From 4e85029953fca6ded665b48fc71dc4f27e983785 Mon Sep 17 00:00:00 2001
From: Szymon Osiecki <szymonos@outlook.com>
Date: Thu, 21 Nov 2024 07:23:16 +0100
Subject: [PATCH 1/3] feat(sh): install_kubectx

---
 .assets/provision/install_kubectx.sh | 58 ++++++++++++++++++++++++++++
 wsl/wsl_setup.ps1                    |  1 +
 2 files changed, 59 insertions(+)
 create mode 100755 .assets/provision/install_kubectx.sh

diff --git a/.assets/provision/install_kubectx.sh b/.assets/provision/install_kubectx.sh
new file mode 100755
index 0000000..890d38a
--- /dev/null
+++ b/.assets/provision/install_kubectx.sh
@@ -0,0 +1,58 @@
+#!/usr/bin/env bash
+: '
+sudo .assets/provision/install_kubectx.sh >/dev/null
+'
+if [ $EUID -ne 0 ]; then
+  printf '\e[31;1mRun the script as root.\e[0m\n' >&2
+  exit 1
+fi
+
+# dotsource file with common functions
+. .assets/provision/source.sh
+
+# define variables
+APP='kubectx'
+REL=$1
+retry_count=0
+# get latest release if not provided as a parameter
+if [ -z "$REL" ]; then
+  if REL="$(get_gh_release_latest --owner 'ahmetb' --repo 'kubectx')"; then
+    # return latest release
+    echo $REL
+  else
+    exit 1
+  fi
+fi
+
+if type $APP &>/dev/null; then
+  VER=$(kubectx version -s | sed -En 's/.*v([0-9\.]+)$/\1/p')
+  if [ "$REL" = "$VER" ]; then
+    printf "\e[32m$APP v$VER is already latest\e[0m\n" >&2
+    exit 0
+  fi
+fi
+
+printf "\e[92minstalling \e[1m$APP\e[22m v$REL\e[0m\n" >&2
+# create temporary dir for the downloaded binary
+TMP_DIR=$(mktemp -dp "$PWD")
+# *install kubectx
+# calculate download uri
+URL="https://github.com/ahmetb/kubectx/releases/download/v${REL}/${APP}_v${REL}_linux_x86_64.tar.gz"
+# download and install file
+if download_file --uri $URL --target_dir $TMP_DIR; then
+  tar -zxf "$TMP_DIR/$(basename $URL)" -C "$TMP_DIR"
+  mkdir -p /opt/$APP
+  install -m 0755 "$TMP_DIR/$APP" /opt/$APP/
+  [ -f /usr/bin/$APP ] || ln -s /opt/$APP/$APP /usr/bin/$APP
+fi
+# *install kubens
+# calculate download uri
+URL="https://github.com/ahmetb/kubectx/releases/download/v${REL}/kubens_v${REL}_linux_x86_64.tar.gz"
+# download and install file
+if download_file --uri $URL --target_dir $TMP_DIR; then
+  tar -zxf "$TMP_DIR/$(basename $URL)" -C "$TMP_DIR"
+  install -m 0755 "$TMP_DIR/kubens" /opt/$APP/
+  [ -f /usr/bin/kubens ] || ln -s /opt/$APP/kubens /usr/bin/kubens
+fi
+# remove temporary dir
+rm -fr "$TMP_DIR"
diff --git a/wsl/wsl_setup.ps1 b/wsl/wsl_setup.ps1
index 5c54a34..2c40b92 100644
--- a/wsl/wsl_setup.ps1
+++ b/wsl/wsl_setup.ps1
@@ -325,6 +325,7 @@ process {
                 $rel_kubelogin = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_kubelogin.sh $Script:rel_kubelogin
                 $rel_helm = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_helm.sh $Script:rel_helm
                 $rel_k9s = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_k9s.sh $Script:rel_k9s
+                $rel_kubectx = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_kubectx.sh $Script:rel_kubectx
                 $rel_kubeseal = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_kubeseal.sh $Script:rel_kubeseal
                 $rel_flux = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_flux.sh $Script:rel_flux
                 $rel_kustomize = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_kustomize.sh $Script:rel_kustomize

From ff5a95f64400ab624c10f891ccc163298df57b99 Mon Sep 17 00:00:00 2001
From: Szymon Osiecki <szymonos@outlook.com>
Date: Thu, 21 Nov 2024 07:36:37 +0100
Subject: [PATCH 2/3] feat(sh): install_fzf

---
 .assets/provision/install_fzf.sh | 76 ++++++++++++++++++++++++++++++++
 wsl/wsl_setup.ps1                |  1 +
 2 files changed, 77 insertions(+)
 create mode 100755 .assets/provision/install_fzf.sh

diff --git a/.assets/provision/install_fzf.sh b/.assets/provision/install_fzf.sh
new file mode 100755
index 0000000..2621d34
--- /dev/null
+++ b/.assets/provision/install_fzf.sh
@@ -0,0 +1,76 @@
+#!/usr/bin/env bash
+: '
+sudo .assets/provision/install_fzf.sh >/dev/null
+'
+if [ $EUID -ne 0 ]; then
+  printf '\e[31;1mRun the script as root.\e[0m\n' >&2
+  exit 1
+fi
+
+# determine system id
+SYS_ID="$(sed -En '/^ID.*(alpine|arch|fedora|debian|ubuntu|opensuse).*/{s//\1/;p;q}' /etc/os-release)"
+# check if package installed already using package manager
+APP='fzf'
+case $SYS_ID in
+alpine)
+  apk -e info $APP &>/dev/null && exit 0 || true
+  ;;
+arch)
+  pacman -Qqe $APP &>/dev/null && exit 0 || true
+  ;;
+fedora | opensuse)
+  rpm -q $APP &>/dev/null && exit 0 || true
+  ;;
+debian | ubuntu)
+  dpkg -s $APP &>/dev/null && exit 0 || true
+  ;;
+esac
+
+# dotsource file with common functions
+. .assets/provision/source.sh
+
+# define variables
+REL=$1
+retry_count=0
+# get latest release if not provided as a parameter
+[ -z "$REL" ] && REL="$(get_gh_release_latest --owner 'junegunn' --repo 'fzf')"
+# return latest release
+echo $REL
+
+if type $APP &>/dev/null; then
+  VER=$(rg --version | sed -En 's/.*\s([0-9\.]+)/\1/p')
+  if [ "$REL" = "$VER" ]; then
+    printf "\e[32m$APP v$VER is already latest\e[0m\n" >&2
+    exit 0
+  fi
+fi
+
+printf "\e[92minstalling \e[1m$APP\e[22m v$REL\e[0m\n" >&2
+case $SYS_ID in
+alpine)
+  apk add --no-cache $APP >&2 2>/dev/null
+  ;;
+arch)
+  pacman -Sy --needed --noconfirm $APP >&2 2>/dev/null || binary=true
+  ;;
+fedora)
+  dnf install -y $APP >&2 2>/dev/null || binary=true
+  ;;
+debian | ubuntu)
+  export DEBIAN_FRONTEND=noninteractive
+  apt-get update >&2 && apt-get install -y $APP >&2 2>/dev/null || binary=true
+  ;;
+opensuse)
+  zypper in -y $APP >&2 2>/dev/null || binary=true
+  ;;
+*)
+  binary=true
+  ;;
+esac
+
+if [ "$binary" = true ] && [ -n "$REL" ]; then
+  echo 'Installing via script.' >&2
+  # create temporary dir for the downloaded binary
+  git clone --depth 1 https://github.com/junegunn/fzf.git ~/.fzf
+  ~/.fzf/install
+fi
diff --git a/wsl/wsl_setup.ps1 b/wsl/wsl_setup.ps1
index 2c40b92..8461f78 100644
--- a/wsl/wsl_setup.ps1
+++ b/wsl/wsl_setup.ps1
@@ -411,6 +411,7 @@ process {
             }
             shell {
                 Write-Host 'installing shell packages...' -ForegroundColor Cyan
+                $rel_fzf = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_fzf.sh $Script:rel_fzf
                 $rel_eza = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_eza.sh $Script:rel_eza
                 $rel_bat = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_bat.sh $Script:rel_bat
                 $rel_rg = wsl.exe --distribution $Distro --user root --exec .assets/provision/install_ripgrep.sh $Script:rel_rg

From d951a702555eb7023b535b2a327c65f5beecacfb Mon Sep 17 00:00:00 2001
From: Szymon Osiecki <szymonos@outlook.com>
Date: Thu, 28 Nov 2024 17:54:27 +0100
Subject: [PATCH 3/3] feat: cert_chain_pem

---
 .assets/tools/cert_chain_pem.ps1 | 81 ++++++++++++++++++++++++++++++++
 1 file changed, 81 insertions(+)
 create mode 100755 .assets/tools/cert_chain_pem.ps1

diff --git a/.assets/tools/cert_chain_pem.ps1 b/.assets/tools/cert_chain_pem.ps1
new file mode 100755
index 0000000..5df1fe5
--- /dev/null
+++ b/.assets/tools/cert_chain_pem.ps1
@@ -0,0 +1,81 @@
+#!/usr/bin/pwsh -nop
+#Requires -PSEdition Core
+<#
+.SYNOPSIS
+Get root and intermediate certificates in PEM format from the certificate chain.
+
+.PARAMETER Uri
+Uri to get the certificate chain from.
+
+.EXAMPLE
+.assets/tools/cert_chain_pem.ps1
+# :specify custom Uri
+$Uri = 'www.powershellgallery.com'
+.assets/tools/cert_chain_pem.ps1 $Uri
+#>
+[CmdletBinding()]
+param (
+    [Parameter(Position = 0)]
+    [ValidateNotNullOrEmpty()]
+    [string]$Uri = 'www.google.com'
+)
+
+begin {
+    $ErrorActionPreference = 'Stop'
+
+    $tcpClient = [System.Net.Sockets.TcpClient]::new($Uri, 443)
+    $chain = [System.Security.Cryptography.X509Certificates.X509Chain]::new()
+    $sslStream = [System.Net.Security.SslStream]::new($tcpClient.GetStream())
+
+    # instantiate list for storing PEM encoded certificates
+    $pems = [System.Collections.Generic.List[PSCustomObject]]::new()
+}
+
+process {
+    try {
+        $sslStream.AuthenticateAsClient($Uri)
+        $certificate = $sslStream.RemoteCertificate
+    } finally {
+        $sslStream.Close()
+    }
+    # check certificate chain
+    $isChainValid = $chain.Build($certificate)
+    if ($isChainValid) {
+        # build certificate chain
+        $certificate = $chain.ChainElements.Certificate
+        for ($i = 1; $i -lt $certificate.Count; $i++) {
+            # convert certificate to base64
+            $base64 = [System.Convert]::ToBase64String($certificate[$i].RawData)
+            # build PEM encoded X.509 certificate
+            $builder = [System.Text.StringBuilder]::new()
+            $builder.AppendLine('-----BEGIN CERTIFICATE-----') | Out-Null
+            for ($j = 0; $j -lt $base64.Length; $j += 64) {
+                $length = [System.Math]::Min(64, $base64.Length - $j)
+                $builder.AppendLine($base64.Substring($j, $length)) | Out-Null
+            }
+            $builder.AppendLine('-----END CERTIFICATE-----') | Out-Null
+            # create pem object with parsed common information and PEM encoded certificate
+            $pem = @{
+                Issuer       = $certificate[$i].Issuer
+                Subject      = $certificate[$i].Subject
+                SerialNumber = $certificate[$i].SerialNumber
+                Thumbprint   = $certificate[$i].Thumbprint
+                PEM          = $builder.ToString().Replace("`r`n", "`n")
+            }
+            # check if CN available, otherwise add OU as label
+            $cn = [regex]::Match($pem.Subject, '(?<=CN=)(.)+?(?=,|$)').Value.Trim().Trim('"')
+            if ($cn) {
+                $pem.Label = $cn
+            } else {
+                $pem.Label = [regex]::Match($pem.Subject, '(?<=OU=)(.)+?(?=,|$)').Value.Trim().Trim('"')
+            }
+            $pems.Add([PSCustomObject]$pem)
+        }
+    } else {
+        Write-Warning 'SSL certificate chain validation failed.'
+    }
+}
+
+end {
+    return $pems
+}