• Synthetic ClusterRole or Role using an aggregationRule

    2 min read

    kubernetes Role ClusterRole aggregationRule

    Having a Role or ClusterRole giving permissions to different apiGroups for different reasons makes it difficult to track and, later on, to maintain. By splitting the permissions on logical groups allows us to give predefined groups of permissions to the actual Role.

    13/12/2022

    Read more...

  • Adding a comment on a Pull Request using Github Actions

    2 min read

    github action add comment PR

    As part of a CI/CD pipeline involving GitHub Actions we might want to be able to add a comment to the PR to notify the user about something:

    name: demo_add_comment_pr
on:
  pull_request:
    types: [opened, ready_for_review]
  push:
    branches:
      - '**'
      - '!main'
    paths:    
      - cluster-resources/**
      - tests/**
  workflow_dispatch:

(...)

    12/12/2022

    Read more...

  • Create a JSON object using a cli tool: jq

    1 min read

    jq create json

    We can define jq tool as what's sed but for JSON data: We can use it for multiple purposes, for example to create a valid JSON object.

    Let's assume we want to create a JSON containing a multi-line string, we can simulate it like follows or just use some file with cat:

    $ echo -e "multi\nline"
multi
line

    07/12/2022

    Read more...

  • nmap: List only open ports while scanning

    2 min read

    nmap open port scan list

    While scanning using nmap a network for a specific port (using the -p option), it can be confusing toe get a list of hosts that are alive with either closed or filtered ports while we only care for open ports:

    $ sudo nmap -sS 10.12.16.0/24 -p 8123
Starting Nmap 7.80 ( https://nmap.org ) at 2022-12-04 18:18 CET
Nmap scan report for _gateway (10.12.16.1)
Host is up (0.0010s latency).

PORT     STATE  SERVICE
8123/tcp filtered polipo
MAC Address: CD:44:F0:F4:22:44 (Unknown)

Nmap scan report for 10.12.16.10
Host is up (0.00020s latency).

PORT     STATE SERVICE
8123/tcp open  polipo
MAC Address: DC:A6:33:77:AA:BB (Raspberry Pi Trading)

Nmap scan report for 10.12.16.33
Host is up (0.00046s latency).

PORT     STATE  SERVICE
8123/tcp closed polipo
MAC Address: B8:27:EB:8D:99:11 (Raspberry Pi Foundation)

(...)

Nmap done: 256 IP addresses (15 hosts up) scanned in 1.78 seconds

    05/12/2022

    Read more...

  • AWS CLI: Error parsing AWS config file

    1 min read

    AWS parse config file .aws/config

    One mistake on the .aws/config can lead to a very imprecise error message:

    $ aws sts get-caller-identity
(...)
botocore.exceptions.ConfigParseError: Unable to parse config file: /home/pet2cattle/.aws/config

    01/12/2022

    Read more...

From pet to cattle
Treat your kubernetes clusters like cattle, not pets