winston/dotfiles
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

feat: nvim overhaul, k8s completions and snippets

Browse source
This commit is contained in:
winston 2022-11-29 05:09:05 +01:00
parent 171805b5b0
commit fa891f60bb
Signed by: winston
GPG key ID: 3786770EDBC2B481
5 changed files with 741 additions and 62 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
dot_config/nvim/lua/config/catppuccin.lua
View file

@ -46,7 +46,7 @@ require("catppuccin").setup({
},
barbar = false,
bufferline = true,
dashboard = true,
dashboard = false,
fern = false,
gitgutter = false,
gitsigns = true,
@ -64,25 +64,44 @@ require("catppuccin").setup({
vimwiki = true,
},
highlight_overrides = {
all = function(colors)
return {
DashboardCenter = { fg = colors.peach },
DashboardFooter = { fg = colors.maroon },
DashboardHeader = { fg = colors.pink },
DashboardShortCut = { fg = colors.yellow },
-- custom selection highlight
Selection = { bg = colors.surface1, fg = colors.text },
-- borders
FloatBorder = { fg = colors.overlay0 },
LspInfoBorder = { link = "FloatBorder" },
NvimTreeWinSeparator = { link = "FloatBorder" },
WhichKeyBorder = { link = "FloatBorder" },
-- telescope
TelescopeBorder = { link = "FloatBorder" },
TelescopeTitle = { fg = colors.text },
TelescopeSelection = { link = "Selection" },
TelescopeSelectionCaret = { link = "Selection" },
-- pmenu
PmenuSel = { link = "Selection" },
}
end,
mocha = function(colors)
return {
DashboardHeader = { fg = colors.pink },
DashboardCenter = { fg = colors.peach },
DashboardShortCut = { fg = colors.yellow },
DashboardFooter = { fg = colors.maroon },
["InlayHint"] = { fg = colors.surface0, style = { "italic" } },
FloatBorder = { fg = colors.overlay0 },
TelescopeBorder = { link = "FloatBorder" },
Selection = { bg = "#121212", fg = colors.text },
Comment = { fg = colors.surface2, style = { "italic" } },
InlayHint = { fg = colors.surface0, style = { "italic" } },
}
end,
},
color_overrides = {
mocha = {
base = "#000000",
crust = "#000000",
mantle = "#000000",
crust = "#010101",
mantle = "#020202",
},
},
transparent_background = true,
})
vim.api.nvim_command("colorscheme catppuccin")

2
dot_config/nvim/lua/config/colorizer.lua
View file

@ -10,7 +10,7 @@ require("colorizer").setup({
css = false,
css_fn = false,
mode = "background",
tailwind = true,
tailwind = "both",
sass = { enable = true },
virtualtext = "",
},

55
dot_config/nvim/lua/lsp.lua
View file

@ -1,7 +1,7 @@
-- vim:fdm=marker
require("mason").setup({
ui = {
border = "none",
border = "double",
icons = {
package_installed = "",
package_pending = "",
@ -12,6 +12,8 @@ require("mason").setup({
require("mason-lspconfig").setup({ automatic_installation = true })
vim.opt.completeopt = "menu,menuone,noselect"
vim.g.vsnip_snippet_dir = vim.fn.stdpath("config") .. "/snippets"
vim.lsp.set_log_level("error")
-- cmp {{{
local present, cmp = pcall(require, "cmp")
@ -23,10 +25,10 @@ local has_words_before = function()
---@diagnostic disable-next-line: deprecated
local line, col = unpack(vim.api.nvim_win_get_cursor(0))
return col ~= 0
and vim.api
.nvim_buf_get_lines(0, line - 1, line, true)[1]
:sub(col, col)
:match("%s")
and vim.api
.nvim_buf_get_lines(0, line - 1, line, true)[1]
:sub(col, col)
:match("%s")
== nil
end
@ -157,6 +159,7 @@ local on_attach = function(client, bufnr)
vim.keymap.set("n", "[d", vim.diagnostic.goto_prev, bufopts)
end
local lspconfig = require("lspconfig")
require("lspconfig.ui.windows").default_options.border = "double"
-- lua {{{
lspconfig.sumneko_lua.setup({
@ -202,6 +205,16 @@ lspconfig.emmet_ls.setup({
"scss",
},
})
lspconfig.tailwindcss.setup({
capabilities = capabilities,
on_attach = on_attach,
filetypes = {
"javascriptreact",
"typescriptreact",
"html",
"css",
},
})
-- attach tsserver only when there's a 'package.json' file in the CWD
lspconfig.tsserver.setup({
capabilities = capabilities,
@ -315,7 +328,7 @@ require("rust-tools").setup({
},
})
lspconfig.pyright.setup({
require("py_lsp").setup({
capabilities = capabilities,
on_attach = on_attach,
})
@ -350,8 +363,34 @@ lspconfig.yamlls.setup({
on_attach = on_attach,
settings = {
yaml = {
completion = true,
validate = true,
suggest = {
parentSkeletonSelectedFirst = true,
},
schemaStore = {
enable = true,
url = "https://www.schemastore.org/api/json/catalog.json",
},
schemas = {
["https://json.schemastore.org/github-workflow.json"] = "/.github/workflows/*",
["https://json.schemastore.org/github-action"] = ".github/action.{yaml,yml}",
["https://json.schemastore.org/github-workflow"] = ".github/workflows/*",
["https://json.schemastore.org/gitlab-ci"] = "*lab-ci.{yaml,yml}",
["https://json.schemastore.org/helmfile"] = "helmfile.{yaml,yml}",
["https://raw.githubusercontent.com/compose-spec/compose-spec/master/schema/compose-spec.json"] = "docker-compose.yml.{yml,yaml}",
-- stylua: ignore
kubernetes = {
'*-deployment.yaml', '*-deployment.yml', '*-service.yaml', '*-service.yml', 'clusterrole-contour.yaml',
'clusterrole-contour.yml', 'clusterrole.yaml', 'clusterrole.yml', 'clusterrolebinding.yaml',
'clusterrolebinding.yml', 'configmap.yaml', 'configmap.yml', 'cronjob.yaml', 'cronjob.yml', 'daemonset.yaml',
'daemonset.yml', 'deployment-*.yaml', 'deployment-*.yml', 'deployment.yaml', 'deployment.yml', 'hpa.yaml',
'hpa.yml', 'ingress.yaml', 'ingress.yml', 'job.yaml', 'job.yml', 'kubectl-edit-*.yaml', 'namespace.yaml',
'namespace.yml', 'pvc.yaml', 'pvc.yml', 'rbac.yaml', 'rbac.yml', 'replicaset.yaml', 'replicaset.yml',
'role.yaml', 'role.yml', 'rolebinding.yaml', 'rolebinding.yml', 'sa.yaml', 'sa.yml', 'secret.yaml',
'secret.yml', 'service-*.yaml', 'service-*.yml', 'service-account.yaml', 'service-account.yml', 'service.yaml',
'service.yml', 'serviceaccount.yaml', 'serviceaccount.yml', 'serviceaccounts.yaml', 'serviceaccounts.yml',
'statefulset.yaml', 'statefulset.yml'
},
},
},
},
@ -377,7 +416,7 @@ local augroup = vim.api.nvim_create_augroup("LspFormatting", {})
null.setup({
sources = {
null.builtins.formatting.autopep8,
null.builtins.formatting.black,
null.builtins.formatting.deno_fmt,
null.builtins.formatting.gofmt,
null.builtins.formatting.isort,

96
dot_config/nvim/lua/plugins.lua
View file

@ -56,8 +56,8 @@ return packer.startup({
config = function()
require("indent_blankline").setup({
space_char_blankline = " ",
show_current_context = true,
show_current_context_start = true,
-- show_current_context = true,
-- show_current_context_start = true,
})
vim.g.indent_blankline_filetype_exclude = {
"dashboard",
@ -78,20 +78,6 @@ return packer.startup({
end,
})
use({
"nvim-lualine/lualine.nvim",
requires = { "kyazdani42/nvim-web-devicons", opt = true },
config = function()
require("lualine").setup({
options = {
theme = "catppuccin",
component_separators = { left = "", right = "" },
section_separators = { left = "", right = "" },
},
})
end,
})
-- DJI Osmo
use({
"luukvbaal/stabilize.nvim",
@ -121,7 +107,18 @@ return packer.startup({
use({
"folke/which-key.nvim",
config = function()
require("which-key").setup({})
require("which-key").setup({
key_labels = {
["<space>"] = "SPC",
["<leader>"] = "SPC",
["<cr>"] = "",
["<tab>"] = "",
},
window = {
border = "double",
margin = { 0, 0, 0, 0 },
},
})
end,
})
@ -214,14 +211,36 @@ return packer.startup({
require("telescope").setup({
defaults = {
borderchars = {
"",
"",
"",
"",
"",
"",
"",
"",
results = {
"",
"",
" ",
"",
"",
"",
"",
"",
},
prompt = {
"",
"",
"",
"",
"",
"",
"",
"",
},
preview = {
"",
"",
"",
" ",
"",
"",
"",
"",
},
},
},
})
@ -278,12 +297,12 @@ return packer.startup({
end,
})
-- use({
-- "andweeb/presence.nvim",
-- config = function()
-- require("config/presence")
-- end,
-- })
use({
"andweeb/presence.nvim",
config = function()
require("config/presence")
end,
})
use({ "iamcco/markdown-preview.nvim", run = "cd app && yarn install" })
-- LSP
@ -304,6 +323,7 @@ return packer.startup({
"ray-x/go.nvim",
requires = "ray-x/guihua.lua",
})
use("HallerPatrick/py_lsp.nvim")
use("simrat39/rust-tools.nvim")
use("rafamadriz/friendly-snippets")
use("jose-elias-alvarez/null-ls.nvim")
@ -322,11 +342,9 @@ return packer.startup({
use("b0o/schemastore.nvim")
use({
"github/copilot.vim",
"zbirenbaum/copilot.lua",
config = function()
local opt = { noremap = true, silent = true, expr = true }
Map("i", "<C-J>", 'copilot#Accept("\\<CR>")', opt)
vim.g.copilot_no_tab_map = true
require("config/copilot")
end,
})
@ -367,14 +385,6 @@ return packer.startup({
require("telescope").load_extension("asynctasks")
end,
})
-- startup
use({
"glepnir/dashboard-nvim",
config = function()
require("config/dashboard")
end,
})
end,
config = {
display = {

611
dot_config/nvim/snippets/yaml.json Normal file
View file

@ -0,0 +1,611 @@
{
"k8s Ingress with TLS": {
"prefix": "k-ingress-tls",
"description": "k8s Ingress with TLS",
"body": [
"# https://kubernetes.io/docs/concepts/services-networking/ingress/#tls",
"apiVersion: v1",
"kind: Secret",
"metadata:",
" name: ${1:testsecret-tls}",
" namespace: ${2:default}",
"type: kubernetes.io/tls",
"# The TLS secret must contain keys named 'tls.crt' and 'tls.key' that contain the certificate and private key to use for TLS.",
"data:",
" tls.crt: base64 encoded cert",
" tls.key: base64 encoded key",
"",
"---",
"apiVersion: networking.k8s.io/v1",
"kind: Ingress",
"metadata:",
" name: ${3:tls-example-ingress}",
" namespace: ${2:default}",
"spec:",
" tls:",
" - hosts:",
" - ${4:https-example.foo.com}",
" secretName: ${1:testsecret-tls}",
" rules:",
" - host: ${4:https-example.foo.com}",
" http:",
" paths:",
" - path: /${5}",
" pathType: Prefix",
" backend:",
" service:",
" name: ${6:service1}",
" port:",
" number: ${7:80}",
"---",
"$0"
]
},
"k8s Ingress": {
"prefix": "k-ingress",
"description": "k8s Ingress",
"body": [
"# https://kubernetes.io/docs/concepts/services-networking/ingress/",
"apiVersion: networking.k8s.io/v1",
"kind: Ingress",
"metadata:",
" name: ${1:example-ingress}",
" namespace: ${2:default}",
"spec:",
" rules:",
" - host: ${3:example.foo.com}",
" http:",
" paths:",
" - path: /${4}",
" pathType: ${5|Prefix,Exact|}",
" backend:",
" service:",
" name: ${6:service1}",
" port:",
" number: ${7:80}",
"---",
"$0"
]
},
"k8s Ingress with Rewrite rule": {
"prefix": "k-ingress-rewrite",
"description": "k8s Ingress with Rewrite rule",
"body": [
"# https://kubernetes.io/docs/concepts/services-networking/ingress/",
"apiVersion: networking.k8s.io/v1",
"kind: Ingress",
"metadata:",
" name: ${1:example-ingress}",
" namespace: ${2:default}",
" # https://kubernetes.github.io/ingress-nginx/examples/rewrite/",
" annotations:",
" nginx.ingress.kubernetes.io/rewrite-target: /\\$1",
"spec:",
" rules:",
" - host: ${3:example.foo.com}",
" http:",
" paths:",
" - path: ${4:/api/(.*)}",
" pathType: Prefix",
" backend:",
" service:",
" name: ${5:service1}",
" port:",
" number: ${6:80}",
"---",
"$0"
]
},
"k8s Deployment": {
"prefix": "k-deploymment",
"description": "k8s Deployment",
"body": [
"# https://kubernetes.io/docs/concepts/workloads/controllers/deployment/",
"apiVersion: apps/v1",
"kind: Deployment",
"metadata:",
" name: ${1:myjob}",
" namespace: ${2:default}",
" labels:",
" app: ${1:myjob}",
"spec:",
" selector:",
" matchLabels:",
" app: ${1:myjob}",
" replicas: 1",
" strategy:",
" rollingUpdate:",
" maxSurge: 25%",
" maxUnavailable: 25%",
" type: RollingUpdate",
" template:",
" metadata:",
" labels:",
" app: ${1:myjob}",
" spec:",
" # initContainers:",
" # Init containers are exactly like regular containers, except:",
" # - Init containers always run to completion.",
" # - Each init container must complete successfully before the next one starts.",
" containers:",
" - name: ${1:myjob}",
" image: ${3:myjob:latest}",
" imagePullPolicy: ${4|IfNotPresent,Always,Never|}",
" resources:",
" requests:",
" cpu: 100m",
" memory: 100Mi",
" limits:",
" cpu: 100m",
" memory: 100Mi",
" livenessProbe:",
" tcpSocket:",
" port: ${5:80}",
" initialDelaySeconds: 5",
" timeoutSeconds: 5",
" successThreshold: 1",
" failureThreshold: 3",
" periodSeconds: 10",
" readinessProbe:",
" httpGet:",
" path: /_status/healthz",
" port: ${5:80}",
" initialDelaySeconds: 5",
" timeoutSeconds: 2",
" successThreshold: 1",
" failureThreshold: 3",
" periodSeconds: 10",
" env:",
" - name: ACCEPT_EULA",
" value: \"Y\"",
" - name: DB_HOST",
" valueFrom:",
" configMapKeyRef:",
" name: ${1:myjob}",
" key: DB_HOST",
" - name: DB_HOST",
" valueFrom:",
" secretKeyRef:",
" name: ${1:mysecret}",
" key: MSSQL_SA_PASSWORD",
" ports:",
" - containerPort: ${5:80}",
" name: ${1:myjob}",
" volumeMounts:",
" - name: localtime",
" mountPath: /etc/localtime",
" volumes:",
" - name: localtime",
" hostPath:",
" path: /usr/share/zoneinfo/Asia/Taipei",
" restartPolicy: Always",
"---",
"$0"
]
},
"k8s Service": {
"prefix": "k-service",
"description": "k8s Service",
"body": [
"# https://kubernetes.io/docs/concepts/services-networking/service/",
"apiVersion: v1",
"kind: Service",
"metadata:",
" name: ${1:myjob}",
" namespace: ${2:default}",
"spec:",
" selector:",
" app: ${1:myjob}",
" type: ${3|ClusterIP,NodePort,LoadBalancer|}",
" ports:",
" - name: ${1:myjob}",
" protocol: ${4|TCP,UDP|}",
" port: ${5:80}",
" targetPort: ${6:5000}",
" nodePort: ${7:30001}",
"---",
"$0"
]
},
"k8s ConfigMap": {
"prefix": "k-configmap",
"description": "k8s ConfigMap",
"body": [
"# https://kubernetes.io/docs/concepts/configuration/configmap/",
"kind: ConfigMap",
"apiVersion: v1",
"metadata:",
" name: ${1:myconfig}",
" namespace: ${2:default}",
"data:",
" ${3:key}: ${4:value}",
"---",
"$0"
]
},
"k8s Secret": {
"prefix": "k-secret",
"description": "k8s Secret",
"body": [
"# https://kubernetes.io/docs/concepts/configuration/secret/",
"apiVersion: v1",
"kind: Secret",
"metadata:",
" name: ${1:mysecret}",
" namespace: ${2:default}",
"type: ${3|Opaque,kubernetes.io/dockerconfigjson,kubernetes.io/dockercfg,kubernetes.io/basic-auth,kubernetes.io/ssh-auth,kubernetes.io/tls,kubernetes.io/service-account-token,bootstrap.kubernetes.io/token|}",
"data:",
" # Example:",
" # password: {{ .Values.password | b64enc }}",
"# stringData:",
"# username: admin # required field for kubernetes.io/basic-auth",
"# password: t0p-Secret # required field for kubernetes.io/basic-auth",
"# immutable: true",
"---",
"$0"
]
},
"k8s Job": {
"prefix": "k-job",
"description": "k8s Job",
"body": [
"# https://kubernetes.io/docs/concepts/workloads/controllers/job/",
"apiVersion: batch/v1",
"kind: Job",
"metadata:",
" name: ${1:myjob}",
" namespace: ${2:default}",
" labels:",
" app: ${1:myjob}",
"spec:",
" template:",
" metadata:",
" name: ${1:myjob}",
" labels:",
" app: ${1:myjob}",
" spec:",
" containers:",
" - name: ${1:myjob}",
" image: ${3:python:3.7.6-alpine3.10}",
" command: ['sh', '-c', '${4:python3 manage.py makemigrations && python3 manage.py migrate}']",
" env:",
" - name: ENV_NAME",
" value: ENV_VALUE",
" volumeMounts:",
" - name: localtime",
" mountPath: /etc/localtime",
" volumes:",
" - name: localtime",
" hostPath:",
" path: /usr/share/zoneinfo/Asia/Taipei",
" restartPolicy: OnFailure",
" dnsPolicy: ClusterFirst",
"---",
"$0"
]
},
"k8s CronJob": {
"prefix": "k-cronjob",
"description": "k8s CronJob",
"body": [
"# https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/",
"apiVersion: batch/v1beta1",
"kind: CronJob",
"metadata:",
" name: ${1:cronjobname}",
" namespace: ${2:default}",
"spec:",
" schedule: \"${3:*/1 * * * *}\"",
" jobTemplate:",
" spec:",
" template:",
" spec:",
" containers:",
" - name: ${4:jobname}",
" image: ${5:busybox}",
" args: ['/bin/sh', '-c', '${6:date; echo Hello from the Kubernetes cluster}']",
" restartPolicy: OnFailure",
"---",
"$0"
]
},
"k8s Pod": {
"prefix": "k-pod",
"description": "k8s Pod",
"body": [
"# https://kubernetes.io/docs/concepts/workloads/pods/",
"apiVersion: v1",
"kind: Pod",
"metadata:",
" name: \"${1:myapp}\"",
" namespace: ${2:default}",
" labels:",
" app: \"${1:myapp}\"",
"spec:",
" containers:",
" - name: ${1:myapp}",
" image: \"${3:debian-slim:latest}\"",
" resources:",
" limits:",
" cpu: 200m",
" memory: 500Mi",
" requests:",
" cpu: 100m",
" memory: 200Mi",
" env:",
" - name: DB_HOST",
" valueFrom:",
" configMapKeyRef:",
" name: myapp",
" key: DB_HOST",
" ports:",
" - containerPort: ${4:80}",
" name: http",
" volumeMounts:",
" - name: localtime",
" mountPath: /etc/localtime",
" volumes:",
" - name: localtime",
" hostPath:",
" path: /usr/share/zoneinfo/Asia/Taipei",
" restartPolicy: Always",
"---",
"$0"
]
},
"k8s PersistentVolumeClaim": {
"prefix": "k-pvc",
"description": "k8s PersistentVolumeClaim",
"body": [
"# https://kubernetes.io/docs/concepts/storage/persistent-volumes/",
"apiVersion: v1",
"kind: PersistentVolumeClaim",
"metadata:",
" name: ${1:myapp}",
" namespace: ${2:default}",
" labels:",
" app: ${1:myapp}",
"spec:",
" # AKS: default,managed-premium",
" # GKE: standard",
" # EKS: gp2 (custom)",
" # Rook: rook-ceph-block,rook-ceph-fs",
" storageClassName: ${3|default,managed-premium,standard,gp2,rook-ceph-block,rook-ceph-fs|}",
" accessModes:",
" - ${4|ReadWriteOnce,ReadWriteMany,ReadOnlyMany|}",
" resources:",
" requests:",
" storage: ${5:2Gi}",
"---",
"$0"
]
},
"k8s DaemonSet": {
"prefix": "k-daemonset",
"description": "k8s DaemonSet",
"body": [
"# https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/",
"apiVersion: apps/v1",
"kind: DaemonSet",
"metadata:",
" name: ${1:myapp}",
" namespace: ${2:default}",
" labels:",
" app: ${1:myapp}",
"spec:",
" selector:",
" matchLabels:",
" app: ${1:myapp}",
" template:",
" metadata:",
" labels:",
" app: ${1:myapp}",
" spec:",
" tolerations:",
" # this toleration is to have the daemonset runnable on master nodes",
" # remove it if your masters can't run pods",
" - key: node-role.kubernetes.io/master",
" effect: NoSchedule",
" containers:",
" - name: ${1:myapp}",
" image: ${3:debian}",
" resources:",
" limits:",
" memory: 200Mi",
" requests:",
" cpu: 100m",
" memory: 200Mi",
" volumeMounts:",
" - name: localtime",
" mountPath: /etc/localtime",
" terminationGracePeriodSeconds: 30",
" volumes:",
" - name: localtime",
" hostPath:",
" path: /usr/share/zoneinfo/Asia/Taipei",
"---",
"$0"
]
},
"k8s StatefulSet": {
"prefix": "k-statefulset",
"description": "k8s StatefulSet",
"body": [
"# https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/",
"apiVersion: apps/v1",
"kind: StatefulSet",
"metadata:",
" name: ${1:myapp}",
" namespace: ${2:default}",
"spec:",
" selector:",
" matchLabels:",
" app: ${1:myapp} # has to match .spec.template.metadata.labels",
" serviceName: \"${1:myapp}\"",
" replicas: ${3:3} # by default is 1",
" template:",
" metadata:",
" labels:",
" app: ${1:myapp} # has to match .spec.selector.matchLabels",
" spec:",
" terminationGracePeriodSeconds: 10",
" containers:",
" - name: ${1:myapp}",
" image: ${4:${1:myapp}-slim:1.16.1}",
" ports:",
" - containerPort: ${5:80}",
" name: ${1:myapp}",
" volumeMounts:",
" - name: ${6:www}",
" mountPath: /usr/share/nginx/html",
" volumeClaimTemplates:",
" - metadata:",
" name: ${6:www}",
" spec:",
" storageClassName: ${7:my-storage-class}",
" accessModes:",
" - ${8|ReadWriteOnce,ReadWriteMany,ReadOnlyMany|}",
" resources:",
" requests:",
" storage: ${9:1Gi}",
"---",
"$0"
]
},
"k8s NetworkPolicy": {
"prefix": "k-networkpolicy",
"description": "k8s NetworkPolicy",
"body": [
"# https://kubernetes.io/docs/concepts/services-networking/network-policies/",
"apiVersion: networking.k8s.io/v1",
"kind: NetworkPolicy",
"metadata:",
" name: ${1:mypolicy}",
" namespace: ${2:default}",
"spec:",
" podSelector:",
" matchLabels:",
" app: ${1:myapp}",
" policyTypes:",
" - Ingress",
" ingress:",
" - from:",
" - podSelector:",
" matchLabels:",
" ${3:access}: ${4:granted}",
" ports:",
" - protocol: TCP",
" port: ${5:8080}",
"---",
"$0"
]
},
"k8s Role": {
"prefix": "k-role",
"description": "k8s Role",
"body": [
"# https://kubernetes.io/docs/reference/access-authn-authz/rbac/",
"apiVersion: rbac.authorization.k8s.io/v1",
"kind: Role",
"metadata:",
" name: ${1:role}",
" namespace: ${2:default}",
"rules:",
"- apiGroups: [${3:\"\"}] # \"\" indicates the core API group",
" resources: [${4:\"pods\"}]",
" verbs: [${5:\"get\", \"watch\", \"list\"}]",
"---",
"$0"
]
},
"k8s ClusterRole": {
"prefix": "k-clusterrole",
"description": "k8s ClusterRole",
"body": [
"# https://kubernetes.io/docs/reference/access-authn-authz/rbac/",
"apiVersion: rbac.authorization.k8s.io/v1",
"kind: ClusterRole",
"metadata:",
" name: ${1:clusterrole}",
"rules:",
"- apiGroups: [${3:\"\"}] # \"\" indicates the core API group",
" resources: [${4:\"secrets\"}]",
" verbs: [${5:\"get\", \"watch\", \"list\"}]",
"---",
"$0"
]
},
"k8s RoleBinding": {
"prefix": "k-rolebinding",
"description": "k8s RoleBinding",
"body": [
"# https://kubernetes.io/docs/reference/access-authn-authz/rbac/",
"apiVersion: rbac.authorization.k8s.io/v1",
"kind: RoleBinding",
"metadata:",
" name: ${1:rolebinding}",
" namespace: ${2:default}",
"subjects:",
"- kind: ${3|User,Group,ServiceAccount|}",
" name: ${4:name} # Name is case sensitive",
" apiGroup: rbac.authorization.k8s.io",
"roleRef:",
" kind: ${5:Role}",
" name: ${6:RoleName}",
" apiGroup: rbac.authorization.k8s.io",
"---",
"$0"
]
},
"k8s ClusterRoleBinding": {
"prefix": "k-clusterrolebinding",
"description": "k8s ClusterRoleBinding",
"body": [
"# https://kubernetes.io/docs/reference/access-authn-authz/rbac/",
"apiVersion: rbac.authorization.k8s.io/v1",
"kind: ClusterRoleBinding",
"metadata:",
" name: ${1:clusterrolebinding}",
"subjects:",
"- kind: ${2|User,Group,ServiceAccount|}",
" name: ${3:name} # Name is case sensitive",
" apiGroup: rbac.authorization.k8s.io",
"roleRef:",
" kind: ${4:ClusterRole}",
" name: ${5:RoleName}",
" apiGroup: rbac.authorization.k8s.io",
"---",
"$0"
]
},
"k8s ServiceAccount": {
"prefix": "k-serviceaccount",
"description": "k8s ServiceAccount",
"body": [
"# https://kubernetes.io/docs/reference/access-authn-authz/rbac/",
"apiVersion: rbac.authorization.k8s.io/v1",
"kind: ServiceAccount",
"metadata:",
" name: ${1:serviceaccount}",
" namespace: ${2:default}",
"---",
"$0"
]
},
"k8s ServiceAccount-ImagePullSecrets": {
"prefix": "k-serviceaccount-imagepullsecrets",
"description": "k8s ServiceAccount with ImagePullSecrets",
"body": [
"# https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account",
"apiVersion: rbac.authorization.k8s.io/v1",
"kind: ServiceAccount",
"metadata:",
" name: ${1:serviceaccount}",
" namespace: ${2:default}",
"imagePullSecrets:",
" - name: ${3:myregistrykey}",
"---",
"$0"
]
}
}