2021-11-12 09:24:56 +00:00
#!/bin/bash
function kubernetes_configs( ) {
# set KUBECONFIG to default kubeconfig and all *.yaml files in .kube
local KUBE_CONFIG_DEFAULT = " $HOME /.kube/config "
local KUBE_CONFIG_DIR = " $HOME /.kube "
local KUBE_CONFIG_EXTENTION = "*.yaml"
if [ [ -f " ${ KUBE_CONFIG_DEFAULT } " ] ] ; then
export KUBECONFIG = " $KUBE_CONFIG_DEFAULT "
fi
[ [ -d " ${ KUBE_CONFIG_DIR } " ] ] || mkdir -p " ${ KUBE_CONFIG_DIR } "
# shellcheck disable=SC2044
for file in $( find " ${ KUBE_CONFIG_DIR } " -type f -name " $KUBE_CONFIG_EXTENTION " ) ; do
export KUBECONFIG = " $file : $KUBECONFIG "
done
2021-11-12 12:00:12 +00:00
if [ [ $( command -v kubectl) ] ] ; then
complete -W " $( kubectl config get-contexts -o name) " kuc
fi
2021-11-12 09:24:56 +00:00
}
kubernetes_configs
2021-11-12 10:36:09 +00:00
function kc( ) {
# print all kubernetes contexts
kubectl config get-contexts
}
function kuc( ) {
# use kubernetes context <param>
kubectl config use-context " $1 "
}
2021-11-12 12:34:58 +00:00
function k( ) {
kubectl " $@ "
}
[ [ $( type -t __start_kubectl) = = function ] ] && complete -o default -F __start_kubectl k
2022-03-28 06:46:25 +00:00
function validate_private_ingress( ) {
local PRIVATE_PROJECT_ID = " ${ PRIVATE_PROJECT_ID :- p -c5fcj } "
local WHITELIST_SOURCE_RANGE = " ${ WHITELIST_SOURCE_RANGE :- 10 .0.0.0/8 } "
local OK = '\e[32m\u2714\e[0m'
local NOT_OK = '\u274c'
printf "Validating ingresses in private project (%s}\n" " $PRIVATE_PROJECT_ID "
2022-04-06 12:53:29 +00:00
printf "%-22s %s\n" "namespace" "ingress"
printf -- '-%.0s' { 1..30}
printf "\n"
2022-03-28 06:46:25 +00:00
for NS in $( kubectl get namespaces --selector= field.cattle.io/projectId= " $PRIVATE_PROJECT_ID " --template "{{range .items}}{{.metadata.name}}{{\"\n\"}}{{end}}" ) ; do
for INGRESS in $( kubectl --namespace " $NS " get ingress --template "{{range .items}}{{.metadata.name}}{{\"\n\"}}{{end}}" ) ; do
if [ [ $( kubectl --namespace " $NS " get ingress " $INGRESS " -o jsonpath = '{.metadata.annotations.nginx\.ingress\.kubernetes\.io/whitelist-source-range}' ) = = " $WHITELIST_SOURCE_RANGE " ] ] ; then
echo -n -e " $OK "
else
echo -n -e " $NOT_OK "
fi
printf "%-20s %s\n" " $NS " " $INGRESS "
done
done
}
2022-04-08 10:38:54 +00:00
function k8s_list_deprecation_apis( ) {
#Prints all api deprecation warnings in cluster
2022-04-08 11:04:34 +00:00
if ! command -v prom2json > /dev/null; then
printf "You need prom2json for this function: https://github.com/prometheus/prom2json\n"
return 1
fi
2022-04-08 10:38:54 +00:00
kubectl get --raw /metrics | prom2json | jq -c '.[] | select(.name=="apiserver_requested_deprecated_apis").metrics[].labels' | column -t -s'{}[],"'
}
2022-05-24 07:23:40 +00:00
function neuvector_cve_db_version( ) {
local NAMESPACE = "cattle-neuvector-system"
printf "%-40s %s\n" "Pod" "CVE DB version"
for POD in $( kubectl -n $NAMESPACE get pods -l 'app=neuvector-scanner-pod' --template "{{range .items}}{{.metadata.name}}{{\"\n\"}}{{end}}" ) ; do
version = " $( kubectl -n " $NAMESPACE " logs " $POD " | grep "Expand new DB" | tail -1 | sed -n 's/.*Expand new DB - version=\([0-9]*\.[0-9]*\)/\1/p' ) "
printf "%-40s %s\n" " $POD " " $version "
done
}