egeneralov

on:
  push:
    tags:
    - 'v*'

name: Release

jobs:
  build:
    name: Release

egeneralov

vault ldap

enable ldap auth

vault auth enable ldap

write ldap configuration

vault write auth/ldap/config \

egeneralov

k8s-rbac-limit-user-to-namespace.yml

Ansible configuration for limit user to its namespace, and list all namespaces in cluster (for dashboard). Can be used for provide access to stage environments for your developers.

Just ansible-playbook k8s-rbac-limit-user-to-namespace.yml -e namespace=cool-app-development and gather result from /tmp/cool-app-development.yaml

pre-requirements

You must have:

egeneralov

#!/usr/bin/env python3

import sys
import argparse
import subprocess
import yaml


def main(path, name, namespace, options):
  command = "helm template"

egeneralov

---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
  name: chroot
spec:
  replicas: 1
  template:
    metadata:
      labels:

egeneralov

#!/bin/bash -e

NAMESPACE=$1

cat << EOF | kubectl apply -f -
---
apiVersion: v1
kind: Namespace
metadata:
  name: ${NAMESPACE}

egeneralov

#!/bin/bash -xe

apt-get update -q
apt-get install -yq git python-pip

git clone https://github.com/kubernetes-sigs/kubespray
cd kubespray

pip install -r requirements.txt

egeneralov

#!/bin/bash

mkdir hello_app
cd hello_app
echo '#!/usr/bin/env ruby' > hello.rb
echo 'puts "hello world"' >> hello.rb
ruby hello.rb


mkdir -p hello-1.0.0-linux-x86/lib/app

egeneralov

#!/bin/bash -xe

[ -b ${DISK_1:-/dev/sda} ] || exit 1
[ -b ${DISK_2:-/dev/sdb} ] || exit 1

mdadm --stop --scan

sgdisk -og ${DISK_1:-/dev/sda}
sgdisk -n 1:2048:+${SIZE_ROOTFS:-128M} -t 1:fd00 ${DISK_1:-/dev/sda}
sgdisk -n 128:-3M:0 -t 128:ef02 ${DISK_1:-/dev/sda}

egeneralov

#!/bin/bash -xe


# Disk wipe
sgdisk --zap-all ${DEV:-/dev/sda}

# Disk partitioning
sgdisk -og ${DEV:-/dev/sda}
sgdisk -n 1:2048:+128M -t 1:fd00 ${DEV:-/dev/sda}
sgdisk -n 128:-3M:0 -t 128:ef02 ${DEV:-/dev/sda}