diff options
| -rwxr-xr-x | scripts/argocd-admin-password | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/scripts/argocd-admin-password b/scripts/argocd-admin-password new file mode 100755 index 0000000..da85088 --- /dev/null +++ b/scripts/argocd-admin-password @@ -0,0 +1,40 @@ +#!/bin/bash + +# Ensure a secret name is provided +if [ -z "$1" ]; then + echo "Usage: $0 <onepassword-secret-name>" + exit 1 +fi + +# Set the secret name +SECRET_NAME=$1 + +# Check if 1Password CLI is installed +if ! command -v op &> /dev/null; then + echo "1Password CLI (op) could not be found. Please install it first." + exit 1 +fi + +# Sign in to 1Password (ensure OP_SESSION_myaccount is set in the environment) +if [ -z "$OP_SESSION_myaccount" ]; then + eval $(op signin my) +fi + +# Retrieve the admin password from 1Password +ADMIN_PASSWORD=$(op read "op://Personal/$SECRET_NAME/password") + +if [ -z "$ADMIN_PASSWORD" ]; then + echo "Failed to retrieve the admin password from 1Password." + exit 1 +fi + +# Generate bcrypt hash of the password +HASHED_PASSWORD=$(htpasswd -nbBC 10 "" "$ADMIN_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/') + +# Create the Kubernetes secret +kubectl create secret generic argocd-secret \ + --from-literal=admin.password=$HASHED_PASSWORD \ + -n argocd + +echo "ArgoCD admin password secret created successfully." + |