hscloud/personal/vuko/shells/create-secrets.py
vuko 6c678e391e personal/vuko/shells initial commit
Change-Id: Icba91e8d4ffe53fc8a7ab7946f3a1b45daf20290
2020-05-22 22:02:22 +02:00

26 lines
900 B
Python

#!/usr/bin/env python3
""" generate ssh keys for shells SFTP container """
from pathlib import Path
from subprocess import run
import json
import tempfile
with tempfile.TemporaryDirectory() as tmp:
tmp = Path(tmp).absolute()
keyfile = tmp.joinpath("ssh_host_ed25519_key")
run(["ssh-keygen", "-f", keyfile, "-N", "", "-t", "ed25519"], check=True)
# https://kubernetes.io/docs/concepts/configuration/secret/#generating-a-secret-from-files
generator = {
"secretGenerator": [
{
"name": "shells-ssh-host-key",
"files": [
str(f.relative_to(tmp))
for f in [keyfile, keyfile.with_suffix(".pub")]
],
}
]
}
tmp.joinpath("kustomization.yaml").write_text(json.dumps(generator))
run(["kubectl", "-n", "personal-vuko", "apply", "-k", tmp], check=True)