43 lines
1.2 KiB
YAML
43 lines
1.2 KiB
YAML
---
|
|
apiVersion: v1
|
|
data:
|
|
generate-secrets.sh: |
|
|
set -e
|
|
|
|
generate_secret() {
|
|
openssl rand -hex 16 | tr 'a-f' 'A-F' | head -c 32
|
|
}
|
|
|
|
MINIO_KEYCLOAK_CLIENT_SECRET=$(generate_secret)
|
|
MINIO_ROOT_PASSWORD=$(generate_secret)
|
|
|
|
cat > /tmp/final-secret-store.yaml << EOF
|
|
apiVersion: external-secrets.io/v1beta1
|
|
kind: ClusterSecretStore
|
|
metadata:
|
|
name: minio-integrations-secret-store
|
|
spec:
|
|
provider:
|
|
fake:
|
|
data:
|
|
- key: minio-keycloak-client-secret
|
|
value: ${MINIO_KEYCLOAK_CLIENT_SECRET}
|
|
- key: minio-keycloak-client-config
|
|
value: |
|
|
export MINIO_SERVER_URL="http://minio:80"
|
|
export MINIO_API_ROOT_ACCESS="on"
|
|
export MINIO_ROOT_USER="minioroot"
|
|
export MINIO_ROOT_PASSWORD="${MINIO_ROOT_PASSWORD}"
|
|
export MINIO_IDENTITY_OPENID_CLIENT_SECRET="${MINIO_KEYCLOAK_CLIENT_SECRET}"
|
|
|
|
EOF
|
|
|
|
kubectl apply -f /tmp/final-secret-store.yaml
|
|
|
|
echo "ClusterSecretStore created successfully!"
|
|
echo "Generated secrets with alphanumeric values only"
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: minio-secret-generator-script
|
|
namespace: minio-tenant-default
|