Skip to content

Instantly share code, notes, and snippets.

@saumas

saumas/create.sh

Last active April 6, 2024 07:39
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save saumas/fbfe8f869b101bf87f220ef2ce24c6c7 to your computer and use it in GitHub Desktop.
Save saumas/fbfe8f869b101bf87f220ef2ce24c6c7 to your computer and use it in GitHub Desktop.
Download ZIP
Create an admin kubeconfig
Raw
create.sh
#!/usr/bin/env bash
set -ex
NAMESPACE="default"
NAME="admin"
SECRET_NAME="admin-secret"
kubectl create serviceaccount -n $NAMESPACE $NAME
kubectl create clusterrolebinding $NAMESPACE-$NAME --clusterrole=cluster-admin --serviceaccount=$NAMESPACE:$NAME
kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: $SECRET_NAME
namespace: $NAMESPACE
annotations:
kubernetes.io/service-account.name: $NAME
type: kubernetes.io/service-account-token
EOF
TOKEN=$(kubectl get secret "${SECRET_NAME}" -ojsonpath='{.data.token}' | base64 -d)
CA=$(kubectl get secret "${SECRET_NAME}" -ojsonpath='{.data.ca\.crt}')
CURRENT_CONTEXT=$(kubectl config current-context)
CURRENT_CLUSTER=$(kubectl config view --raw -o=go-template='{{range .contexts}}{{if eq .name "'''"${CURRENT_CONTEXT}"'''"}}{{ index .context "cluster" }}{{end}}{{end}}')
CLUSTER_SERVER=$(kubectl config view --raw -o=go-template='{{range .clusters}}{{if eq .name "'''"${CURRENT_CLUSTER}"'''"}}{{ .cluster.server }}{{end}}{{ end }}')
FILENAME=$NAME-$(openssl rand -base64 3 | tr -dc '[:alnum:]' | head -c4).yaml
cat << EOF > "$FILENAME"
apiVersion: v1
kind: Config
current-context: ${CURRENT_CONTEXT}
contexts:
- name: ${CURRENT_CONTEXT}
context:
cluster: ${CURRENT_CONTEXT}
user: $NAME
namespace: $NAMESPACE
clusters:
- name: ${CURRENT_CONTEXT}
cluster:
certificate-authority-data: ${CA}
server: ${CLUSTER_SERVER}
users:
- name: $NAME
user:
token: ${TOKEN}
EOF
echo "Created $FILENAME"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment