Skip to content

Instantly share code, notes, and snippets.

View aweiteka's full-sized avatar

Aaron Weitekamp aweiteka

33 followers · 3 following
  • Red Hat
  • Boston, MA
View GitHub Profile
@aweiteka
aweiteka / registry-console-bootstrap.md
Last active August 18, 2016 21:04

Install Atomic Registry web console

Prerequisites

  • expose registry with route

      oc expose service docker-registry

Deployment

@aweiteka
aweiteka / Dockerfile.auxiliary
Created August 12, 2016 19:56
Sigstore Dockerfiles
# build as sigstore:auxiliary
FROM scratch
LABEL sigstore-url="sigstore.redhat.com:8443" \
pubkey-id="2fa658e0: Red Hat, Inc. (auxiliary key) <[email protected]>" \
pubkey-fingerprint="43A6 E49C 4A38 F4BE 9ABF 2A53 4568 9C88 2FA6 58E0" \
pubkey-download-url="http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x45689C882FA658E0"
@aweiteka
aweiteka / atomic-registry-ports.md
Last active August 9, 2016 13:02
Changing Atomic Registry ports
@aweiteka
aweiteka / atomic-registry-web-console-devenv.sh
Last active February 16, 2017 13:22
Hacking on Atomic Registry web console
#!/bin/bash
#
# for hacking on cockpit registry web UI
# using a container with bindmounted local js source
#
# on host, one time commands:
# cp containers/kubernetes/registry-dashboard-override.json pkg/kubernetes/override.json
# cp pkg/kubernetes/registry.html pkg/kubernetes/index.html
@aweiteka
aweiteka / atomic
Created June 17, 2016 21:07
atomic sign
#!/bin/bash
# atomic pull <image>
# atomic sign <image> <key>
DIR=tmp
IMAGE=$2
KEY=$3
POLICY_FILE=policy.json
@aweiteka
aweiteka / enable_root_atomic_host.md
Last active April 15, 2016 13:49
Enabling root password authenticataion on Atomic Host

Edit ssh configuration file

$ sudo vi /etc/ssh/sshd_config

Change the following values to yes

...
@aweiteka
aweiteka / simple_jjb.yaml
Last active April 6, 2016 14:00
simplified JJB template
defaults:
name: global
images:
- fedora
- rhel
node: jslave1
project:
name: my_workflow
jobs:
@aweiteka
aweiteka / publish-atomic-registry-documentation.sh
Last active September 25, 2016 16:31
Publishing Atomic Registry documentation
#!/bin/bash
git clone https://github.com/openshift/openshift-docs.git
cd openshift-docs/
sudo docker run -it --rm -v `pwd`:/docs:z projectatomic/ascii_binder asciibinder package --site=atomic-registry
# per http://www.asciibinder.org/latest/guides/maintainer_guide.html#site-file-organization
# full HTML site lands in /path/to/openshift-docs/_package/atomic-registry
# Note: files are owned by root due to container running as root.
# Non-root user doesn't have perms to write to local dir
@aweiteka
aweiteka / describing_applications.md
Created March 9, 2016 14:00

Metadata Guiding Principles

  • does not duplicate orchestration artifacts
  • metadata syntax should be...
    • minimal
    • high level
    • meaningful
    • easy to understand and edit by humans
  • parameterization should be pushed down to platform. The deployment operator should be able to override any parameter or object.
@aweiteka
aweiteka / master-config.yaml
Last active January 26, 2016 19:47
OpenShift Authentication config snippet--3 providers: Htpasswd, LDAP (AD) and GitHub
oauthConfig:
assetPublicURL: https://localhost:8443/console/
grantConfig:
method: auto
identityProviders:
- name: github
challenge: false
login: true
mappingMethod: claim
provider: