARGET_HOSTED_ZONE_ID} \
--change-batch "$(<changeset.json)"
@mvanholsteijn
mvanholsteijn / generate-githuber-md-prism-definition
Created May 7, 2021 14:35
generates the PHP prism variable definitions for the WP githuber MD plugin
#!/bin/bash
set -e -u -o pipefail
download_components_json() {
curl -sS -L -o $2 $1
}
generate_prism_codes() {
@mvanholsteijn
mvanholsteijn / privatebin.tf
Created May 24, 2021 13:08
A Cloud Run deployment of PrivateBin
variable "region" {
type = string
default = "europe-west4"
}
variable "project" {
type = string
}
variable "image" {
@mvanholsteijn
mvanholsteijn / enable-private-ip-google-access
Created February 7, 2022 10:06
enable private ip google access on the default network
gcloud compute networks subnets list --network default --format 'value(region)' | \
sed -e 's^.*regions/^^' | \
xargs -P 8 -n 1 gcloud compute networks subnets update default --enable-private-ip-google-access --region
@mvanholsteijn
mvanholsteijn / inspect-the-python-call-stack.py
Last active March 15, 2022 07:48
Inspects the Python call stack searching for a specific object type performing this call
import botocore
from typing import Optional
def get_boto_caller_client_meta() -> Optional[botocore.client.ClientMeta]:
"""
returns the ClientMeta of the boto calling boto client.
"""
for frame in map(lambda f: f.frame, inspect.stack()):
s = frame.f_locals.get('self')
if s and hasattr(s, "meta") and isinstance(s.meta, botocore.client.ClientMeta):
@mvanholsteijn
mvanholsteijn / push-to-image-registry.yaml
Last active July 7, 2022 18:12
generic Github Action workflow to create and publish a container image to ghcr.io
---
name: Create and publish a Docker image
"on":
push:
tags:
- '*'
branches:
- 'main'