personal/vuko/shells initial commit
Change-Id: Icba91e8d4ffe53fc8a7ab7946f3a1b45daf20290
diff --git a/personal/vuko/shells/create-secrets.py b/personal/vuko/shells/create-secrets.py
new file mode 100644
index 0000000..7d5df82
--- /dev/null
+++ b/personal/vuko/shells/create-secrets.py
@@ -0,0 +1,26 @@
+#!/usr/bin/env python3
+""" generate ssh keys for shells SFTP container """
+from pathlib import Path
+from subprocess import run
+import json
+import tempfile
+
+with tempfile.TemporaryDirectory() as tmp:
+ tmp = Path(tmp).absolute()
+ keyfile = tmp.joinpath("ssh_host_ed25519_key")
+ run(["ssh-keygen", "-f", keyfile, "-N", "", "-t", "ed25519"], check=True)
+
+ # https://kubernetes.io/docs/concepts/configuration/secret/#generating-a-secret-from-files
+ generator = {
+ "secretGenerator": [
+ {
+ "name": "shells-ssh-host-key",
+ "files": [
+ str(f.relative_to(tmp))
+ for f in [keyfile, keyfile.with_suffix(".pub")]
+ ],
+ }
+ ]
+ }
+ tmp.joinpath("kustomization.yaml").write_text(json.dumps(generator))
+ run(["kubectl", "-n", "personal-vuko", "apply", "-k", tmp], check=True)