Skip to content

Instantly share code, notes, and snippets.

View mkmik's full-sized avatar

Marko Mikulicic mkmik

171 followers · 8 following
View GitHub Profile
@mkmik
mkmik / expanded.rs
Created March 24, 2021 17:11
{
use ::rpc::field_mask::{FieldMaskExt, RequiredFieldMaskExt};
use generated_types::google::{protobuf::FieldMask, FieldViolation};
fn find(v: &[String], s: &str) -> bool {
v.iter().any(|i| i.split('.').next().unwrap() == s)
}
fn is_wildcard(mask: &FieldMask) -> bool {
mask.paths.is_empty()
}
@mkmik
mkmik / main.rs
Created March 10, 2021 03:32
use std::process::{Command, Stdio};
use std::os::unix::net::UnixStream;
use std::os::unix::io::{AsRawFd,FromRawFd};
fn main() {
let (_sock1, sock2) = UnixStream::pair().unwrap();
Command::new("sleep")
.arg("200")
.stdin(unsafe{Stdio::from_raw_fd(sock2.as_raw_fd())})
@mkmik
mkmik / Cargo.toml
Created February 23, 2021 16:28
[package]
name = "prostdemo"
version = "0.1.0"
authors = ["Marko Mikulicic <[email protected]>"]
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
prost = "0.7"
@mkmik
mkmik / option_iter.rs
Created October 1, 2020 07:34
// Turns out that this iterator is unnecessary since the std::option::Option type
// itself implements this exact semantics
/// An iterator that yields an element once or never.
///
/// This `struct` is created by the [`once_if_ever`] function. See its documentation for more.
pub struct OnceIfEver<T> {
value: Option<T>,
}
@mkmik
mkmik / fetch.sh
Last active August 14, 2020 09:35
for i in $(crane ls bitnami/node | grep -E '^[0-9]+'); do crane manifest bitnami/node:$i; done >/tmp/layers.jsonish
@mkmik
mkmik / kok
Created June 10, 2020 03:13
#!/bin/bash
set -e
path="$1"
if [ -z "${path}" ]; then
echo "usage: $0 <package or path>"
exit 1
fi
@mkmik
mkmik / deploy-and-test.sh
Created April 29, 2020 21:27
#!/bin/bash
kapp deploy -c -y -a kdemo -f app.yaml
trap 'kill $(jobs -p)' EXIT
kubectl port-forward deploy/kdemo 8080:8080 &
sleep 2
curl http://localhost:8080
@mkmik
mkmik / gist:38423a395e5cf8eeca5f64f266873843
Created March 11, 2020 18:00
package main
import (
"fmt"
"log"
"github.com/google/go-jsonnet"
"github.com/google/go-jsonnet/ast"
"github.com/google/go-jsonnet/toolutils"
)
@mkmik
mkmik / demo.sh
Created March 10, 2020 08:56
#!/bin/bash
fake_command() {
echo some junk
return 1
}
demo() {
FOO="$(fake_command)"
@mkmik
mkmik / README.md
Created October 7, 2019 12:31

Config file with embedded secrets

Kubernetes Secrets are very flexible and can be consumed in many ways. Secret values can be passed to containers as environment variables or appear as regular files when mouting secret volumes.

Often users end up using the latter method just to wrap full configuration files into k8s secrets, just because one or more fields in the config file happen to be secrets (e.g. a database password, or a session cookie encryption key).

Ideally you should avoid configuring your software that way and instead splitting your configuration from your secrets somehow. Also make sure you know about 12 Factor.