Kubernetes: using a delete patch with kustomize.GCP: deploying a Python WSGI Gunicorn app on Cloud Run.GCP: Cloud Run with build trigger coming from remote GitHub repository.GKE: terraform lifecycle ‘ignore_changes’ to manage external changes to GKE cluster.GCP: determining whether GKE cluster mode is Standard or Autopilot.Bash: testing if a file exists, has content, and is recently modified.GCP: determining whether ASM is installed via asmcli or gcloud fleet.GitLab: generating URL that can be used for Merge Request from fork to upstream.Bash: counting number of times substring is found in directory.Terraform: fixing error “querying Cloud Storage failed: storage: bucket doesn’t exist”.Git: create a new empty branch with no history or commits.Kubernetes: creating TLS secrets with kustomize using embedded or external content.Terraform: terraform_remote_state to pass values to other configurations.Kubernetes: evaluating full readiness of deployment, daemonset, or pod.Ansible: resolving ‘could not initialize the preferred locale: unsupported locale setting’.Terraform: error removing module containing legacy provider block, ‘Provider configuration not present’.Bash: decoding a JWT from the command line with jq.Kubernetes: fixing x509 certificate errors from metric-server on K3s cluster.Kubernetes: implementing and testing a HorizontalPodAutoscaler.Kubernetes: HorizontalPodAutoscaler evaluation based on Prometheus metric.Kubernetes: patching container arguments array with kubectl and jq.Helm: discovering Helm chart releases installed into Kubernetes cluster.Docker: QEMU emulation to run arm64 images from native amd64 host.Docker: building multi-platform images that use fat manifest list/index.Github: automated build and publish of multi-platform container image with Github Actions.Helm: manually publishing Helm repo on Github using chart-releaser.Helm: automated publishing of Helm repo with Github Actions.Git: find branch name of newly applied tag.GitLab: automated build and publish of multi-platform container image with GitLab pipeline.GitLab: passing values between two jobs in pipeline.Bash: extracting first or last N octets, paths, or domain from string with fixed separator.GitLab: add files to source repository as part of GitLab pipeline.Bash: change into directory just created with git clone.GitLab: invoking Ansible from a GitLab pipeline job.GCP: quota project error when invoking GCP API using ADC application-default.GitLab: self-managed runner for CI/CD jobs on GCP VM instances. GitLab: Continuous Deployment with Agent for Kubernetes and GitLab pipeline.GitLab: least privilege for Kube-API calls from GitLab Agent for Kubernetes.Bash: fixing SSH authentication error “bad ownership or modes for file/directory”.Ansible: accessing a fact from a different host using cached facts.Ansible: applying roles to certain groups in a single playbook.Ansible: overriding boolean values using extra-vars at runtime.GIT: Calling git clone using password with special character.Git: cloning a git repository from one location to another.To use the git module with a proxy, specify in the ‘environment’ - name: checkout git repo with credentials Graham Hay, ansible templates and urlencode ansible-playbook playbook-git-withcreds.yml -extra-vars "git_user=myuser git_pass=Myp4ss!"į, calling git when password contains special character To silence the manual prompts, you can specify the variables using the ‘extra-vars’ flag. Here is a link to the full example playbook-git-withcreds.yml, which shows how these variables could be manually requested when the playbook is run (so they do not have to be stored in files). ‘git_user’ and ‘git_pass’ are Ansible variables that been defined elsewhere (host vars, group vars, playbook, vars prompt, etc). We set the remote URL the second time so that the username/password are not left embedded in the git database and visible from ‘git remote -v’. To use the same logic from your Ansible role/playbook, apply the ‘urlencode’ filter. From the command line, the syntax is: git clone https : any special characters in the password are URL encoded (e.g. You just have to ensure that the username and password are properly URL encoded. If a git repository requires credentials to clone, and you are still using a username/password (instead of ssh key), it is still possible to have the repository cloned in your automation scripts without be prompted.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |