about summary refs log tree commit diff
path: root/scripts/argocd-admin-password
blob: da85088dd4f0c0e698b57a67b83d72552b64976e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/bash

# Ensure a secret name is provided
if [ -z "$1" ]; then
  echo "Usage: $0 <onepassword-secret-name>"
  exit 1
fi

# Set the secret name
SECRET_NAME=$1

# Check if 1Password CLI is installed
if ! command -v op &> /dev/null; then
  echo "1Password CLI (op) could not be found. Please install it first."
  exit 1
fi

# Sign in to 1Password (ensure OP_SESSION_myaccount is set in the environment)
if [ -z "$OP_SESSION_myaccount" ]; then
  eval $(op signin my)
fi

# Retrieve the admin password from 1Password
ADMIN_PASSWORD=$(op read "op://Personal/$SECRET_NAME/password")

if [ -z "$ADMIN_PASSWORD" ]; then
  echo "Failed to retrieve the admin password from 1Password."
  exit 1
fi

# Generate bcrypt hash of the password
HASHED_PASSWORD=$(htpasswd -nbBC 10 "" "$ADMIN_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/')

# Create the Kubernetes secret
kubectl create secret generic argocd-secret \
  --from-literal=admin.password=$HASHED_PASSWORD \
  -n argocd

echo "ArgoCD admin password secret created successfully."