vuko | 6c678e3 | 2020-05-22 22:02:22 +0200 | [diff] [blame] | 1 | #!/usr/bin/env python3 |
| 2 | """ generate ssh keys for shells SFTP container """ |
| 3 | from pathlib import Path |
| 4 | from subprocess import run |
| 5 | import json |
| 6 | import tempfile |
| 7 | |
| 8 | with tempfile.TemporaryDirectory() as tmp: |
| 9 | tmp = Path(tmp).absolute() |
| 10 | keyfile = tmp.joinpath("ssh_host_ed25519_key") |
| 11 | run(["ssh-keygen", "-f", keyfile, "-N", "", "-t", "ed25519"], check=True) |
| 12 | |
| 13 | # https://kubernetes.io/docs/concepts/configuration/secret/#generating-a-secret-from-files |
| 14 | generator = { |
| 15 | "secretGenerator": [ |
| 16 | { |
| 17 | "name": "shells-ssh-host-key", |
| 18 | "files": [ |
| 19 | str(f.relative_to(tmp)) |
| 20 | for f in [keyfile, keyfile.with_suffix(".pub")] |
| 21 | ], |
| 22 | } |
| 23 | ] |
| 24 | } |
| 25 | tmp.joinpath("kustomization.yaml").write_text(json.dumps(generator)) |
| 26 | run(["kubectl", "-n", "personal-vuko", "apply", "-k", tmp], check=True) |