Skip to content

Instantly share code, notes, and snippets.

View dmc5179's full-sized avatar

Dan Clark dmc5179

53 followers · 8 following
  • Red Hat
View GitHub Profile
@dmc5179
dmc5179 / azure_setup.sh
Created March 7, 2023 20:49
Script to configure an Azure account for OpenShift 4 Deployment
#!/bin/bash
az login
az account set --subscription "Azure subscription 1"
az account show
OCP_TENANT_ID=$(az account show --query tenantId -o tsv)
echo $OCP_TENANT_ID
OCP_SUBSCRIPTION_ID=$(az account show --query id -o tsv)
echo $OCP_SUBSCRIPTION_ID
PREFIX=$SUBSCRIPTION_CODE-ocp-dev
@dmc5179
dmc5179 / operator_cve_scanner.sh
Last active February 3, 2023 14:47
Script to generate an ACS CVE report on all images required for a specific operator and version of that operator. Requires oc-mirror and access to an ACS cluster
#!/bin/bash
# Tool to generate an ACS scan of container images needed for any particular operator/version
# Requires a running ACS system.
OC_MIRROR="${OC_MIRROR:-oc-mirror}"
OCP_VERSION="${OCP_VERSION:-4.11}"
OPERATOR_CATALOG="${OPERATOR_CATALOG:-registry.redhat.io/redhat/redhat-operator-index}"
OPERATOR="${OPERATOR:-compliance-operator}"
#OPERATOR_CHANNEL=""
@dmc5179
dmc5179 / gist:09d8b50af8567d3b68ce660d387a07d1
Created November 8, 2022 14:36
Script to pull the list of container images that are part of the OpenShift 4 Samples Operator
#!/bin/bash -xe
REGEX="registry.redhat.io|registry.access.redhat.com|quay.io"
OCP_VER="4.11.13"
CONT_NAME="samples_export"
IMG=$(curl -s https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/${OCP_VER}/release.txt | grep cluster-samples-operator | awk '{print $2}')
@dmc5179
dmc5179 / prometheus_query.sh
Created September 2, 2022 23:31
OpenShift 4 Prometheus time series query
QUERY="kube_pod_status_phase{phase='Running'}"
HEADER="Authorization: Bearer sha256~....."
API="https://prometheus-k8s-openshift-monitoring.apps.ocp4.something.io/api/v1/query_range?query"
START="2022-09-02T19:10:30.781Z"
END="2022-09-02T19:11:30.781Z"
STEP="15s"
rawurlencode_vladr() {
local LANG=C
local IFS=
@dmc5179
dmc5179 / openshift-api-example.md
Created January 22, 2022 17:05
Calling the OpenShift API from inside a pod
  • Create a user for the pods that will call the OpenShift API
oc create sa rest-api-user
  • Assign the user privileges. Note: This is an example, a lesser set of permissions should be used where possible
oc policy add-role-to-user admin -z rest-api-edit
@dmc5179
dmc5179 / source-strategy.yaml
Created August 4, 2021 10:05
OpenShift 4 Build Config using the Source Strategy
---
kind: ImageStream
apiVersion: image.openshift.io/v1
metadata:
name: myapp
namespace: mynamespace
spec: {}
---
apiVersion: build.openshift.io/v1
@dmc5179
dmc5179 / docker-strategy.yaml
Created August 4, 2021 10:03
OpenShift 4 Build Config using the Docker Strategy
---
kind: ImageStream
apiVersion: image.openshift.io/v1
metadata:
name: myapp
namespace: mynamespace
spec: {}
---
kind: BuildConfig
@dmc5179
dmc5179 / openshift4-cronjob-is
Created May 18, 2021 02:32
CronJob in OpenShift 4 using an image stream named alp in the project httpd-test
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: hello
spec:
schedule: "*/1 * * * *"
jobTemplate:
spec:
template:
@dmc5179
dmc5179 / httpd_server_deployment_is.yaml
Created May 7, 2021 14:23
https_server_deployment_is
---
kind: ImageStream
apiVersion: image.openshift.io/v1
metadata:
name: httpd
namespace: httpd-test
spec: {}
#---
#apiVersion: v1
@dmc5179
dmc5179 / httpd_server_deployment.yaml
Created April 29, 2021 16:43
Example OpenShift 4 Deployment of an Apache HTTPD server
#---
#apiVersion: v1
#kind: PersistentVolumeClaim
#metadata:
# name: httpd-pv-claim
# labels:
# app: httpd-frontend
#spec:
# accessModes:
# - ReadWriteOnce