Commit 4516c79d authored by Johannes Kiesel's avatar Johannes Kiesel

add k8s get-namespace-permissions

parent 7b3a4e9a
......@@ -36,10 +36,15 @@ betaweb High level scripts for betaweb, e.g., Hadoop managemen
ssh SSH into all betaweb nodes using clusterssh.
status Get status of betaweb via salt...
cephfs-snap Cephfs snapshot utilities
create Create a snapshot in PATH.
list List snapshots that include PATH.
restore Restore PATH from snapshot.
ceph Helper scripts for working with the Webis CephFS.
fs CephFS mounting
snapshot Create a snapshot in PATH.
snapshot-list List snapshots that include PATH.
snapshot-restore Restore PATH from snapshot.
mount Mount CephFS in read-only mode to the default directory.
mount-rw Mount CephFS in read-write mode to the default directory.
umount Mount CephFS in read-write mode to the default directory.
core Core utilities for installing and updating the Webis command.
install Install Webis command to PATH.
......@@ -59,67 +64,12 @@ deltaweb High level scripts for deltaweb.
git Helper scripts for working with the Webis Git server and GitLab instance.
clone-deps Clone dependencies for current project from GitLab.
clone-groups Clone some or all groups from the Webis Gitlab at once to DESTINATION.
clone-groups Clone GROUPS from the Webis Gitlab at once to the current working directory.
cvs CVS-to-Git migration tools.
cvs2git Import all CVS modules into new Git repositories and push them to GitLab.
cvstree2git Try to clone all projects in the current CVS tree from Git.
s2git Import a CVS module into a new Git repository and push.
deactivate-unused-accounts Deactivate Gitlab accounts that haven't had any activity for a long time.
gitlab Gitlab commandline interface that comes with python-gitlab.
init Initialize GitLab API client.
last-commit Get the last commit date of one or more repositories.
list-groups List all gitlab groups.
onboard Set up the correct Gitlab group permissions for a new student, Hiwi or external researcher.
update-project Clone or update the given Git project from GitLab.
web-admin Display a web-admin view for Gitlab (need to have a token with admin access).
k8s Kubernetes tools.
connect-test-cluster Connect kubectl to the testing cluster.
login Set up OpenID authentication for kubernetes access.
openid-app Webis OpenID Server.
setup-user-namespaces Set up k8s access per gitlab groups.
latex LaTeX utilities.
reformat-bib Reformat BibTeX files.
pki Webis TLS PKI Tools.
cert Manage VPN client, server, and ICA certificates.
ssh-2fa SSH 2FA utilities for GnuPG-compatible smartcards.
card-status Check smartcard status and print stored information.
print-pubkey Print SSH-compatible public key of connected smartcard.
connect-agent Connect the SSH agent to the GPG agent socket.
util General helper tools and utilities.
adduser Creates a user on a remote system.
authorized-ssh-keys Collect all SSH keys in use across salt minions' user accounts.
backup-btrfs-vol Take a snapshot of a btrfs subvolume and back up its contents to another location.
list-buw-dns List all assigned Webis host names / IP addresses at BUW.
login Get user name for a university login.
mturk-manager-frontend Start the MTurk manager frontend on your machine.
parallel-idrac Execute idrac command in parallel across multiple hosts.
patch-jar Add files from one jar to another.
read-from-clipboard Print the clipboard to standard output.
reset-workstation Reset workstation and reinstall Ubuntu.
salt-restart Restart a salt minion on a targeted machine.
sshproxy Set up an SSH proxy tunnel for accessing digital library content or university-restricted URLs.
help Display installation and setup instructions.
install Install the packages required by sshproxy (works only on Ubuntu and Debian-based systems).
run Run the proxy.
tasks Execute lists of tasks in parallel.
help Print usage instructions.
reload Reload the tasks_file.
stop Let running processes fail and exit.
work Start *one* worker process in the background (use multiple times for multi-threading).
webis-web-permissions Find files with missing group write permission on gonzo.
write-to-clipboard Fill the clipboard from standard input.
webis20 Storage Management Scripts, need direct access to RAID Controller and MegaCLI installed.
lsi MegaCLI script to configure and monitor LSI raid cards.
---
Generated using *webis core update-cheatsheet*. If you find this file to be outdated, rerun this command and push the updated file to the Git server.
#!/usr/bin/env bash
### \b
### Gets for each namespace the users/groups that are allowed to use it
### \b
### Copyright 2021-today
### \b
### Author: Johannes Kiesel
###
### : -c : --cluster : str :: The cluster to query namespaces for [default is betaweb]
if [ -n "$WEBIS_LIB_PATH" ]; then
. "${WEBIS_LIB_PATH}/bashhelper.sh"
fi
check_tools jq awk
cluster="${ARG_CLUSTER}"
if [ -z "$cluster" ];then
cluster=betaweb
fi
echo "---------------------------------"
echo "namespace: permitted-users/groups"
echo "---------------------------------"
kubectl --cluster "$cluster" get rolebinding -A -o json \
| jq -r '
.items[]
| {namespace: .metadata.namespace, subject: .subjects[].name}
| "\(.namespace) \(.subject)"' \
| awk '{
if ($1 != lastNamespace) {
if (NR > 1) { printf "\n" }
printf "%s: %s", $1, $2
lastNamespace = $1
} else {
printf " %s", $2
}
} END {
printf "\n"
}'
echo "---------------------------------"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment