Skip to content

Instantly share code, notes, and snippets.

View thbkrkr's full-sized avatar

Thibault Richard thbkrkr

46 followers · 1 following
View GitHub Profile
@thbkrkr
thbkrkr / docker-creds-secret.sh
Created July 7, 2023 12:06
Create a Kubernetes Secret with Docker registry creds stored in docker-credential-desktop
#!/bin/bash -eu
to_auth() {
jq -r '.Username,.Secret' | paste -sd ":" - | tr -d '\n' | base64
}
main() {
registry="$1"
jq -cnM --arg auth $(docker-credential-desktop <<< "$registry" | to_auth) '{
"auths": { "'"$registry"'": { "auth": $auth } }
@thbkrkr
thbkrkr / release-helm.sh
Created April 28, 2023 09:25
Release Helm charts
#!/usr/bin/env bash
#
# Script to release Helm charts.
#
# Requires: helm, gsutil, yq.
#
# Usage: release.sh CHART_DIR
#
@thbkrkr
thbkrkr / get.sh
Created April 14, 2023 21:20
Configure an Elasticsearch Snapshot Repository with a StackConfigPolicy - #ECK
> k get es,scp
NAME HEALTH NODES VERSION PHASE AGE
elasticsearch/xyz green 1 8.7.0 Ready 6m
NAME READY PHASE AGE
stackconfigpolicy/snapshot-repo 1/1 Ready 5m
> eckurl default xyz /_snapshot
{"repo-snapshots":{"type":"s3","settings":{"readonly":"true","base_path":"snapshots/default-xyz"}}}
@thbkrkr
thbkrkr / eckurl
Last active January 23, 2024 09:26
curl Elasticsearch clusters managed by ECK - eckurl ns1/es1 /_cat/health
#!/bin/bash -eu
get-password() {
kubectl -n $ns get secret $esName-es-elastic-user -o go-template='{{.data.elastic | base64decode}}'
}
port-forward-es() {
if [[ "${V:-}" == "1" ]]; then
echo kubectl -n $ns port-forward "service/$esName-es-http" 9200
fi
@thbkrkr
thbkrkr / gist:241d49873038c3b9dabbef0c4f774791
Created December 16, 2020 19:35
Automate french income tax simulation
#!/bin/bash -eu
simul() {
curl 'https://www3.impots.gouv.fr/simulateur/cgi-bin/calc-2020.cgi' \
-H 'User-Agent: agent/0.1' \
-d "$(paste -s -d '&' <<< "$@")" \
> simul.html
}
simul \
@thbkrkr
thbkrkr / cleanup-gcloud.sh
Created February 27, 2020 16:22
Remove orphaned forwarding-rules and target pools on Google Cloud
#!/bin/bash -eu
# Remove orphaned forwarding-rules and target pools on Google Cloud
list_target_pools() {
gcloud compute target-pools list --limit 1000 --format json | \
jq '.[] |
{
name: .name,
region: .region | split("/")[8],
@thbkrkr
thbkrkr / gcloud-ssh-sysctl-vmmaxmapcount.sh
Created November 7, 2019 19:42
Set vm.max_map_count=262144 on the nodes of a GKE cluster #k8s
#!/bin/bash -eu
# Increase Virtual Memory for Elasticsearch on GKE
# https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html
# Dependencies: kubectl, gcloud, jq
nodes() {
kubectl get nodes -o custom-columns=n:.metadata.name --no-headers
}
@thbkrkr
thbkrkr / bump.sh
Created September 25, 2019 10:14
Bump version
#!/bin/bash
set -euo pipefail
#
# Bump version
#
old=v1alpha1
new=v1beta1
replace() {
@thbkrkr
thbkrkr / es-eck-gke-quickstart.sh
Last active November 18, 2023 01:17
Elasticsearch on GKE using ECK
#!/bin/bash -eu
# install kubectl: https://kubernetes.io/docs/tasks/tools
# install gcloud: https://cloud.google.com/sdk/docs/install
# authenticate: gcloud auth login
# gcloud container clusters create c0 --region europe-west1
kubectl create -f https://download.elastic.co/downloads/eck/2.10.0/crds.yaml
kubectl apply -f https://download.elastic.co/downloads/eck/2.10.0/operator.yaml
@thbkrkr
thbkrkr / c8rl.sh
Created May 27, 2019 14:24
Kubernetes API curl script
c8rl() {
local cacert=/dev/shm/ca.crt
if [[ ! -f $cacert ]]; then
SECRET=$(kubectl get serviceaccount default -o json | jq -Mr '.secrets[].name | select(contains("token"))')
export TOKEN=$(kubectl get secret ${SECRET} -o json | jq -Mr '.data.token' | base64 -d)
export APISERVER=https://$(kubectl -n default get endpoints kubernetes --no-headers | awk '{ print $2 }')
kubectl get secret ${SECRET} -o json | jq -Mr '.data["ca.crt"]' | base64 -d > $cacert
fi
local uri=${1:-version}