Mrunal Patel mrunalp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM registry.ci.openshift.org/ocp/builder:rhel-9-golang-1.19-openshift-4.13 AS rhel9-builder | |
| WORKDIR /go/src/github.com/openshift/sdn | |
| COPY . . | |
| RUN make build --warn-undefined-variables | |
| RUN CGO_ENABLED=1 make build GO_BUILD_PACKAGES="github.com/openshift/sdn/cmd/openshift-sdn-cni" --warn-undefined-variables | |
| FROM registry.ci.openshift.org/ocp/builder:rhel-8-golang-1.19-openshift-4.13 AS rhel8-builder | |
| WORKDIR /go/src/github.com/openshift/sdn | |
| COPY . . | |
| RUN make build --warn-undefined-variables |
mrunalp
/ pull-secret update OpenShift4
Created
June 14, 2023 22:00
— forked from sallyom/pull-secret update OpenShift4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## OpenShift4 pull-secret: | |
| 1. Download your pull-secret from [console.redhat.com](https://console.redhat.com/openshift/install/aws/installer-provisioned) | |
| - click on “Download Pull Secret”. Save it somewhere, e.g. ~/some-dir/pull-secret | |
| 2. Add the apps.ci auth to pull-secret! _internal OpenShift developers only_ | |
| - Obtain an API token by visiting https://oauth-openshift.apps.ci.l2s4.p1.openshiftapps.com/oauth/token/request | |
| copy the oc login cmd and paste in terminal to login to the ci cluster, then run this: | |
| - `$ oc registry login --to ~/some-dir/pull-secret` | |
| This will append the auth from registry.ci.openshift.org to your cloud.openshift.com pull-secret but it will also | |
| make the pull-secret multi-line. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@fedora ~]# cat /usr/share/applications/slack.desktop | |
| [Desktop Entry] | |
| Name=Slack | |
| StartupWMClass=Slack | |
| Comment=Slack Desktop | |
| GenericName=Slack Client for Linux | |
| Exec=/usr/bin/slack --ozone-platform=wayland --enable-features=UseOzonePlatform,WaylandWindowDecorations,WebRTCPipeWireCapturer %U | |
| Icon=/usr/share/pixmaps/slack.png | |
| Type=Application | |
| StartupNotify=true |
mrunalp
/ pull_with_sigstore.log
Created
February 2, 2023 22:16
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@fedora sigstore]# podman --log-level=debug pull ttl.sh/myalpine:1h | |
| INFO[0000] podman filtering at log level debug | |
| DEBU[0000] Called pull.PersistentPreRunE(podman --log-level=debug pull ttl.sh/myalpine:1h) | |
| DEBU[0000] Merged system config "/usr/share/containers/containers.conf" | |
| DEBU[0000] Using conmon: "/usr/bin/conmon" | |
| DEBU[0000] Initializing boltdb state at /var/lib/containers/storage/libpod/bolt_state.db | |
| DEBU[0000] Using graph driver overlay | |
| DEBU[0000] Using graph root /var/lib/containers/storage | |
| DEBU[0000] Using run root /run/containers/storage | |
| DEBU[0000] Using static dir /var/lib/containers/storage/libpod |
mrunalp
/ gatekeeper_mutation_spc.yaml
Created
November 1, 2022 23:07
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: mutations.gatekeeper.sh/v1 | |
| kind: Assign | |
| metadata: | |
| name: set-spc | |
| spec: | |
| applyTo: | |
| - groups: [""] | |
| kinds: ["Pod"] | |
| versions: ["v1"] | |
| match: |
mrunalp
/ httpd.yaml
Created
May 24, 2022 20:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: httpd | |
| spec: | |
| containers: | |
| - name: httpd | |
| image: httpd:2.4-alpine |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [mrunalp@fedora ~]$ oc debug node/ci-ln-448x92k-72292-wppv7-worker-a-v29zc | |
| W0519 18:18:56.438639 166726 warnings.go:70] would violate PodSecurity "restricted:latest": host namespaces (hostNetwork=true, hostPID=true), hostPath volumes (volume "host"), privileged (container "container-00" must not set securityContext.privileged=true), allowPrivilegeEscalation != false (container "container-00" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "container-00" must set securityContext.capabilities.drop=["ALL"]), restricted volume types (volume "host" uses restricted volume type "hostPath"), runAsNonRoot != true (pod or container "container-00" must set securityContext.runAsNonRoot=true), runAsUser=0 (container "container-00" must not set runAsUser=0), seccompProfile (pod or container "container-00" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") | |
| Starting pod/ci-ln-448x92k-72292-wppv7-worker-a-v29zc-debug ... | |
| To use host binaries, run `c |
mrunalp
/ crierrors.go
Created
March 18, 2020 21:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package crierrors | |
| import "errors" | |
| import "google.golang.org/grpc/codes" | |
| import "google.golang.org/grpc/status" | |
| var ( | |
| // ErrNotFound is a an error epresenting an object not found | |
| // like a pod or a container. | |
| ErrNotFound = errors.New("cri: not found") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set -e | |
| set -x | |
| RUNC_GOPATH="$(mktemp -d)" | |
| CONTAINERD_GOPATH="$(mktemp -d)" | |
| PWD="$(pwd)" | |
| function cleanup() { | |
| rm -rf "${RUNC_GOPATH}" | |
| rm -rf "${CONTAINERD_GOPATH}" |
mrunalp
/ policy.json
Created
August 25, 2017 21:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "default": [ | |
| { | |
| "type": "insecureAcceptAnything" | |
| } | |
| ], | |
| "transports": | |
| { | |
| "docker-daemon": | |
| { |
NewerOlder