-
Solved: Error 403: The caller does not have permission
Recently I got a very confusing error when setting up a PubSub subscription to write to a Big Query table via terraform. Here’s the partial terraform code snippet: And the input variable subscriptions looks like: It doesn’t show any error when doing terraform plan however it gives 403 error when applying. After some googling I…
-
How to Avoid Rebuild Resources with Terraform/Terragrunt
I use Terraform and Terragrunt a lot at work to keep track of infrastructure changes. Sometimes I refactored code in modules so there’s no change to infrastructure but since the module changed terraform will insist to rebuild affected resources. It’s not quite comfortable to destroy some resources and then just create exactly the same ones.…
-
How to Use the Sidecar Resource to Optimise Memory Footprint of Istio Sidecar
In a populous GKE cluster, I saw the memory utilisation getting very high. After some investigation, to my surprise, a great deal of memory was consumed by tiny Istio sidecars. And they are getting bloated round the clock. The Istio sidecar essentially is an envoy proxy configured by Istio controller – istiod. It’s usually light-weight,…
-
Solved: Couldn’t Pick Correct Python Version in VS Code in Fedora Linux
TL; DR: The VS Code was installed via flatpak. I purged it and re-installed it the normal way then the problem went away 🙂
-
An Admin-Only Python Decorator for Telegram Bots
TL; DR: Here’s a Python Decorator I wrote for Telegram Bots so certain commands can only be used by group admins.
-
Solved: Blank Screen After Login in Gnome Shell 44
Background: I have an old desktop computer running Fedora 36 + Gnome Shell desktop environment and upgraded to 38 recently. It was used as an archive so I left it in garage and only connect to it vis SSH or VNC. Now I moved it into my home office because I think it can act…
-
Terraform: String Manipulation for Default Domains
Imaging when I needed to grant access to a Google storage bucket for a list of Google service accounts, I put the list in YAML like this: Assuming horizon is the default GCP project and mass-effect is a partner project and most GSAs are of course from the default project. So can this list be…
-
How to Replace Characters in MongoDB
TL; DR: As of MongoDB 6.0, this is how I learned to replace some characters in a field in all documents. In the example below all “.” characters in field_name will be replaced by “_” character: The backstory is when using MongoDB with MongoEngine, there’s an issue when a key in a dictionary field contains…