argocd password

1 files changed, 40 insertions, 0 deletions

diff --git a/scripts/argocd-admin-password b/scripts/argocd-admin-password
new file mode 100755
index 0000000..da85088
--- /dev/null
+++ b/scripts/argocd-admin-password
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Ensure a secret name is provided
+if [ -z "$1" ]; then
+  echo "Usage: $0 <onepassword-secret-name>"
+  exit 1
+fi
+
+# Set the secret name
+SECRET_NAME=$1
+
+# Check if 1Password CLI is installed
+if ! command -v op &> /dev/null; then
+  echo "1Password CLI (op) could not be found. Please install it first."
+  exit 1
+fi
+
+# Sign in to 1Password (ensure OP_SESSION_myaccount is set in the environment)
+if [ -z "$OP_SESSION_myaccount" ]; then
+  eval $(op signin my)
+fi
+
+# Retrieve the admin password from 1Password
+ADMIN_PASSWORD=$(op read "op://Personal/$SECRET_NAME/password")
+
+if [ -z "$ADMIN_PASSWORD" ]; then
+  echo "Failed to retrieve the admin password from 1Password."
+  exit 1
+fi
+
+# Generate bcrypt hash of the password
+HASHED_PASSWORD=$(htpasswd -nbBC 10 "" "$ADMIN_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/')
+
+# Create the Kubernetes secret
+kubectl create secret generic argocd-secret \
+  --from-literal=admin.password=$HASHED_PASSWORD \
+  -n argocd
+
+echo "ArgoCD admin password secret created successfully."
+