blob: da85088dd4f0c0e698b57a67b83d72552b64976e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
#!/bin/bash
# Ensure a secret name is provided
if [ -z "$1" ]; then
echo "Usage: $0 <onepassword-secret-name>"
exit 1
fi
# Set the secret name
SECRET_NAME=$1
# Check if 1Password CLI is installed
if ! command -v op &> /dev/null; then
echo "1Password CLI (op) could not be found. Please install it first."
exit 1
fi
# Sign in to 1Password (ensure OP_SESSION_myaccount is set in the environment)
if [ -z "$OP_SESSION_myaccount" ]; then
eval $(op signin my)
fi
# Retrieve the admin password from 1Password
ADMIN_PASSWORD=$(op read "op://Personal/$SECRET_NAME/password")
if [ -z "$ADMIN_PASSWORD" ]; then
echo "Failed to retrieve the admin password from 1Password."
exit 1
fi
# Generate bcrypt hash of the password
HASHED_PASSWORD=$(htpasswd -nbBC 10 "" "$ADMIN_PASSWORD" | tr -d ':\n' | sed 's/$2y/$2a/')
# Create the Kubernetes secret
kubectl create secret generic argocd-secret \
--from-literal=admin.password=$HASHED_PASSWORD \
-n argocd
echo "ArgoCD admin password secret created successfully."
|