78 lines
2.1 KiB
Bash
Executable file
78 lines
2.1 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
# VARIABLES
|
|
SECRET_VALUE="${*:-Vcluster Boo}"
|
|
SECRET_CONTEXT="k3d-argocd"
|
|
SECRET_NAME="dummyhttp-secret"
|
|
SECRET_NAMESPACE="my-vcluster-default"
|
|
|
|
# Relative PATH to the workdir from the script directory
|
|
WORK_DIR_RELPATH="../"
|
|
|
|
# Compute WORKDIR
|
|
SCRIPT="$(readlink -f "$0")"
|
|
SCRIPT_DIR="$(dirname "$SCRIPT")"
|
|
WORK_DIR="$(readlink -f "$SCRIPT_DIR/$WORK_DIR_RELPATH")"
|
|
|
|
# Update the PATH to add the arkade bin directory
|
|
# Add the arkade binary directory to the path if missing
|
|
case ":${PATH}:" in
|
|
*:"${HOME}/.arkade/bin":*) ;;
|
|
*) export PATH="${PATH}:${HOME}/.arkade/bin" ;;
|
|
esac
|
|
|
|
# Go to the working directory
|
|
cd "$WORK_DIR" || exit 1
|
|
|
|
echo "=> Checking if the '$SECRET_NAMESPACE' is available"
|
|
if kubectl get namespace "$SECRET_NAMESPACE" >/dev/null 2>&1; then
|
|
echo "The '$SECRET_NAMESPACE' namespace already exists"
|
|
else
|
|
kubectl create namespace "$SECRET_NAMESPACE"
|
|
fi
|
|
|
|
echo "=> Creating secret file with SECRET_VAR = '$SECRET_VALUE'"
|
|
echo -n "$SECRET_VALUE" | \
|
|
kubectl create secret generic "$SECRET_NAME" --namespace "$SECRET_NAMESPACE" \
|
|
--dry-run=client --from-file=SECRET_VAR=/dev/stdin -o yaml \
|
|
>dummyhttp-secret.yaml
|
|
|
|
echo "=> Creating sealed secret on file"
|
|
kubeseal --context "$SECRET_CONTEXT" -f dummyhttp-secret.yaml \
|
|
-w dummyhttp-sealed-secret.yaml
|
|
|
|
rm -f dummyhttp-secret.yaml
|
|
|
|
echo "=> Adding or updating sealed secret on '$SECRET_NAMESPACE' namespace"
|
|
kubectl apply --context "$SECRET_CONTEXT" -f dummyhttp-sealed-secret.yaml
|
|
|
|
rm -f dummyhttp-sealed-secret.yaml
|
|
|
|
tries="0"
|
|
while true; do
|
|
if kubectl get --context "$SECRET_CONTEXT" --namespace "$SECRET_NAMESPACE" \
|
|
secret/dummyhttp-secret >/dev/null 2>&1; then
|
|
break
|
|
fi
|
|
tries="$((tries+1))"
|
|
echo "Secret not avaliable after attempt '$tries'"
|
|
if [ "$tries" -lt "10" ]; then
|
|
sleep 2
|
|
else
|
|
break
|
|
fi
|
|
done
|
|
|
|
if [ "$tries" -eq "10" ]; then
|
|
echo "Failed to get 'dummyhttp-secret', something dind't work as expected"
|
|
exit 1
|
|
fi
|
|
|
|
SECRET_VAR="$(
|
|
kubectl get --context "$SECRET_CONTEXT" --namespace "$SECRET_NAMESPACE" \
|
|
secret/dummyhttp-secret --template="{{.data.SECRET_VAR}}" | base64 -d
|
|
)"
|
|
|
|
echo "=> Found secret/dummyhttp-secret: SECRET_VAR = '$SECRET_VAR'"
|