fix: create user from main pod instead of job

manifests/bin/createadmin.sh

@@ -12,19 +12,25 @@ name="$1"
 scopes="$2"
 email="$name@$BASE_URL"
 secret="gitea-$name"
+passwd="$(kgseckey "$secret" password)"
 
-if ! kubectl get secret "$secret" > /dev/null 2>&1; then
+if [ -z "$passwd" ]; then
-    kcreatesec "$secret" \
+    passwd="$(openssl rand -hex 32)"
-        --from-literal=email="$email" \
+    kubectl exec statefulset/app -- \
-        --from-literal=username="$name" \
+        gitea admin user create --admin --must-change-password=false \
-        --from-literal=password="$(openssl rand -hex 32)"
+            --email "$email" \
-    NAME="$name" SECRET="$secret" kapply common/createadmin.yaml
+            --username "$name" \
+            --password "$passwd"
 fi
 
-if [ -n "$scopes" ]; then
+opts=()
-    kcreatesec "$secret" \
+[ -n "$scopes" ] && opts+=(
-        --from-literal=email="$email" \
+    --from-literal=token="$(kgseckey "$secret" token || get_token)"
-        --from-literal=username="$name" \
+    --from-literal=tokenscopes="$scopes"
-        --from-literal=password="$(kgseckey "$secret" password)" \
+)
-        --from-literal=token="$(kgseckey "$secret" token || get_token)"
+
-fi
+kcreatesec "$secret" \
+    --from-literal=email="$email" \
+    --from-literal=username="$name" \
+    --from-literal=password="$passwd" \
+    "${opts[@]}"

manifests/common/createadmin.yaml

@@ -1,39 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: "createadmin-$NAME"
-spec:
-  template:
-    spec:
-      restartPolicy: Never
-      containers:
-        - name: createuser
-          image: "$IMAGEAPP"
-          envFrom:
-            - secretRef:
-                name: "$SECRET"
-          command:
-            - bash
-            - -c
-            - gitea admin user change-password --must-change-password=false \
-                --username "$username" \
-                --password "$password" \
-              || gitea admin user create --admin --must-change-password=false \
-                --email "$email" \
-                --username "$username" \
-                --password "$password" \
-          volumeMounts:
-            - name: config
-              mountPath: /etc/gitea/app.ini
-              subPath: app.ini
-            - name: secrets
-              mountPath: /etc/gitea/secrets/
-      volumes:
-        - name: config
-          configMap:
-            name: gitea
-        - name: secrets
-          secret:
-            secretName: gitea
-  backoffLimit: 4