Created
September 21, 2022 01:20
-
-
Save dlbewley/81c567f3ec867ef7beb5f566be47d482 to your computer and use it in GitHub Desktop.
experimental "one liner" to export stackrox alerts (violations)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # read values from 1Password, YMMV | |
| CLUSTER="hub-lab-bewley-net" | |
| VAULT="development" | |
| ROX_CENTRAL_ENDPOINT="$(op read op://$VAULT/$CLUSTER/acs/endpoint)" # cluster | |
| ROX_CENTRAL_ENDPOINT_PUB="$(op read op://$VAULT/$CLUSTER/acs/endpoint-pub)" # public | |
| ROX_CA_CERT="$(op read op://$VAULT/$CLUSTER/acs/ca)" | |
| ROX_API_TOKEN="$(op read op://$VAULT/$CLUSTER/acs/admin-token)" | |
| # Central CA cert that would obviate -k | |
| # oc extract secrets/service-ca -n stackrox --keys=ca.pem --to=- | |
| ROXCTL_IMAGE="openshift4/ose-cli" | |
| # set defaults for missing values | |
| ROX_CENTRAL_ENDPOINT="${ROX_CENTRAL_ENDPOINT:-central.stackrox.svc:443}" | |
| ROX_API_TOKEN="${ROX_API_TOKEN:-missing api token}" | |
| # Omit last line below to run curl by hand | |
| # Example invocation within pod: | |
| # curl -sk -H "Authorization: Bearer $ROX_API_TOKEN" \ | |
| # "https://$ROX_CENTRAL_ENDPOINT/v1/alerts?query=Inactive%20Deployment%3Afalse" \ | |
| # | python -m json.tool | |
| oc run oc-cli \ | |
| --rm -i --tty \ | |
| --image $ROXCTL_IMAGE \ | |
| --labels="app=oc-client" \ | |
| --env ROX_API_TOKEN="$ROX_API_TOKEN" \ | |
| --env ROX_CA_CERT="$ROX_CA_CERT" \ | |
| --env ROX_CENTRAL_ENDPOINT="$ROX_CENTRAL_ENDPOINT" \ | |
| --env EVENTS_QUERY="" \ | |
| --command -- /bin/bash \ | |
| -c 'curl -sk -H "Authorization: Bearer $ROX_API_TOKEN" "https://$ROX_CENTRAL_ENDPOINT/v1/alerts?$EVENTS_QUERY"' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment