about summary refs log tree commit diff
diff options
context:
space:
mode:
authormakefunstuff <[email protected]>2024-06-28 12:52:33 +0200
committermakefunstuff <[email protected]>2024-06-28 12:52:33 +0200
commit96abd71cde4ed66223a916935ab28af1909b7ef0 (patch)
tree95a572f7f6a10fba90065cb64c5d5d8d8cbcb3bf
parent44cccb5f6b75c532aa6b097e2989d7581e78869e (diff)
downloadk3s-lab-96abd71cde4ed66223a916935ab28af1909b7ef0.tar.gz
argocd password
Diffstat (limited to '')
-rwxr-xr-xscripts/argocd-admin-password40
1 files changed, 40 insertions, 0 deletions
diff --git a/scripts/argocd-admin-password b/scripts/argocd-admin-password
new file mode 100755
index 0000000..da85088
--- /dev/null
+++ b/scripts/argocd-admin-password
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Ensure a secret name is provided
+if [ -z "$1" ]; then
+  echo "Usage: $0 <onepassword-secret-name>"
+  exit 1
+fi
+
+# Set the secret name
+SECRET_NAME=$1
+
+# Check if 1Password CLI is installed
+if ! command -v op &> /dev/null; then
+  echo "1Password CLI (op) could not be found. Please install it first."
+  exit 1
+fi
+
+# Sign in to 1Password (ensure OP_SESSION_myaccount is set in the environment)
+if [ -z "$OP_SESSION_myaccount" ]; then
+  eval $(op signin my)
+fi
+
+# Retrieve the admin password from 1Password
+ADMIN_PASSWORD=$(op read "op://Personal/$SECRET_NAME/password")
+
+if [ -z "$ADMIN_PASSWORD" ]; then
+  echo "Failed to retrieve the admin password from 1Password."
+  exit 1
+fi
+
+# Generate bcrypt hash of the password
+HASHED_PASSWORD=$(htpasswd -nbBC 10 "" "$ADMIN_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/')
+
+# Create the Kubernetes secret
+kubectl create secret generic argocd-secret \
+  --from-literal=admin.password=$HASHED_PASSWORD \
+  -n argocd
+
+echo "ArgoCD admin password secret created successfully."
+