-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbash-functions.sh
69 lines (57 loc) · 2.81 KB
/
bash-functions.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/bin/bash
function argo() {
local ARGOCD_PASSWORD=$(kubectl -n argocd get secret argocd-secret -o jsonpath="{.data.admin\.password}" | base64 -d)
echo "Username=admin, password=$ARGOCD_PASSWORD"
if [[ $(uname) == "Linux" ]]; then
xdg-open http://localhost:8080/argocd && kubectl -n argocd port-forward svc/argocd-server 8080:80
else
open http://localhost:8080/argocd && kubectl -n argocd port-forward svc/argocd-server 8080:80
fi
}
function delete_released_pv() {
kubectl get pv -o json | jq -r '.items[] | select(.status.phase == "Released") | .metadata.name' | xargs -n 1 kubectl delete pv
}
function cleanup_pods() {
kubectl delete pods --field-selector=status.phase==Succeeded -A;
kubectl delete pods --field-selector status.phase=Failed -A;
kubectl delete pods $(kubectl get pod --all-namespaces -o jsonpath='{.items[?(@.status.containerStatuses[*].state.waiting.reason=="ImagePullBackOff")].metadata.name}')
}
function get_secrets() {
kubectl get secrets $1 -o yaml | yq '.data | map_values(@base64d)'
}
function check_cluster_for_unsigned_images() {
# Download public key for cosign verification
curl -s https://raw.githubusercontent.com/iits-consulting/charts/main/charts/iits-kyverno-policies/pub-keys/pub.key -o ./pub.key
# Get all pods excluding the kube-system namespace | Remove the headers | Print only the json path for the images
images=$(kubectl get pods --all-namespaces --field-selector metadata.namespace!=kube-system,metadata.namespace!=kyverno -o jsonpath="{..image}" |\
tr -s '[[:space:]]' '\n' |\
sort |\
uniq)
# Iterate over all images
for image in $images; do
# Run cosign verify command for each image
output=$(cosign verify --key pub.key "$image" 2>&1)
if [[ $output == *"no matching signatures"* ]]; then
echo "Image: $image No Cosign signature found"
fi
done
rm pub.key
}
function list_iits_alias() {
iits_alias=$(wget --no-cookies --no-cache -qO - https://raw.githubusercontent.com/iits-consulting/common-bash-functions/main/bash-functions.sh)
echo "Functions:"
echo "${iits_alias}" | awk '/^function/ {print $2}' | cut -d'(' -f 1
echo "---"
echo "Aliases:"
echo "${iits_alias}" | awk '/^alias/ {print $2}' | cut -d'=' -f 1
}
alias k="kubectl"
complete -F __start_kubectl k
alias kns="kubectl config set-context --current --namespace "
alias kenv="kubectl config current-context"
alias kubens='kubectl config set-context --current --namespace '
alias kubeEnv="kubectl config current-context"
alias updateArgoCharts="helm plugin update iits-argo-charts-updater && helm iits-argo-charts-updater"
alias updateCharter="helm plugin update iits-chart-creator && helm iits-chart-creator -v"
alias charter='helm iits-chart-creator infrastructure-charts'
alias fwd="sudo kubefwd svc -n $1"