Last active
June 25, 2019 20:46
-
-
Save sboardwell/ef7feef941bebf9732853dac07acc6aa to your computer and use it in GitHub Desktop.
add_default_ssl_cert.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
die() { echo "$@" 1>&2 ; exit 1; } | |
dieGracefully() { echo "$@" 1>&2 ; exit 0; } | |
confirm () { | |
# call with a prompt string or use a default | |
read -p "${1:-Are you sure?} [y/N]" -n 1 -r | |
[ -n "$REPLY" ] && echo # (optional) move to a new line | |
if [[ ! $REPLY =~ ^[Yy]$ ]]; then | |
dieGracefully "Received '${REPLY:-N}'. ${2:-Exiting gracefully}." | |
fi | |
} | |
add_default_cert() { | |
local envType=$1 | |
local INGRESS_CONTROLLER_NAME='jxing-nginx-ingress-controller' | |
local INGRESS_CONTROLLER_NS='kube-system' | |
local DEFAULT_SSL_CERTIFICATE="--default-ssl-certificate=${INGRESS_CONTROLLER_NS}/${INGRESS_CONTROLLER_NAME}-${envType}-tls" | |
local containerArgs | |
echo "Getting ${INGRESS_CONTROLLER_NAME} container args..." | |
containerArgs=$(kubectl get deployment -n ${INGRESS_CONTROLLER_NS} ${INGRESS_CONTROLLER_NAME} -o 'jsonpath={ .spec.template.spec.containers[0].args }') | |
if [[ "$containerArgs" != *default-ssl-certificate* ]]; then | |
echo "Adding '${DEFAULT_SSL_CERTIFICATE}' to ${INGRESS_CONTROLLER_NAME}." | |
kubectl patch deployment -n ${INGRESS_CONTROLLER_NS} ${INGRESS_CONTROLLER_NAME} --type='json' -p='[{"op": "add", "path": "/spec/template/spec/containers/0/args/-", "value": "'${DEFAULT_SSL_CERTIFICATE}'"}]' | |
else | |
echo -e "WARNING: 'default-ssl-certificate' already exists - is the following correct? \n $(grep -oE '\-\-default-ssl-certificate=[a-z/-]+' <<< "$containerArgs")" | |
confirm "Do you want to continue? If not, please edit and remove or otherwise correct before continuing." | |
fi | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment