Fred Dubois duboisf

Get the secret and extract the release.json from it

kubectl get secret sh.helm.release.v1.<helm release>.<release version> -o json > helm-release-secret.json
# backup just in case
cp helm-release-secret.json helm-release-secret.json.bak
# extract the actual release from the secret
jq -r '.data.release' helm-release-secret.json \
  | base64 -d \
  | base64 -d \

HOWTO: ammend a git commit with fixup instead of interactive rebase

I did some modifications to the AGENTS.md file in my GitHub repo and I want to add this change to the commit that added this file in my feature branch. Normally I would:

Stash my changes
Run git rebase -i main and mark the target commit with edit
When the rebase stops at the target commit, I would apply my stashed changes and amend the commit with git commit --amend
Finally, I would continue the rebase with git rebase --continue

But there is a much easier way to do this! I can use the --fixup option of git commit to create a new commit that will be automatically squashed into the target commit during a rebase.

HOWTO: Monitor File Opens with opensnoop-bpfcc

opensnoop-bpfcc is a BPF-based monitoring tool that traces file open system calls in real-time. It's part of the BCC (BPF Compiler Collection) toolkit and provides detailed visibility into which processes are opening files on your system.

I find it easier to use than strace, it gives simple output.

Usage

The command shown monitors all file opens by processes containing "go" in their name:

kubectl get --raw /api/v1/namespaces/argocd/pods/argocd-server-75db8b479f-fpc48:8083/proxy/metrics | grep argocd_info   
# HELP argocd_info ArgoCD version information
# TYPE argocd_info gauge
argocd_info{version="v2.14.9+38985bd"} 1

	#!/bin/sh

	jq '
	.Statement \|= sort_by(.Sid) \|
	.Statement \|= map(
	if .Action then .Action \|= (if type == "array" then sort else . end) else . end \|
	if .Resource then .Resource \|= (if type == "array" then sort else . end) else . end
	)
	' \
	\| jq --sort-keys .

	#!/usr/bin/env bash

	# Gets the karpenter policy from the cloudformation file and replaces the cloudformation
	# parameters and env vars with the variable names we use in our pulumi project.
	# It also sorts the policies by sid and sorts the contents of Action and Resource arrays.

	set -euo pipefail

	if (( $# != 1 )); then
	echo "Usage: $0 <karpenter-version>"

	#!/bin/bash

	gh api graphql --paginate -f query='
	query($owner: String!, $repo: String!, $endCursor: String) {
	repository(owner: $owner, name: $repo) {
	refs(refPrefix: "refs/heads/", first: 100, after: $endCursor, orderBy: {field: TAG_COMMIT_DATE, direction: ASC}) {
	edges {
	node {
	name
	target {

	package sort

	// SortedUniqueFunc returns a sorted list of unique elements extracted from the input slice using the provided getter function.
	func SortedUniqueFunc[T any, E cmp.Ordered](ts []T, get func(T) E) []E {
	elems := make(map[E]struct{})
	for _, t := range ts {
	elem := get(t)
	elems[elem] = struct{}{}
	}
	return slices.Sorted(maps.Keys(elems))

	-- Note: pods that aren't part of a deployment will be summed up together
	-- I _think_ this gives total cost per pod.........
	-- Ref: https://docs.aws.amazon.com/cur/latest/userguide/example-split-cost-allocation-data.html
	SELECT
	ELEMENT_AT(resource_tags, 'aws_eks_cluster_name') AS eks_cluster,
	ELEMENT_AT(resource_tags, 'aws_eks_namespace') AS namespace,
	ELEMENT_AT(resource_tags, 'aws_eks_deployment') AS deployment,
	ROUND(SUM(split_line_item_split_cost), 2) AS split_cost,
	ROUND(SUM(split_line_item_unused_cost), 2) AS split_unused_cost,
	ROUND(SUM(split_line_item_split_cost) + SUM(split_line_item_unused_cost), 2) as total_cost

	emulate -RL zsh

	setopt err_return warn_create_global
	local API_RESOURCE="$1"
	local ctx
	local kind

	if [[ -z "$API_RESOURCE" ]]; then
	print "Usage: kubectl_search_api_resources <API_RESOURCE>" >&2
	print "Will search for the api resources that match the regex API_RESOURCE in all clusters and all namespaces" >&2