gmoker/gitea
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: create user from secret instead of env
Some checks failed
/ deploy (push) Failing after 1m43s
Details

Browse Source
This commit is contained in:
ange 2024-12-22 06:15:20 +00:00
parent 0a86bed0ce
commit 0fd5175a1d
Signed by: ange
GPG Key ID: 9E0C4157BB7BEB1D
2 changed files with 26 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
manifests/bin/createadmin.sh
View File

@ -2,32 +2,29 @@
function get_token() { function get_token() {
kubectl exec app-0 -- gitea admin user generate-access-token \ kubectl exec app-0 -- gitea admin user generate-access-token \
--username "$NAME" \ --username "$name" \
--token-name "${NAME^^}" \ --token-name "${name^^}" \
--scopes "$scopes" \ --scopes "$scopes" \
| awk '{print $NF}' | awk '{print $NF}'
} }
export NAME="$1" name="$1"
scopes="$2" scopes="$2"
export EMAIL="$NAME@$BASE_URL" email="$name@$BASE_URL"
export SECRET="gitea-$NAME" secret="gitea-$name"
if ! kubectl get secret "$SECRET" > /dev/null 2>&1; then if ! kubectl get secret "$secret" > /dev/null 2>&1; then
p="$(openssl rand -hex 32)" kcreatesec "$secret" \
kapply common/createadmin.yaml --from-literal=email="$email" \
else --from-literal=username="$name" \
p="$(kgseckey "$SECRET" password)" --from-literal=password="$(openssl rand -hex 32)"
SECRET="$secret" kapply common/createadmin.yaml
fi fi
opts=()
if [ -n "$scopes" ]; then if [ -n "$scopes" ]; then
token="$(kgseckey "$SECRET" token || get_token)" kcreatesec "$secret" \
opts+=(--from-literal=token="$token") --from-literal=email="$email" \
--from-literal=username="$name" \
--from-literal=password="$(kgseckey "$secret" password)" \
--from-literal=token="$(kgseckey "$secret" token || get_token)"
fi fi
kcreatesec "$SECRET" \
--from-literal=email="$NAME@$BASE_URL" \
--from-literal=username="$NAME" \
--from-literal=password="$p" \
"${opts[@]}"

17
manifests/common/createadmin.yaml
View File

@ -10,17 +10,20 @@ spec:
containers: containers:
- name: createuser - name: createuser
image: "$IMAGEAPP" image: "$IMAGEAPP"
envFrom:
- secretRef:
name: "$SECRET"
command: command:
- bash - bash
- -c - -c
- | - |
gitea admin user change-password --must-change-password=false \ gitea admin user change-password --must-change-password=false
--username "$NAME" \ --username "$username"
--password "$PASS" 2> /dev/null \ --password "$password"
|| gitea admin user create --admin --must-change-password=false \ || gitea admin user create --admin --must-change-password=false
--email "$EMAIL" \ --email "$email"
--username "$NAME" \ --username "$username"
--password "$PASS" --password "$password"
volumeMounts: volumeMounts:
- name: config - name: config
mountPath: /etc/gitea/app.ini mountPath: /etc/gitea/app.ini