From b34e7bb1000a44b59c9b4e70a71352fec0f886af Mon Sep 17 00:00:00 2001 From: rjshrjndrn Date: Tue, 12 Mar 2024 18:24:09 +0100 Subject: [PATCH] feat(install): Stream line secret generation Signed-off-by: rjshrjndrn --- scripts/helmcharts/init.sh | 13 +++++++------ scripts/helmcharts/openreplay-cli | 1 + scripts/helmcharts/vars.yaml | 19 ++++++++++--------- 3 files changed, 18 insertions(+), 15 deletions(-) diff --git a/scripts/helmcharts/init.sh b/scripts/helmcharts/init.sh index c577584df..03096158e 100644 --- a/scripts/helmcharts/init.sh +++ b/scripts/helmcharts/init.sh @@ -69,6 +69,12 @@ function install_tools() { sudo /usr/local/bin/eget -q --to /usr/local/bin stern/stern } + ## installing stern, log viewer for K8s + exists templater || { + info "$install_status templater" + sudo /usr/local/bin/eget -q --to /usr/local/bin rjshrjndrn/templater + } + ## installing k9s, TUI K8s exists k9s || { info "$install_status K9s" @@ -127,12 +133,7 @@ function create_passwords() { } info "Creating dynamic passwords" - sed_i_wrapper -i "s/postgresqlPassword: \"changeMePassword\"/postgresqlPassword: \"$(randomPass)\"/g" vars.yaml - sed_i_wrapper -i "s/accessKey: \"changeMeMinioAccessKey\"/accessKey: \"$(randomPass)\"/g" vars.yaml - sed_i_wrapper -i "s/secretKey: \"changeMeMinioPassword\"/secretKey: \"$(randomPass)\"/g" vars.yaml - sed_i_wrapper -i "s/jwt_secret: \"SetARandomStringHere\"/jwt_secret: \"$(randomPass)\"/g" vars.yaml - sed_i_wrapper -i "s/assistKey: \"SetARandomStringHere\"/assistKey: \"$(randomPass)\"/g" vars.yaml - sed_i_wrapper -i "s/assistJWTSecret: \"SetARandomStringHere\"/assistJWTSecret: \"$(randomPass)\"/g" vars.yaml + templater -i vars.yaml -o vars.yaml sed_i_wrapper -i "s/domainName: \"\"/domainName: \"${DOMAIN_NAME}\"/g" vars.yaml } diff --git a/scripts/helmcharts/openreplay-cli b/scripts/helmcharts/openreplay-cli index bea0d6d43..5bd39e82b 100755 --- a/scripts/helmcharts/openreplay-cli +++ b/scripts/helmcharts/openreplay-cli @@ -37,6 +37,7 @@ tools=( zyedidia/eget stern/stern hidetatz/kubecolor + rjshrjndrn/templater ) # Ref: https://stackoverflow.com/questions/5947742/how-to-change-the-output-color-of-echo-in-linux diff --git a/scripts/helmcharts/vars.yaml b/scripts/helmcharts/vars.yaml index a0f7a3cc3..9f4a5ccf7 100644 --- a/scripts/helmcharts/vars.yaml +++ b/scripts/helmcharts/vars.yaml @@ -3,7 +3,7 @@ fromVersion: "v1.17.0" postgresql: &postgres # For generating passwords # `openssl rand -hex 20` - postgresqlPassword: "changeMePassword" + postgresqlPassword: "{{ randAlphaNum 20}}" postgresqlHost: "postgresql.db.svc.cluster.local" postgresqlPort: "5432" postgresqlUser: "postgres" @@ -61,8 +61,8 @@ minio: minio: # For generating passwords # `openssl rand -hex 20` - accessKey: "changeMeMinioAccessKey" - secretKey: "changeMeMinioPassword" + accessKey: "{{ randAlphaNum 20 }}" + secretKey: "{{ randAlphaNum 20 }}" ingress-nginx: &ingress-nginx # If you're using an external proxy in front of OpenReplay, update the proxy ports below. @@ -83,7 +83,8 @@ ingress-nginx: &ingress-nginx X-Content-Type-Options: "nosniff" Referrer-Policy: "same-origin" service: - externalTrafficPolicy: "Local" + type: ClusterIP + # externalTrafficPolicy: "Local" ports: http: 80 https: 443 @@ -115,8 +116,8 @@ global: # Registry URL from where the OR images should be pulled. openReplayContainerRegistry: "public.ecr.aws/p1t3u8a3" # secret key to inject to assist and peers service - assistKey: "SetARandomStringHere" - assistJWTSecret: "SetARandomStringHere" + assistKey: "{{ randAlphaNum 20}}" + assistJWTSecret: "{{ randAlphaNum 20}}" # In case of multiple nodes in the kubernetes cluster, # we'll have to create an RWX PVC for shared components. # If it's a single node, we'll use hostVolume, which is the default for the community/oss edition. @@ -134,8 +135,8 @@ global: # if you're using one node installation, where # you're using local s3, make sure these variables # are same as minio.global.minio.accesskey and secretKey - accessKey: "changeMeMinioAccessKey" - secretKey: "changeMeMinioPassword" + accessKey: "{{ randAlphaNum 20 }}" + secretKey: "{{ randAlphaNum 20}}" email: emailHost: '' emailPort: '587' @@ -152,7 +153,7 @@ global: chalice: env: - jwt_secret: "SetARandomStringHere" + jwt_secret: "{{ randAlphaNum 20}}" # captcha_server: '' # captcha_key: '' # SAML2_MD_URL: ''