Skip to content

Instantly share code, notes, and snippets.

View chancez's full-sized avatar

Chance Zibolski chancez

View GitHub Profile
FROM debian:12-slim
ENV DEBIAN_FRONTEND=noninteractive
RUN adduser git --home /srv/git && \
chown -R git:git /srv/git
RUN apt-get update && \
apt-get install --yes --no-install-recommends --no-install-suggests git openssh-server && \
apt-get clean && \
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
helmCharts:
- name: cilium
repo: oci://quay.io/cilium-charts-dev
# renovate: datasource=docker depName=cilium registryUrl=https://quay.io/cilium-charts-dev versioning=regex:^(?<major>\d+)\.(?<minor>\d+)\.(?<patch>\d+)-dev-dev.(?<build>\d+)-(?<compatibility>.+)-(?<revision>.+)$
version: 1.16.0-dev-dev.572-main-e421c0fd6e
namespace: kube-system
releaseName: cilium
images:
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-amd64.img"
arch: "x86_64"
- location: "https://cloud-images.ubuntu.com/releases/22.04/release/ubuntu-22.04-server-cloudimg-arm64.img"
arch: "aarch64"
networks:
- lima: user-v2
mounts:
import json
from os import getenv, path
from string import Template
from subprocess import run
from sys import exit
ZONE_ID = getenv("ZONE_ID")
ZONE_FILE = getenv("ZONE_FILE")
TERRAFORM_DIR = getenv("TERRAFORM_DIR")
function aws-sso-access-token() {
find "$HOME/.aws/sso/cache" -type f ! -name 'botocore*' -exec jq -r '.accessToken' {} \; | head -n1
}
function aws-sso-list-accounts() {
aws sso list-accounts --access-token "$(aws-sso-access-token)" "$@"
}
function aws-sso-list-account-roles() {
aws sso list-account-roles --access-token "$(aws-sso-access-token)" "$@"
eval "$(echo "$line" | jq -r 'to_entries | map("\(.key)=\(.value|tostring | @sh)") | join(" ")')"
#!/bin/bash
if [ $# -lt 1 ]; then
echo "Usage: $0 sso-instance-arn"
exit 1
fi
# set -e
# set -o pipefail
#!/usr/bin/env python
import string
import sys
import hmac
import hashlib
def split_hex(value):
value = value[4:] if len(value) % 4 == 0 else "0" + value[4:]
return " ".join(value[i:i+4] for i in range(0, len(value), 4))
SECRET = bytearray.fromhex('85 44 E3 B4 7E CA 58 F9 58 30 43 F8')
D = hmac.new(SECRET, digestmod=hashlib.sha1)
module "combined_acm_certificate" {
source = "../../modules/acm_certificate_dns_validated_multi_zone"
providers = {
aws.certificate_requester = aws.infra-production-account
aws.route53_cert_validator = aws.main-account
}
domain_name = "infra.example.com"
zone_to_san = {
"infra.example.com" = [
provider "aws" {
alias = "certificate_requester"
}
provider "aws" {
alias = "route53_cert_validator"
}
resource "aws_acm_certificate" "cert" {
provider = aws.certificate_requester