add_default_ssl_cert.sh

add_default_ssl_cert.sh

die() { echo "$@" 1>&2 ; exit 1; }

dieGracefully() { echo "$@" 1>&2 ; exit 0; }

confirm () {
    # call with a prompt string or use a default
    read -p "${1:-Are you sure?} [y/N]" -n 1 -r
    [ -n "$REPLY" ] && echo    # (optional) move to a new line
    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
        dieGracefully "Received '${REPLY:-N}'. ${2:-Exiting gracefully}."
    fi
}

add_default_cert() {
  local envType=$1
  local INGRESS_CONTROLLER_NAME='jxing-nginx-ingress-controller'
  local INGRESS_CONTROLLER_NS='kube-system'
  local DEFAULT_SSL_CERTIFICATE="--default-ssl-certificate=${INGRESS_CONTROLLER_NS}/${INGRESS_CONTROLLER_NAME}-${envType}-tls"
  local containerArgs

  echo "Getting ${INGRESS_CONTROLLER_NAME} container args..."
  containerArgs=$(kubectl get deployment -n ${INGRESS_CONTROLLER_NS} ${INGRESS_CONTROLLER_NAME} -o 'jsonpath={ .spec.template.spec.containers[0].args }')

  if [[ "$containerArgs" != *default-ssl-certificate* ]]; then
      echo "Adding '${DEFAULT_SSL_CERTIFICATE}' to ${INGRESS_CONTROLLER_NAME}."
      kubectl patch deployment -n ${INGRESS_CONTROLLER_NS} ${INGRESS_CONTROLLER_NAME} --type='json' -p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "'${DEFAULT_SSL_CERTIFICATE}'"}]'
  else
      echo -e "WARNING: 'default-ssl-certificate' already exists - is the following correct? \n    $(grep -oE '\-\-default-ssl-certificate=[a-z/-]+' <<< "$containerArgs")"
      confirm "Do you want to continue? If not, please edit and remove or otherwise correct before continuing."
  fi
}