33 lines
846 B
Bash
Executable File
33 lines
846 B
Bash
Executable File
#!/bin/bash
|
|
|
|
|
|
|
|
DBNAMESPACE=database1
|
|
DEPLOYNAME=database
|
|
PGUSER=`kubectl get secret -n $DBNAMESPACE $DEPLOYNAME -o jsonpath="{.data.superuser-username}" | base64 --decode`
|
|
PGHOST=`kubectl get services $DEPLOYNAME -n $DBNAMESPACE -o jsonpath="{.status.loadBalancer.ingress[0].ip}"`
|
|
PGPASSWORD=`kubectl get secret -n $DBNAMESPACE $DEPLOYNAME -o jsonpath="{.data.superuser-password}" | base64 --decode`
|
|
PGSSLMODE=require
|
|
export PGUSER PGHOST PGPASSWORD PGSSLMODE
|
|
|
|
DB_USER=keycloak2
|
|
DB_PASSWD=$(openssl rand -base64 24)
|
|
|
|
NAMESPACE=$(cat namespace)
|
|
|
|
psql <<EOF
|
|
ALTER USER $DB_USER WITH PASSWORD '$DB_PASSWD';
|
|
COMMIT;
|
|
EOF
|
|
|
|
kubectl create secret generic keycloak-database-secrets \
|
|
--dry-run=client \
|
|
-o yaml \
|
|
--save-config \
|
|
--from-literal=DB_USER="$DB_USER" \
|
|
--from-literal=DB_PASSWD="$DB_PASSWD" | \
|
|
kubectl apply -f - -n $NAMESPACE
|
|
|
|
|
|
|