From c1367f2eacecfca4d14aded2d4d35719d21ea072 Mon Sep 17 00:00:00 2001 From: Rodrigo Pastrana Date: Fri, 24 Jun 2022 14:19:53 -0400 Subject: [PATCH] HPCC-27830 Adds create secret helper Signed-off-by: Rodrigo Pastrana --- helm/examples/azure/log-analytics/README.md | 9 ++- .../create-azure-logaccess-secret.sh | 66 +++++++++++++++++++ 2 files changed, 74 insertions(+), 1 deletion(-) create mode 100755 helm/examples/azure/log-analytics/create-azure-logaccess-secret.sh diff --git a/helm/examples/azure/log-analytics/README.md b/helm/examples/azure/log-analytics/README.md index f24059d2878..97c567cf365 100644 --- a/helm/examples/azure/log-analytics/README.md +++ b/helm/examples/azure/log-analytics/README.md @@ -43,7 +43,14 @@ The following kv pairs are supported - aad-client-secret - ala-workspace-id -Example secret creation command (assuming ./secrets-templates contains a file named exactly as the above keys): +The included 'create-azure-logaccess-secret.sh' helper can be used to create the necessary secret +Example manual secret creation command (assuming ./secrets-templates contains a file named exactly as the above keys): +```console + create-azure-logaccess-secret.sh .HPCC-Platform/helm/examples/azure/log-analytics/secrets-templates/ +``` + +Otherwise, users can create the secret manually. +Example manual secret creation command (assuming ./secrets-templates contains a file named exactly as the above keys): ```console kubectl create secret generic azure-logaccess --from-file=HPCC-Platform/helm/examples/azure/log-analytics/secrets-templates/ ``` diff --git a/helm/examples/azure/log-analytics/create-azure-logaccess-secret.sh b/helm/examples/azure/log-analytics/create-azure-logaccess-secret.sh new file mode 100755 index 00000000000..7e3614a3b74 --- /dev/null +++ b/helm/examples/azure/log-analytics/create-azure-logaccess-secret.sh @@ -0,0 +1,66 @@ +#!/bin/bash +WORK_DIR=$(dirname $0) +source ${WORK_DIR}/env-loganalytics + +k8scommand="kubectl" +secretname="azure-logaccess" +secretsdir="${WORK_DIR}/secrets-templates" + +usage() +{ + echo "Creates necessary k8s secret used by HPCC's logAccess to access Azure Log Analytics" + echo "> create-azure-logaccess-secret.sh [Options]" + echo "" + echo "Options:" + echo "-d Specifies directory containing required secret values in self named files." + echo " Defaults to /<${secretssubdir}>" + echo "-h Print Usage message" + echo "" + echo "Requires directory containing secret values in dedicated files." + echo "Defaults to ${secretssubdir} if not specified via -d option." + echo "" + echo "Expected directory structure:" + echo "${secretsdir}/" + echo " aad-client-id - Should contain the ID of the AAD registered Application" + echo " aad-tenant-id - Should contain the subscription tenant of theAAD registered Application" + echo " aad-client-secret - Should contain access secret provided by AAD registered Application" + echo " ala-workspace-id - Should contain target Azure Log Analytics workspace ID. (Optional if provided in LogAccess configuration)" +} + +while [ "$#" -gt 0 ]; do + arg=$1 + case "${arg}" in + -h) + usage + exit + ;; + -d) shift + secretsdir=$1 + ;; + esac + shift +done + +echo "Creating '${secretname}' secret." + +command -v ${k8scommand} >/dev/null 2>&1 || { echo >&2 "Aborting - '${k8scommand}' not found!"; exit 1; } + +errormessage=$(${k8scommand} get secret ${secretname} 2>&1) +if [[ $? -eq 0 ]] +then + echo "WARNING: Target secret '${secretname}' already exists! Delete it and re-run if secret update desired." + echo "${errormessage}" + exit 1 +fi + +errormessage=$(${k8scommand} create secret generic ${secretname} --from-file=${secretsdir}) +if [[ $? -ne 0 ]] +then + echo "Error creating: Target secret '${secretname}'!" + echo >&2 + usage + exit 1 +else + echo "Target secret '${secretname}' successfully created!" + ${k8scommand} get secret ${secretname} +fi \ No newline at end of file