I am trying to find the Google Cloud Compute Virtual Machine Name, using the gcloud command while logged in to the VM.
Me searching in the documentation didn't yield a result...
Thanks!
See Metadata service.
Specifically:
curl \
--header "Metadata-Flavor: Google" \
http://metadata.google.internal/computeMetadata/v1/instance/name
The Metadata service is a well-implemented API, you can navigate up-down the tree of resources, for example, dropping the final name from the above URL, enumerates all the resources under instance:
curl \
--header "Metadata-Flavor: Google" \
http://metadata.google.internal/computeMetadata/v1/instance/
returns:
attributes/
cpu-platform
description
disks/
guest-attributes/
hostname
id
image
legacy-endpoint-access/
licenses/
machine-type
maintenance-event
name
network-interfaces/
preempted
remaining-cpu-time
scheduling/
service-accounts/
tags
virtual-clock/
zone
You can then pick any of the above, append it to the URL to continue browsing.
The documentation in the link is similarly comprehensive and, in the case of instance metadata, as expected, reflects the response from GET'ing
https://compute.googleapis.com/compute/v1/.../instances/...
i.e.:
https://cloud.google.com/compute/docs/reference/rest/v1/instances/get#response-body
Related
I am having issues getting these steps to work, documented in Securing Applications and Services Guide. This thread in stackoverflow showed an option which did not work as well. Can some one point me to the steps needed to fix this to allow naked impersonation?
Realm/client/policy/user details in the attached picture.
enter image description here
Query:
curl -k -X POST
–header ‘Content-Type: application/x-www-form-urlencoded’
–data-urlencode “client_id=starting-client”
–data-urlencode “client_secret=.....”
–data-urlencode “grant_type=urn:ietf:params:oauth:grant-type:token-exchange”
–data-urlencode “requested_subject=target-user”
https://localhost:8543/auth/realms/target_realm/protocol/openid-connect/token
Response:
{“error”:“access_denied”,“error_description”:“Client not allowed to exchange”}
Server logs:
22:40:08,396 WARN [org.keycloak.events] (default task-149) type=TOKEN_EXCHANGE_ERROR, realmId=target_realm, clientId=starting-client, userId=null, ipAddress=172.17.0.1, error=not_allowed, reason=‘client not allowed to impersonate’, auth_method=token_exchange, grant_type=urn:ietf:params:oauth:grant-type:token-exchange, requested_subject=target-user, client_auth_method=client-secret
This is an issue with the documentation in Securing Applications and Services Guide. Instead of add client policy for scope "user-impersonated", policy must added for scope "impersonate". Once that change was done it started to work.
Please use the below request format, and it should work. Tested and verified.
curl --location --request POST 'https://api.kong.stg.vrpintegration.dev/requestJWT/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=urn:ietf:params:oauth:grant-type:token-exchange' \
--data-urlencode 'client_id=CLIENT_ID' \
--data-urlencode 'client_secret=bddf3a83-f4ec-45f6-afa0-cf9c94cb5518' \
--data-urlencode 'subject_token=xxxxxx' \
--data-urlencode 'audience=CLIENT_ID' \
--data-urlencode 'requested_token_type=urn:ietf:params:oauth:token-type:refresh_token'
Make sure you checked the user exist, because if it doesn't exist it will return "Client cannot impersonate".
Also, there is some contraction on the doc.
Reading it from
redhat keycloak it is using impersonate instead of user-impersonate in user permission while for keycloak official doc it added user-impersonate, I used impersonate and added my starting-client. It works for me.
GraphDB Free/9.4.1, RDF4J/3.3.1
I'm working on using the /rest/data/import/server/{repo-id} endpoint to initiate the importing of an RDF/XML file.
Steps:
put SysML.owl in the ${graphdb.workbench.importDirectory} directory.
chmod a+r SysML.owl
create repository test1 (in Workbench - using all defaults except RepositoryID := "test1")
curl http://127.0.0.1:7200/rest/data/import/server/test1 => as expected:
[{"name":"SysML.owl","status":"NONE"..."timestamp":1606848520821,...]
curl -XPOST --header 'Content-Type: application/json' --header 'Accept: application/json' -d ' { "fileNames":[ "SysML.owl" ] }' http://127.0.0.1:7200/rest/data/import/server/test1 => SC==202
after 60 seconds, curl http://127.0.0.1:7200/rest/data/import/server/test1 =>
[{"name":"SysML.owl","status":"DONE","message":"Imported successfully in 7s.","context":null,"replaceGraphs":[],"baseURI":
"file:/home/steve/graphdb-import/SysML.owl", "forceSerial":false,"type":"file","format":null,"data":null,"timestamp":
1606848637716, [...other json content deleted]
Repository test1 now has the 263,119 (824 inferred) statements from SysML.owl loaded
BUT if I then
delete the repository using the Workbench page at http://localhost:7200/repository, wait 180 seconds
curl http://127.0.0.1:7200/rest/data/import/server/test => same as in step 5 above, despite repository having been deleted.
curl -X GET --header 'Accept: application/json' 'http://localhost:7200/rest/repositories' => test1 not shown.
create the repository again, using the Workbench - same settings as previously. wait 60 seconds. Initial 70 statements present.
curl http://127.0.0.1:7200/rest/data/import/server/test1 =>
The same output as from the earlier usage - when I was using the prior repository instance. "status":"DONE", same timestamp - which is prior to the time at which I deleted, recreated the test1 repository.
The main-2020-12-01.log shows the INFO messages pertaining to the repository test1, plugin registrations, etc. Nothing indicating why the prior repository instance's import status is lingering.
And this is of concern because I was expecting to use some polling of the status to determine when the data is loaded so my processing can proceed. Some good news - I can issue the import server file request again and after waiting 60 seconds, the 263,119 statements are present. But the timestamp on the import is the earlier repo instance's timestamp. It was not reset via the latest import request.
I'm probably missing some cleanup step(s), am hoping someone knows which.
Thanks,
-Steve
The status is simply for your reference and doesn't represent the actual presence of data in the repository. You could achieve a similar thing simply by clearing all data in the repository without recreating it.
If you really need to rely on those status records you can clear the status for a given file once you polled it and determined it's done (or prior to starting an import) with this curl:
curl -X DELETE http://127.0.0.1:7200/rest/data/import/server/test1/status \
-H 'content-type: application/json' -d '["SysML.owl"]'
Note that this is an undocumented API and it may change without notice.
I am trying to enable kv secret engine at secret path in my vault setup..
I can easily do it using CLI
vault secrets enable -path=secret kv
But I have to make it work using Vault's HTTP APIs.
I have gone through documentation but could not find any endpoint for the above command.
Thanks in advance
This is covered under the System Backend/sys/mounts API reference page.
Issue a POST request to /v1/sys/mounts/<mountpoint> with a payload containing the type (kv) and various configuration options. For KV, you probably want to specify version: 2 (or type kv-v2) unless you want to stick to V1.
See the above link for details on the possible parameters.
Here is the example from the docs:
payload.json:
{
"type": "aws",
"config": {
"force_no_cache": true
}
}
Request:
$ curl \
--header "X-Vault-Token: ..." \
--request POST \
--data #payload.json \
http://127.0.0.1:8200/v1/sys/mounts/my-mount
watson text to speech accepts extra parameters such as the sampling (default is 44khz)
see https://www.ibm.com/watson/developercloud/text-to-speech/api/v1/#synthesize_audio for options such as this one
(...)
audio/l16;rate=rate
(You can optionally specify endianness=big-endian
or endianness=little-endian; the default is little endian.)
(...)
but I can't see a way to set these options in node red
In the Node-red, doesn't have the option, because you need to add in your cURL.
As you can see, you can use Accept or accept query parameter header to specify the audio format.
For example:
curl -X POST -u "{username}":"{password}"
--header "Content-Type: application/json"
--header "Accept: audio/l16;endianness=big-endian"
--data "{\"text\":\"Hello world\"}"
--output hello_world.wav
"https://stream.watsonplatform.net/text-to-speech/api/v1/synthesize?voice=en-US_AllisonVoice"
See the Official Text to Speech v1 API Explorer.
Please raise this as an improvement request on the github repo for the nodes, we can continue the discussion there. No promises, but I am open to accepting a pull request, if done right.
I've created project and repo on my gitlab.com account, generated private key, now I'm trying to do api call to get list of commits.
Now I want to get list of projects via api, from documentation
https://docs.gitlab.com/ce/api/projects.html#list-projects
GET /projects
So I'm doing
curl --header "PRIVATE-TOKEN: XXXXXXX -c" "https://gitlab.com/projects"
And getting 404.
I've tried several combinations and can't find correct base url.
Same for repository commits, documentations https://docs.gitlab.com/ce/api/commits.html says
https://gitlab.example.com/api/v3/projects/5/repository/commits
fine, I'm trying (with myusername/projectname as project id)
https://gitlab.com/api/v3/projects/myusername/projectname/repository/commits
And got 404 as well
The correct base url for the hosted GitLab is https://gitlab.com/api/v4/ so your request to
GET /projects would be
curl --header "PRIVATE-TOKEN: XXXXXX" "https://gitlab.com/api/v4/projects"
That would return all projects that are visible to you, including other user's public projects.
If you wish to view just your projects, then you should use the GET /users/:user_id/projects endpoint, where :user_id is your user ID that can be found on your GitLab profile page or in the response to your request to GET /user if you're authenticated.
# Get :user_id from this request
curl --header "PRIVATE-TOKEN: XXXXXX" "https://gitlab.com/api/v4/user"
# See your projects by replacing :user_id with id value from previous request
curl --header "PRIVATE-TOKEN: XXXXXX" "https://gitlab.com/api/v4/users/:user_id/projects"
Also, the project ID is not the same as the project name. You can retrieve the project ID from the response of your request to GET /users/:user_id/projects, or from the project's settings page.
For me the following request worked:
curl --header "PRIVATE-TOKEN: YOUR_TOKEN" "https://gitlab.com/api/v4/users/YOUR_USER_ID/projects"
Don't know why the request :curl --header "PRIVATE-TOKEN: PRIVATE_TOKEN" "https://gitlab.com/api/v4/projects/" returned a list with some other public projects.
Another useful request for user info: curl --header "PRIVATE-TOKEN: PRIVATE_TOKEN" "https://gitlab.com/api/v4/user/"
https://docs.gitlab.com/ee/api/#basic-usage
try this command : curl "https://gitlab.example.com/api/v4/projects"
as given in the document
If you are using version3 of Gitlab
then use
curl --header "Authorization: Bearer OAUTH-TOKEN" https://gitlab.example.com/api/v3/projects
There is also "python-gitlab" module which will help you get Id from Project-name easily
https://python-gitlab.readthedocs.io/en/stable/