Souheil-Yazji/KFProfileUsers.sh

bryanpaget · 2025-06-27T13:41:57Z

apiVersion: batch/v1
kind: CronJob
metadata:
  name: kubeflow-user-delta-report
  namespace: default
spec:
  schedule: "0 0 * * 0"  # Weekly on Sunday at midnight
  jobTemplate:
    spec:
      template:
        spec:
          containers:
            - name: reporter
              image: bitnami/kubectl:latest
              command:
                - /bin/sh
                - -c
                - |
                  set -e

                  echo "Running Kubeflow user delta script..."

                  cat << 'EOF' > /tmp/delta.sh
                  #!/bin/bash
                  set -e

                  CURRENT_USERS="/tmp/current_users.txt"
                  PREV_USERS="/tmp/previous_users.txt"
                  REPORT_FILE="/tmp/kubeflow_user_delta_report.txt"
                  ARCHIVE_DIR="/reports"

                  mkdir -p "$ARCHIVE_DIR"

                  > "$REPORT_FILE"

                  echo "Fetching current users..." > /dev/stderr
                  {
                    kubectl get profiles -o jsonpath='{.items[*].metadata.name}' | tr ' ' '\n' | while read -r ns; do
                      kubectl get rolebindings -n "$ns" -o json | jq -r '
                        .items[]?.subjects[]?
                        | select(.kind == "User")
                        | .name'
                    done
                  } > "$CURRENT_USERS"

                  sort -u "$CURRENT_USERS" -o "$CURRENT_USERS"

                  if [ ! -f "$PREV_USERS" ]; then
                    echo "First run: Creating baseline."
                    cp "$CURRENT_USERS" "$PREV_USERS"
                    echo "Initial user list saved. No delta to report yet." > "$REPORT_FILE"
                    cat "$REPORT_FILE"
                    exit 0
                  fi

                  echo "Comparing with previous user list..." >> "$REPORT_FILE"
                  echo "=== NEW USERS ===" >> "$REPORT_FILE"
                  comm -13 <(sort "$PREV_USERS") <(sort "$CURRENT_USERS") >> "$REPORT_FILE"

                  echo -e "\n=== USERS REMOVED ===" >> "$REPORT_FILE"
                  comm -23 <(sort "$PREV_USERS") <(sort "$CURRENT_USERS") >> "$REPORT_FILE"

                  # Save historical report
                  TIMESTAMP=$(date +"%Y-%m-%d_%H%M")
                  ARCHIVE_REPORT="$ARCHIVE_DIR/kubeflow_user_delta_report_${TIMESTAMP}.txt"
                  cp "$REPORT_FILE" "$ARCHIVE_REPORT"
                  echo "Historical report saved to $ARCHIVE_REPORT"

                  # Overwrite previous file with current for next run
                  cp "$CURRENT_USERS" "$PREV_USERS"

                  # Output final report
                  cat "$REPORT_FILE"
                  EOF

                  chmod +x /tmp/delta.sh
                  /tmp/delta.sh
              volumeMounts:
                - name: report-volume
                  mountPath: /tmp
                - name: archive-volume
                  mountPath: /reports
          restartPolicy: OnFailure
          volumes:
            - name: report-volume
              emptyDir: {}
            - name: archive-volume
              emptyDir: {}

	#!/bin/bash

	# List all Kubeflow profiles, get name (profiles are 1:1 with namespaces)
	PROFILES=$(kubectl get profiles -o jsonpath='{.items[*].metadata.name}')

	# Iterate over each profile and get RoleBindings, extract user name
	for ns in $PROFILES; do
	echo "Namespace: $ns"
	kubectl get rolebindings -n $ns -o json \| jq '
	.items[] \| select(.subjects[]?.kind == "User") \| {
	user: .subjects[]?.name
	}'
	echo "-------------------------------------"
	done

Souheil-Yazji/KFProfileUsers.sh

Select an option

No results found

Select an option

No results found

bryanpaget commented Jun 27, 2025 •

edited

Loading

Uh oh!

Souheil-Yazji/KFProfileUsers.sh

bryanpaget commented Jun 27, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

bryanpaget commented Jun 27, 2025 •

edited

Loading