kasunsjc
/ aks-istio-config.sh
Created
March 23, 2024 19:53
AKS istio add-on configuration. Deploy sample application and access the site via gateway
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| #################################### | |
| # Path: configure-istio.sh | |
| # Author: Kasun Rajapakse | |
| # chmod +x configure-istio.sh | |
| # Usage: configure-istio.sh <resource-group> <cluster> <subscription> <side-car-injection-label> <side-car-injection-namespace> | |
| # This will enable istio fo the namespace | |
| # Deploy sample app and enable istio gateway | |
| #################################### |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| #This script will enable Istio on the existing AKS cluster | |
| #################################################### | |
| # Created By - Kasun Rajapakse | |
| # Provide script execution permissions | |
| # chmod +x enable-istio.sh | |
| # Usage: enable-istio.sh <cluster> <resource-group> <location> <subscription> | |
| # Example: enable-istio.sh myakscluster myresourcegroup eastus mysubscription |
kasunsjc
/ azuredevops-pipeline.yaml
Created
December 24, 2023 13:16
devops yaml pipeline with federated workload identity
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trigger: | |
| - main | |
| pool: | |
| vmImage: ubuntu-latest | |
| steps: | |
| - script: echo Hello, world! | |
| displayName: 'Run a one-line script' |
kasunsjc
/ infracost.yaml
Created
December 10, 2022 20:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: [pull_request] | |
| env: | |
| jobs: | |
| infracost: | |
| name: Infracost | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: write |
kasunsjc
/ vm-sa-terraform.tf
Last active
November 20, 2022 09:46
Provisioned simple vm and storage account from terraform
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "azurerm" { | |
| skip_provider_registration = true | |
| features {} | |
| } | |
| provider "random" {} | |
| resource "random_string" "sa-name" { | |
| length = 5 | |
| lower = true |
kasunsjc
/ deploy-manifest.yaml
Created
September 14, 2022 16:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Deploy Nginx Deployment | |
| resource "kubernetes_manifest" "deployment" { | |
| manifest = yamldecode(file("./manifests/deployment.yaml")) | |
| } | |
| # Deploy Nginx Service | |
| resource "kubernetes_manifest" "service" { | |
| manifest = yamldecode(file("./manifests/service.yaml")) | |
| } |
kasunsjc
/ kubernetes-provider.tf
Created
September 14, 2022 16:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Kubernetes Provider for Manifests | |
| provider "kubernetes" { | |
| host = azurerm_kubernetes_cluster.cluster.kube_config.0.host | |
| client_certificate = base64decode(azurerm_kubernetes_cluster.cluster.kube_config.0.client_certificate) | |
| client_key = base64decode(azurerm_kubernetes_cluster.cluster.kube_config.0.client_key) | |
| cluster_ca_certificate = base64decode(azurerm_kubernetes_cluster.cluster.kube_config.0.cluster_ca_certificate) | |
| } |
kasunsjc
/ terraform-aks.tf
Created
September 14, 2022 16:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| resource "azurerm_resource_group" "rg" { | |
| location = "southeast asia" | |
| name = "aks-demo-cluster-rg" | |
| } | |
| resource "azurerm_kubernetes_cluster" "cluster" { | |
| name = "example-aks1" | |
| location = azurerm_resource_group.rg.location | |
| resource_group_name = azurerm_resource_group.rg.name | |
| dns_prefix = "aksdemo3242" |
kasunsjc
/ azure-provider.tf
Created
September 14, 2022 16:34
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Azure Provider for AKS Deployment | |
| terraform { | |
| required_providers { | |
| azurerm = { | |
| source = "hashicorp/azurerm" | |
| version = "3.22.0" | |
| } | |
| } | |
| } |
kasunsjc
/ azure-pipeline.yaml
Created
June 11, 2022 06:01
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| trigger: | |
| - main | |
| pool: | |
| vmImage: ubuntu-latest | |
| stages: | |
| - stage: "runCheckov" | |
| displayName: "Checkov - Scan Bicep files" | |
| jobs: |
NewerOlder