Timeline: March 7 - May 31
Sascha Grunert saschagrunert
saschagrunert
/ config.json
Created
August 12, 2024 09:05
crun 1.16: critest "[k8s.io] Container Mount Propagation runtime should support mount propagation [It] mount with 'rshared' should support propagation from host to container and vice versa" fails
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "ociVersion": "1.2.0", | |
| "process": { | |
| "user": { | |
| "uid": 0, | |
| "gid": 0, | |
| "additionalGids": [0, 10] | |
| }, | |
| "args": ["sh", "-c", "top"], | |
| "env": [ |
saschagrunert
/ ping.strace
Last active
July 31, 2024 10:43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| execve("/usr/sbin/ping6", ["ping6", "-c1", "1100:200::3"], 0xffffdc418380 /* 16 vars */) = 0 | |
| brk(NULL) = 0xaaaabc4f5000 | |
| mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xffffb63e4000 | |
| faccessat(AT_FDCWD, "/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) | |
| openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 | |
| newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=9207, ...}, AT_EMPTY_PATH) = 0 | |
| mmap(NULL, 9207, PROT_READ, MAP_PRIVATE, 3, 0) = 0xffffb63e1000 | |
| close(3) = 0 | |
| openat(AT_FDCWD, "/lib64/libcap.so.2", O_RDONLY|O_CLOEXEC) = 3 | |
| read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\267\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832 |
saschagrunert
/ cri-client-staging.md
Created
June 6, 2024 11:28
saschagrunert
/ examples.yaml
Created
May 16, 2023 08:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Verify signed image using a public key without a fulcio issued certificate. | |
| apiVersion: config.openshift.io/v1alpha1 | |
| kind: ImagePolicy | |
| metadata: | |
| name: image-is-signed | |
| spec: | |
| images: | |
| - hostname:5000/myns/sigstore-signed-with-full-references | |
| policy: |
saschagrunert
/ api.go
Created
May 16, 2023 08:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package api | |
| import ( | |
| metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | |
| ) | |
| type ImagePolicy struct { | |
| metav1.TypeMeta `json:",inline"` | |
| metav1.ObjectMeta `json:"metadata,omitempty"` | |
| Spec ImagePolicySpec `json:"spec"` |
saschagrunert
/ Vagrantfile
Last active
October 30, 2023 13:35
Environment for building Red Hat packages
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| # Vagrant box for testing | |
| Vagrant.configure("2") do |config| | |
| config.vm.box = "fedora/35-cloud-base" | |
| memory = 6144 | |
| cpus = 4 | |
| config.vm.provider :virtualbox do |v| |
saschagrunert
/ mc.yml
Created
December 5, 2022 10:13
MachineConfig for using https://github.com/saschagrunert/backingFsBlockDev
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: machineconfiguration.openshift.io/v1 | |
| kind: MachineConfig | |
| metadata: | |
| labels: | |
| machineconfiguration.openshift.io/role: worker | |
| name: recreate-backingfsblockdev | |
| spec: | |
| config: | |
| ignition: | |
| version: 3.2.0 |
saschagrunert
/ kubernetes-verify.sh
Created
December 1, 2022 14:13
Verifying Kubernetes binary artifacts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -euox pipefail | |
| TAG=v1.26.0-rc.1 | |
| URL=https://dl.k8s.io/release/$TAG/bin/linux/amd64 | |
| BIN=kubectl | |
| for EXT in "" .sig .cert; do | |
| FILE=$BIN$EXT | |
| curl -sSfL --retry 3 --retry-delay 3 $URL/$FILE -o $FILE |
saschagrunert
/ seccomp.json
Created
November 14, 2022 10:39
seccomp profile for the default nginx container
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "defaultAction": "SCMP_ACT_ERRNO", | |
| "architectures": ["SCMP_ARCH_X86_64", "SCMP_ARCH_X86", "SCMP_ARCH_X32"], | |
| "syscalls": [ | |
| { | |
| "names": [ | |
| "accept4", | |
| "access", | |
| "arch_prctl", | |
| "bind", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -*- mode: ruby -*- | |
| # vi: set ft=ruby : | |
| Vagrant.configure("2") do |config| | |
| config.vm.box = "generic/rocky8" | |
| memory = 6144 | |
| cpus = 4 | |
| config.vm.provider :virtualbox do |v| | |
| v.memory = memory |
NewerOlder