From db7a6b226d06b95f0dfdb1d4105ce91ed0cfa745 Mon Sep 17 00:00:00 2001
From: ange <ange@yw5n.com>
Date: Sun, 22 Dec 2024 06:47:14 +0000
Subject: [PATCH] fix: create user from main pod instead of job

---
 manifests/bin/createadmin.sh      | 32 ++++++++++++++-----------
 manifests/common/createadmin.yaml | 39 -------------------------------
 2 files changed, 19 insertions(+), 52 deletions(-)
 delete mode 100644 manifests/common/createadmin.yaml

diff --git a/manifests/bin/createadmin.sh b/manifests/bin/createadmin.sh
index 3b2d301..06321c6 100755
--- a/manifests/bin/createadmin.sh
+++ b/manifests/bin/createadmin.sh
@@ -12,19 +12,25 @@ name="$1"
 scopes="$2"
 email="$name@$BASE_URL"
 secret="gitea-$name"
+passwd="$(kgseckey "$secret" password)"
 
-if ! kubectl get secret "$secret" > /dev/null 2>&1; then
-    kcreatesec "$secret" \
-        --from-literal=email="$email" \
-        --from-literal=username="$name" \
-        --from-literal=password="$(openssl rand -hex 32)"
-    NAME="$name" SECRET="$secret" kapply common/createadmin.yaml
+if [ -z "$passwd" ]; then
+    passwd="$(openssl rand -hex 32)"
+    kubectl exec statefulset/app -- \
+        gitea admin user create --admin --must-change-password=false \
+            --email "$email" \
+            --username "$name" \
+            --password "$passwd"
 fi
 
-if [ -n "$scopes" ]; then
-    kcreatesec "$secret" \
-        --from-literal=email="$email" \
-        --from-literal=username="$name" \
-        --from-literal=password="$(kgseckey "$secret" password)" \
-        --from-literal=token="$(kgseckey "$secret" token || get_token)"
-fi
+opts=()
+[ -n "$scopes" ] && opts+=(
+    --from-literal=token="$(kgseckey "$secret" token || get_token)"
+    --from-literal=tokenscopes="$scopes"
+)
+
+kcreatesec "$secret" \
+    --from-literal=email="$email" \
+    --from-literal=username="$name" \
+    --from-literal=password="$passwd" \
+    "${opts[@]}"
diff --git a/manifests/common/createadmin.yaml b/manifests/common/createadmin.yaml
deleted file mode 100644
index 9355cd0..0000000
--- a/manifests/common/createadmin.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: "createadmin-$NAME"
-spec:
-  template:
-    spec:
-      restartPolicy: Never
-      containers:
-        - name: createuser
-          image: "$IMAGEAPP"
-          envFrom:
-            - secretRef:
-                name: "$SECRET"
-          command:
-            - bash
-            - -c
-            - gitea admin user change-password --must-change-password=false \
-                --username "$username" \
-                --password "$password" \
-              || gitea admin user create --admin --must-change-password=false \
-                --email "$email" \
-                --username "$username" \
-                --password "$password" \
-          volumeMounts:
-            - name: config
-              mountPath: /etc/gitea/app.ini
-              subPath: app.ini
-            - name: secrets
-              mountPath: /etc/gitea/secrets/
-      volumes:
-        - name: config
-          configMap:
-            name: gitea
-        - name: secrets
-          secret:
-            secretName: gitea
-  backoffLimit: 4