oshoval

#!/bin/bash

cd /root/go/src/github.com/ovn-kubernetes
unset KUBECONFIG
# removed -ikv, will be installed by HCO
pushd contrib; ./kind.sh --multi-network-enable -nse -lr -i6 -ic; popd
export KUBECONFIG=$(realpath ~/ovn.conf)
oc delete ds -n kube-system kube-multus-ds

cd /root/go/src/github.com/kubevirt/hyperconverged-cluster-operator

oshoval

---
apiVersion: v1
kind: Namespace
metadata:
  name: blue-ns
  labels:
    k8s.ovn.org/primary-user-defined-network: ""
---
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition

oshoval

#!/bin/bash

passt_binding_image="quay.io/kubevirt/network-passt-binding:20250710_4eea8f8826"

# TODO add the kubevirt FG

kubectl -n kubevirt patch kubevirt kubevirt --type=json --patch '[{"op":"add","path":"/spec/configuration/network","value":{}},{"op":"add","path":"/spec/configuration/network/binding","value":{"passt":{"computeResourceOverhead":{"requests":{"memory":"250Mi"}},"migration":{"method": ""},"networkAttachmentDefinition":"default/primary-udn-kubevirt-binding","sidecarImage":"'"${passt_binding_image}"'"},"l2bridge":{"domainAttachmentType":"managedTap","migration":{}}}}]'

cat <<EOF | kubectl apply -f -
---

oshoval

import requests
from lxml import html

url = "https://pkg.go.dev/vuln/GO-2024-3333"
response = requests.get(url)
tree = html.fromstring(response.content)

symbols_div = tree.xpath('//div[@class="VulnEntryPackages-attr VulnEntryPackages-symbols"]')[0]
symbols = symbols_div.xpath('.//ul/li/a/text()')

oshoval

1. Make sure you are use sslip, and have a valid pull secret.
2. Copy the kubeconfig from your remote machine to your local, export KUBECONFIG pointing to it.
3. Change kubeconfig `server` line to match your remote machine ip i.e `server: 10.1.2.3:6443` (keep original port).
4. On your local machine run the following command in the background `sshuttle -r root@your_hypervisor 192.168.122.0/24`
5. Open the console URL, i.e `console-openshift-console.apps.multi-homing.192-168-122-253.sslip.io` on your local chrome (get it via oc get routes -A).

oshoval

#!/bin/bash

# CNAO package bump helper
# make sure you already have a CNAO with remote upstream, and origin branches
# no untracked files allowed on folder

# ./bumper.sh CVE-2021-38561 golang.org/x/text@v0.3.7 release-0.89

if [ $# -ne 3 ]; then
    echo "Syntax: $0 <CVE> <TARGET_PACK> <BR>"

oshoval

#!/bin/bash

# curl -sL https://storage.googleapis.com/kubevirt-prow/devel/nightly/release/kubevirt/kubevirt/latest
# ./publish.sh 20241010 quay.io/oshoval

# curl -LO "$kubevirt_release_url/kubevirt-operator.yaml"
# curl -LO "$kubevirt_release_url/kubevirt-cr.yaml"
# sed -i "s|quay.io/kubevirt/virt-operator:[^ ]*|quay.io/oshoval/virt-operator:20241010_3dda04c0fd|g" kubevirt-operator.yaml
# kubectl apply -f "kubevirt-operator.yaml"
# kubectl apply -f "kubevirt-cr.yaml"

oshoval

---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    app: ipam-virt-workloads
    app.kubernetes.io/component: manager
    app.kubernetes.io/created-by: kubevirt-ipam-controller
    app.kubernetes.io/instance: system
    app.kubernetes.io/managed-by: kustomize

oshoval

export CRI_BIN=${CRI_BIN:-docker}

# cd ovn-k8s
# add the local registry (--local-kind-registry / -lr) to the command

pushd contrib; ./kind.sh --multi-network-enable -ic -nse -ikv -lr -i6; popd
export KUBECONFIG=$(realpath ~/ovn.conf)

# cd kubevirt

oshoval

#!/bin/bash -ex

# Enabling OpenShift FeatureSet on KCLI makes the cluster unstable, hence lets enable specifically just what needed.

# Make sure you have the desired KCLI / HCO nighly deployed (this doc doesnt cover it).
# See https://access.redhat.com/articles/6070641

# This script enables only OCP features, not HCO ones.

oc patch network.operator.openshift.io cluster --type='merge' -p='{"spec":{"managementState":"Unmanaged"}}'