forge/clusterforge
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
af2d71e5a0
clusterforge/keycloak-config/ConfigMap_keycloak-secret-generator-script.yaml
ClusterForge 033556c928 Cast commit
2025-10-06 09:34:03 +00:00

68 lines
2.1 KiB
YAML
Raw Blame History

---
apiVersion: v1
data:
generate-secrets.sh: |
set -e
generate_secret() {
openssl rand -hex 16 | tr 'a-f' 'A-F' | head -c 32
}
AIRM_UI_SECRET=$(generate_secret)
AIRM_ADMIN_SECRET=$(generate_secret)
AIRM_CI_SECRET=$(generate_secret)
AIRM_UI_NEXTAUTH_SECRET=$(generate_secret)
KC_SUPERUSER_USERNAME=$(generate_secret)
KC_SUPERUSER_PASSWORD=$(generate_secret)
K8S_CLIENT_SECRET=$(generate_secret)
cat > /tmp/final-secret-store.yaml << EOF
apiVersion: external-secrets.io/v1beta1
kind: ClusterSecretStore
metadata:
name: keycloak-secret-store
spec:
provider:
fake:
data:
- key: keycloak_initial_admin_password
value: admin
- key: keycloak-cnpg-user-username
value: keycloak
- key: keycloak-cnpg-user-password
value: keycloak
- key: keycloak-cnpg-superuser-username
value: ${KC_SUPERUSER_USERNAME}
- key: keycloak-cnpg-superuser-password
value: ${KC_SUPERUSER_PASSWORD}
- key: airm-ui-keycloak-secret
value: ${AIRM_UI_SECRET}
- key: airm-legacy-auth-nextauth-secret
value: ${AIRM_UI_NEXTAUTH_SECRET}
- key: airm-keycloak-admin-client-id
value: 'admin-client-id-value'
- key: airm-keycloak-k8s-client-secret
value: ${K8S_CLIENT_SECRET}
- key: airm-keycloak-admin-client-secret
value: ${AIRM_ADMIN_SECRET}
- key: airm-ci-client-secret
value: ${AIRM_CI_SECRET}
EOF
if kubectl get clustersecretstores.external-secrets.io keycloak-secret-store >/dev/null 2>&1; then
echo "ClusterSecretStore 'keycloak-secret-store' already exists, skipping creation."
exit 0
fi
echo "ClusterSecretStore does not exist, creating it..."
kubectl apply -f /tmp/final-secret-store.yaml
echo "ClusterSecretStore 'keycloak-secret-store' created successfully!"
echo "Generated secrets with alphanumeric values only"
exit 0
kind: ConfigMap
metadata:
name: keycloak-secret-generator-script
namespace: keycloak
Reference in New Issue View Git Blame Copy Permalink