Sumanth Reddy sumanthkumarc
sumanthkumarc
/ argocd-cm-full.yaml
Created
May 12, 2023 11:17
argocd - custom actions added with upstream actions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| labels: | |
| app.kubernetes.io/component: server | |
| app.kubernetes.io/instance: argocd | |
| app.kubernetes.io/name: argocd-cm | |
| name: argocd-cm | |
| namespace: argocd | |
| data: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: ConfigMap | |
| metadata: | |
| labels: | |
| app.kubernetes.io/component: server | |
| app.kubernetes.io/name: argocd-cm | |
| app.kubernetes.io/part-of: argocd | |
| name: argocd-cm | |
| namespace: argocd | |
| data: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| databases: | |
| my_handy_db_alias: # SOME HANDY IDENTIFIER KEY TO USE IN CLI ARGS FOR --db. USEFUL WHEN TWO DB'S ACROSS HOSTS HAS SAME NAME. | |
| name: <DATABASE_NAME> # THIS IS THE ACTUAL DATABASE NAME | |
| host: <WRITER_HOST_URL> # THIS IS THE DEFAULT HOST BEING USED FOR OPERATIONS. | |
| reader_host: <READER_HOST_URL> # IDEA IS TO USE THIS AUTOMATICALLY FOR READER USER ROLE. THIS IS TODO FOR NOW. | |
| port: <DB_PORT> | |
| db_type: <DATABASE_TYPE> # THIS IS DIRECT RELATED TO USQL DRIVER NAMES. THE SCHEME PART OF DSN. | |
| credentials: | |
| - username: root | |
| role: admin # USED IN CLI ARGS FOR --role. |
sumanthkumarc
/ check_revoke_list.go
Created
August 3, 2022 17:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copied from https://github.com/kumahq/kuma/blob/master/pkg/core/tokens/validator.go#L65 | |
| revoked, err := j.revocations.IsRevoked(ctx, claims.ID()) | |
| if err != nil { | |
| return errors.Wrap(err, "could not check if the token is revoked") | |
| } | |
| if revoked { | |
| return errors.New("token is revoked") | |
| } |
sumanthkumarc
/ call_token_endpoint.go
Created
August 3, 2022 17:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| req, err := http.NewRequest("POST", "/tokens/dataplane", bytes.NewReader(reqBytes)) | |
| if err != nil { | |
| return "", errors.Wrap(err, "could not construct the request") | |
| } |
sumanthkumarc
/ generate_signing_key.go
Created
August 3, 2022 17:16
Code to ensure dp token signing key
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Copied from https://github.com/kumahq/kuma/blob/master/pkg/defaults/mesh/mesh.go#L60 | |
| created, err := ensureDataplaneTokenSigningKey(ctx, resManager, meshName) | |
| if err != nil { | |
| return errors.Wrap(err, "could not create default Dataplane Token Signing Key") | |
| } | |
| if created { | |
| resKey := tokens.SigningKeyResourceKey(issuer.DataplaneTokenSigningKeyPrefix(meshName), tokens.DefaultSerialNumber, meshName) |
sumanthkumarc
/ dataplane_token_auth.go
Created
August 3, 2022 17:13
Function responsible for authenticating data plane token
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Copied from https://github.com/kumahq/kuma/blob/master/pkg/xds/auth/universal/authenticator.go | |
| func (u *universalAuthenticator) authDataplane(ctx context.Context, dataplane *core_mesh.DataplaneResource, credential auth.Credential) error { | |
| dpIdentity, err := u.dataplaneValidator.Validate(ctx, credential, dataplane.Meta.GetMesh()) | |
| if err != nil { | |
| return err | |
| } | |
| if dpIdentity.Name != "" && dataplane.Meta.GetName() != dpIdentity.Name { | |
| return errors.Errorf("proxy name from requestor: %s is different than in token: %s", dataplane.Meta.GetName(), dpIdentity.Name) |
sumanthkumarc
/ aws-auth-definition.yaml
Created
June 10, 2022 06:09
— forked from guygrip/aws-auth-definition.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # each mapRoles entry maps an IAM role to a username and set of groups | |
| # Each username and group can optionally contain template parameters: | |
| # 1) "{{AccountID}}" is the 12 digit AWS ID. | |
| # 2) "{{SessionName}}" is the role session name, with `@` characters | |
| # transliterated to `-` characters. | |
| # 3) "{{SessionNameRaw}}" is the role session name, without character | |
| # transliteration (available in version >= 0.5). | |
| mapRoles: | |
| # statically map arn:aws:iam::000000000000:role/KubernetesAdmin to cluster admin | |
| - roleARN: arn:aws:iam::000000000000:role/KubernetesAdmin |
sumanthkumarc
/ namespace-deletion-controller-call-stack.txt
Last active
February 3, 2022 18:34
namespace-deletion-controller rough call stack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| go wait.Until(nm.worker, time.Second, stopCh) - namespace_controller.go #209 | |
| err := nm.syncNamespaceFromKey(key.(string)) - namespace_controller.go #148 | |
| nm.namespacedResourcesDeleter.Delete(namespace.Name) - namespace_controller.go #192 | |
| estimate, err := d.deleteAllContent(namespace) - namespaced_resources_deleter.go #133 | |
| # 1. Resource discovery phase | |
| resources, err := d.discoverResourcesFn() #502 | |
| conditionUpdater.ProcessDiscoverResourcesErr(err) #506 Sets v1.NamespaceDeletionDiscoveryFailure |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var ( | |
| // conditionTypes Namespace condition types that are maintained by namespace_deleter controller. | |
| conditionTypes = []v1.NamespaceConditionType{ | |
| v1.NamespaceDeletionDiscoveryFailure, | |
| v1.NamespaceDeletionGVParsingFailure, | |
| v1.NamespaceDeletionContentFailure, | |
| v1.NamespaceContentRemaining, | |
| v1.NamespaceFinalizersRemaining, | |
| } | |
| okMessages = map[v1.NamespaceConditionType]string{ |
NewerOlder