Skip to content

Instantly share code, notes, and snippets.

@maelvls
maelvls / README.md
Last active November 30, 2020 15:27
Debugging Github Actions timeout issue using Deno (Nodejs replacement)

I had a bug with golangci-lint that would time out on some Github Actions builds. In order to investigate the issue, I wrote this Deno script that would scrap all the logs and look for the memory used (we used golangci-lint with the -v flag which prints how much memory was being spent).

If you also use golangci-lint and have weird time out issues, turn on golangci-lint's -v mode and run this script.

brew install deno

Run it:

kubectl run tcpd -it --rm --image=a --overrides='{"spec": {"hostNetwork": true, "containers": [{"name": "tcpd", "image": "corfr/tcpdump", "tty": true, "stdin": true, "stdinOnce": true, "securityContext": {"capabilities": {"add": ["NET_ADMIN"]}}, "args": ["-i", "any", "-U", "-w", "-"]}]}}'

Don't forget that only the DNS names with .local are forwarded by the sshuttle VPN. If you want e.g. example.com to be also forwarded to the cluster, you need to add --also-proxy example.com.

Example:

telepresence --namespace cert-manager --swap-deployment cert-manager --mount=false --run-shell --also-proxy 'example.com'
@maelvls
maelvls / josejson.py
Last active September 17, 2021 15:01
A mitmproxy pretty-printer for displaying the rfc8555 application/jose+json content type.
"""
This custom pretty-printer for mitmproxy will decode the base64url-encoded
'payload' and 'protected' fields.
This pretty-printer is useful for understanding the POST requests made to
an ACME server, since these requests are made using JWS as JSON, which,
contrary to JWT tokens that are very easy to decode, aren't as common.
The whole JWS as JSON and application/jose+json are detailed in
https://tools.ietf.org/html/rfc8555.
@maelvls
maelvls / README.md
Last active July 13, 2020 13:38
[MOVED] Ngroker — a tiny helper for creating an ngrok session for pairing with my colleagues → https://github.com/maelvls/ngroker
@maelvls
maelvls / README.md
Last active April 21, 2020 15:12
VSCode conf and plugins
% code --list-extensions | pbcopy
adamhartford.vscode-base64
ahebrank.yaml2json
alexdima.copy-relative-path
aliariff.auto-add-brackets
anseki.vscode-color
aprilandjan.ascii-tree-generator
bierner.markdown-preview-github-styles
codezombiech.gitignore

v1.f()

  v1.f()
  0x109959d		488d059c1a0500		LEAQ go.itab.*main.concrete,main.abstract(SB), AX
  0x10995a4		8400			TESTB AL, 0(AX)
  0x10995a6		488d05eba40f00		LEAQ runtime.zerobase(SB), AX
  0x10995ad		48890424		MOVQ AX, 0(SP)
  0x10995b1		e81a000000		CALL main.(*concrete).f(SB)
@maelvls
maelvls / gracefully_shutdown.go
Last active September 23, 2019 07:05
Graceful shutdown with Context + channels (https://play.golang.org/p/ZBxNMddpbj2)
// The point of this snippet is to showcase how to handle gracefully any incoming
// SIGINT (manual ctrl-c) or SIGTERM (process is killed) for a long-running task
// such as a server.
package main
import (
"context"
"fmt"
"log"
"os"
@maelvls
maelvls / README.md
Last active September 8, 2019 16:54
Creating a gcloud project and service account for Rob Pike's upspin
gcloud projects create upspin42
gcloud iam service-accounts create --project  upspin-service-account
gcloud iam service-accounts create --project upspin42 upspin-service-account
gcloud projects add-iam-policy-binding upspin42 --role=roles/owner --member=serviceAccount:upspin-service-account@upspin42.iam.gserviceaccount.com
gcloud iam service-accounts keys create json_key.json --iam-account upspin-service-account@upspin42.iam.gserviceaccount.com --project upspin42
gcloud alpha billing projects link --billing-account $(gcloud alpha billing accounts list --format json | jq -r '.[0].name') upspin42

gcloud dns record-sets transaction start --zone maelvls
gcloud dns record-sets transaction add --project august-period-234610 --zone=maelvls --type=A --ttl 300 --name upspin.maelvls.dev. 34.89.156.68

How to work with the authorization.go middleware

I wanted to make sure no one gets slowed down in their PRs because of the introduction of authorization.go. It has been added to all the services and all HTTP endpoints are affected. Here is how to get around that.

The current impl of authorization.go is algorithm-agnostic regarding the verification. The gateway or sidecar proxy (Envoy/Istio) will handle the verification.

@maelvls
maelvls / openapi.yml
Last active July 29, 2019 09:38
OpenAPI example with discriminator (union types or 'inheritance')
openapi: 3.0.2
info:
title: Dogs and cats
description: some dogs and some cats
version: 1.0.0
paths:
/pets:
patch:
requestBody: