From 430fda84f396c4f7f25e906423562146ddda0cc1 Mon Sep 17 00:00:00 2001
From: Diego Rodriguez <diego.rodriguez@cern.ch>
Date: Wed, 20 May 2020 14:06:04 +0200
Subject: [PATCH] make: DB init and create admin user after install

---
 Makefile                     |  1 +
 reana/cli.py                 | 17 ++++++++---------
 scripts/create-admin-user.sh | 18 ++++++++++++++++++
 3 files changed, 27 insertions(+), 9 deletions(-)
 create mode 100755 scripts/create-admin-user.sh

diff --git a/Makefile b/Makefile
index be6c2f10..2a968903 100644
--- a/Makefile
+++ b/Makefile
@@ -204,6 +204,7 @@ deploy: # Deploy/redeploy previously built REANA cluster.
 			sleep ${TIMECHECK}; \
 		fi;\
 	done && \
+	source ${PWD}/scripts/create-admin-user.sh ${TRUNC_INSTANCE_NAME} && \
 	eval $$(reana-dev setup-environment $(addprefix --server-hostname , ${SERVER_URL}))
 
 example: # Run one or several demo examples.
diff --git a/reana/cli.py b/reana/cli.py
index 2e103b04..2841416d 100644
--- a/reana/cli.py
+++ b/reana/cli.py
@@ -8,7 +8,9 @@
 
 """Helper scripts for REANA developers. Run `reana-dev --help` for help."""
 
+import base64
 import datetime
+import json
 import logging
 import os
 import platform
@@ -1524,15 +1526,12 @@ def setup_environment(server_hostname, insecure_url):  # noqa: D301
         export_lines.append(component_export_line.format(
             env_var_name='REANA_SERVER_URL',
             env_var_value=server_hostname or get_external_url(insecure_url)))
-
-        get_admin_token_sql_query_cmd = [
-            'psql', '-U', 'reana', 'reana', '-c',
-            'SELECT token FROM user_token']
-        sql_query_result = exec_into_component(
-            get_prefixed_component_name('db'),
-            get_admin_token_sql_query_cmd)
-        # We get the token from the SQL query result
-        admin_access_token = sql_query_result.splitlines()[2].strip()
+        get_access_token_cmd = \
+            'kubectl get secret -o json reana-dev-admin-access-token'
+        secret_json = json.loads(subprocess.check_output(
+            get_access_token_cmd, shell=True).decode())
+        admin_access_token_b64 = secret_json['data']['ADMIN_ACCESS_TOKEN']
+        admin_access_token = base64.b64decode(admin_access_token_b64).decode()
         export_lines.append(component_export_line.format(
             env_var_name='REANA_ACCESS_TOKEN',
             env_var_value=admin_access_token))
diff --git a/scripts/create-admin-user.sh b/scripts/create-admin-user.sh
new file mode 100755
index 00000000..56cf94c4
--- /dev/null
+++ b/scripts/create-admin-user.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+instance_name=$1
+
+# Get REANA Server pod name
+REANA_SERVER=$(kubectl get pod -l "app=$instance_name-server" -o name \
+               -o jsonpath='{.items[0].metadata.name}')
+
+# Initialise DB
+kubectl exec "$REANA_SERVER" -- ./scripts/setup
+
+# Create admin user
+admin_access_token=$(kubectl exec "$REANA_SERVER" -- \
+                     flask reana-admin create-admin-user admin@reana.org)
+
+# Add token to secrets
+kubectl create secret generic "$instance_name"-admin-access-token \
+      --from-literal=ADMIN_ACCESS_TOKEN="$admin_access_token"