Ramblings of a cloud engineer

Welcome to my little corner of the internet.

Diff check and Manifest generation in GitHub Actions

Diff check and manifest generation GitHub Actions For Go projects it’s crucial that you don’t forget to run go mod tidy from time to time. Combine that with a project that includes Kubernetes controllers and the other thing people tend to forget is running make manifest && make generate. To check for these I added a small GitHub action that looks like this: name: Check for diff after manifest and generated targets on: pull_request: {} jobs: diff-check-manifests: name: Check for diff runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 with: fetch-depth: 0 - name: Make manifests && generate run: | make manifests && make generate - name: Setup Go uses: actions/setup-go@v3 with: go-version-file: '${{ github....

August 11, 2023 · 1 min · hannibal

Digital and Analog notes together

Digital and analog notes together This fight is as old as time itself. Okay, maybe not that old. But as soon as viable digital note-taking tools appeared it was on. Since then, many solutions that live together have appeared. PKM tools like Second Brain running hand-in-hand with Zettelkasten or BuJo have opened my eyes to combining them in a way that makes the outcome more powerful than each alone would be....

July 28, 2023 · 7 min · hannibal

How to add a self-signed certificate to the GitHub action runner

Adding a certificate to a GitHub runner Imagine having a project where you have a server that you would like to run with TLS. Let’s say, you want to run a Docker registry in a cluster using TLS. You need the generated certificate’s root certificate in the trust store of the GitHub action runner. This is simple with mkcert. The action is simple: name: tests on: pull_request: paths-ignore: - 'CODE_OF_CONDUCT.md' - 'README....

July 4, 2023 · 4 min · hannibal

Comments are back

Well, the previous post was a lie ( or rather a copy and paste error ).

May 11, 2023 · 1 min · hannibal

Test comments

Hello dear reader. I switched to a new theme that has Dark Mode. I’m hoping nothing changed regarding the RSS functionality. I removed the comments because I rarely used them. Also disabled any sort of tracking. Enjoy, Gergely.

May 11, 2023 · 1 min · hannibal

Dark mode and a new theme

Hello dear reader. I switched to a new theme that has Dark Mode. I’m hoping nothing changed regarding the RSS functionality. I removed the comments because I rarely used them. Also disabled any sort of tracking. Enjoy, Gergely.

May 10, 2023 · 1 min · hannibal

Painless controller testing with e2e-framework and tilt

Welcome dear reader. When last we met, we talked a lot about setting up Tilt for rapid controller development. Now, let’s see how powerful Tilt can be once we bring it together with Kubernetes’ e2e-framework. Controller E2E Framework I’d like to present my controller-e2e-framework which brings Tilt and e2e-framework together to easily write and run tests for controllers that work together. This framework can be used to integration test or e2e test controllers that work together....

March 12, 2023 · 7 min · hannibal

Rapid Kubernetes Controller Development with Tilt

Welcome dear reader. Today, we are going to dive into how to use Tilt to speed up the feedback loop of developing a Kubernetes controller. We are going to do that using an open-source project called OCM which has a controller called ocm-controller. I’m going to walk through the following process: researching tilt what it could do for me understanding the Tilt file trivial mapping of the developer process understanding Starlark adding more features tackling hot swapping troubleshooting Let’s dive in....

February 25, 2023 · 23 min · hannibal

Forming the habit of analog journaling - Why the digital format did not work for me

You can see, I wasn’t able to decide on a title. That’s because I wanted to express more than a “How to get started with Journaling” kind of vibe. There are a lot of posts about that already. Rather, this post depicts my struggle to get into this habit. TL;DR It turned out that it took way too long to get into writing a simple entry with too many steps. Taking out a notebook and starting to write is a lot faster and cheaper....

January 4, 2023 · 9 min · hannibal

Generate a sample YAML file from a CRD

Hello. This one is a quick update. Just a showcase really. I wrote a tool to generate a sample YAML file from a CRD. Given a CRD like this one, it would output a generate yaml sample like this: apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 kind: AWSCluster metadata: {} spec: additionalTags: {} bastion: allowedCIDRBlocks: ["string"] ami: string disableIngressRules: true enabled: true instanceType: string controlPlaneEndpoint: host: string port: 1 controlPlaneLoadBalancer: additionalSecurityGroups: ["string"] crossZoneLoadBalancing: true healthCheckProtocol: string name: string scheme: string subnets: ["string"] identityRef: kind: AWSCluster name: string imageLookupBaseOS: string imageLookupFormat: string imageLookupOrg: string network: cni: cniIngressRules: - description: string fromPort: 1 protocol: string toPort: 1 securityGroupOverrides: {} subnets: - availabilityZone: string cidrBlock: string id: string ipv6CidrBlock: string isIpv6: true isPublic: true natGatewayId: string routeTableId: string tags: {} vpc: availabilityZoneSelection: string availabilityZoneUsageLimit: 1 cidrBlock: string id: string internetGatewayId: string ipv6: cidrBlock: string egressOnlyInternetGatewayId: string poolId: string tags: {} region: string s3Bucket: controlPlaneIAMInstanceProfile: string name: string nodesIAMInstanceProfiles: ["string"] sshKeyName: string status: bastion: addresses: - address: string type: string availabilityZone: string ebsOptimized: true enaSupport: true iamProfile: string id: string imageId: string instanceState: string networkInterfaces: ["string"] nonRootVolumes: - deviceName: string encrypted: true encryptionKey: string iops: 1 size: 1 throughput: 1 type: string privateIp: string publicIp: string rootVolume: deviceName: string encrypted: true encryptionKey: string iops: 1 size: 1 throughput: 1 type: string securityGroupIds: ["string"] spotMarketOptions: maxPrice: string sshKeyName: string subnetId: string tags: {} tenancy: string type: string userData: string volumeIDs: ["string"] conditions: - lastTransitionTime: string message: string reason: string severity: string status: string type: string failureDomains: {} networkStatus: apiServerElb: attributes: crossZoneLoadBalancing: true idleTimeout: 1 availabilityZones: ["string"] dnsName: string healthChecks: healthyThreshold: 1 interval: 1 target: string timeout: 1 unhealthyThreshold: 1 listeners: - instancePort: 1 instanceProtocol: string port: 1 protocol: string name: string scheme: string securityGroupIds: ["string"] subnetIds: ["string"] tags: {} securityGroups: {} ready: true The link to the repo is here....

October 19, 2022 · 2 min · hannibal