58 lines
1.8 KiB
YAML
58 lines
1.8 KiB
YAML
---
|
|
apiVersion: v1
|
|
data:
|
|
generate-secrets.sh: |2
|
|
generate_secret() {
|
|
openssl rand -hex 16 | tr 'a-f' 'A-F' | head -c 32
|
|
}
|
|
|
|
AIRM_SUPERUSER_USERNAME=$(generate_secret)
|
|
AIRM_SUPERUSER_PASSWORD=$(generate_secret)
|
|
AIRM_USER_PASSWORD=$(generate_secret)
|
|
AIRM_RABBITMQ_USERNAME=$(generate_secret)
|
|
AIRM_RABBITMQ_PASSWORD=$(generate_secret)
|
|
AIRM_UI_AUTH_SECRET=$(generate_secret)
|
|
|
|
cat > /tmp/final-secret-store.yaml << EOF
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ClusterSecretStore
|
|
metadata:
|
|
name: airm-secret-store
|
|
spec:
|
|
provider:
|
|
fake:
|
|
data:
|
|
- key: airm-cnpg-superuser-username
|
|
value: ${AIRM_SUPERUSER_USERNAME}
|
|
- key: airm-cnpg-superuser-password
|
|
value: ${AIRM_SUPERUSER_PASSWORD}
|
|
- key: airm-cnpg-user-username
|
|
value: airm_user
|
|
- key: airm-cnpg-user-password
|
|
value: ${AIRM_USER_PASSWORD}
|
|
- key: airm-rabbitmq-user-username
|
|
value: ${AIRM_RABBITMQ_USERNAME}
|
|
- key: airm-rabbitmq-user-password
|
|
value: ${AIRM_RABBITMQ_PASSWORD}
|
|
- key: airm-ui-auth-nextauth-secret
|
|
value: ${AIRM_UI_AUTH_SECRET}
|
|
EOF
|
|
|
|
kubectl get clustersecretstores.external-secrets.io airm-secret-store > /dev/null 2>&1
|
|
if [ $? -eq 0 ]; then
|
|
echo "ClusterSecretStore 'airm-secret-store' already exists, skipping creation."
|
|
exit 0
|
|
fi
|
|
|
|
kubectl apply -f /tmp/final-secret-store.yaml
|
|
echo "ClusterSecretStore created successfully!"
|
|
echo "Generated secrets with alphanumeric values only"
|
|
exit 0
|
|
kind: ConfigMap
|
|
metadata:
|
|
annotations:
|
|
helm.sh/hook: pre-install
|
|
helm.sh/hook-weight: "-1"
|
|
name: airm-secret-generator-script
|
|
namespace: airm
|