feat: ensure central secret keys exists

2025-04-17 13:06:28 +01:00 · 2025-04-17 13:06:28 +01:00 · 024a0fcfaf
commit 024a0fcfaf
parent f88d6a2f0d
2 changed files with 14 additions and 0 deletions
--- a/admin/libhelm.sh
+++ b/admin/libhelm.sh
@ -80,6 +80,18 @@ function get_kubezero_secret() {
  get_secret_val kubezero kubezero-secrets "$1"
 }

+function ensure_kubezero_secret_key() {
+  local secret="$(kubectl get secret -n kubezero kubezero-secrets -o yaml)"
+  local key=""
+  local val=""
+
+  for key in $@; do
+    val=$(echo "$secret" | yq ".data.\"$key\"")
+    if [ "$val" == "null" ]; then
+      kubectl patch secret -n kubezero kubezero-secrets --patch="{\"data\": { \"$key\": \"\" }}"
+    fi
+  done
+}

 function set_kubezero_secret() {
  local key="$1"
--- a/charts/kubezero-argo/hooks.d/pre-install.sh
+++ b/charts/kubezero-argo/hooks.d/pre-install.sh
@ -21,3 +21,5 @@ fi
 # Redis secret
 kubectl get secret argocd-redis -n argocd || kubectl create secret generic argocd-redis -n argocd \
    --from-literal=auth=$(date +%s | sha256sum | base64 | head -c 16 ; echo)
+
+ensure_kubezero_secret_key argo-cd.kubezero.username argo-cd.kubezero.password argo-cd.kubezero.sshPrivateKey