Re-implement JWT generation in auto-idler using pyjwt

services/auto-idler/Dockerfile

@@ -3,11 +3,9 @@ FROM ${IMAGE_REPO:-lagoon}/oc
 
 ENV LAGOON=auto-idler
 
-RUN apk add --no-cache tini jq openssl bash curl nodejs nodejs-npm \
-    && npm config set unsafe-perm true \
-    && npm -g install jwtgen
+RUN apk add --no-cache tini jq bash curl py3-jwt
 
-COPY create_jwt.sh idle-services.sh idle-clis.sh openshift-clis.sh openshift-services.sh /
+COPY create_jwt.py idle-services.sh idle-clis.sh openshift-clis.sh openshift-services.sh /
 
 ENV JWTSECRET=super-secret-string \
     JWTAUDIENCE=api.dev \

services/auto-idler/create_jwt.py

@@ -0,0 +1,9 @@
+#!/usr/bin/env python3
+
+import os
+import jwt
+
+payload = {'role': 'admin', 'iss': 'auto-idler',
+           'aud': os.environ['JWTAUDIENCE'], 'sub': 'auto-idler'}
+
+print(jwt.encode(payload, os.environ['JWTSECRET'], algorithm='HS256').decode())

services/auto-idler/idle-clis.sh

@@ -9,7 +9,7 @@ prefixwith() {
 }
 
 # Create an JWT Admin Token to talk to the API
-API_ADMIN_JWT_TOKEN=$(./create_jwt.sh)
+API_ADMIN_JWT_TOKEN=$(./create_jwt.py)
 BEARER="Authorization: bearer $API_ADMIN_JWT_TOKEN"
 
 # Load all projects and their environments
@@ -45,4 +45,4 @@ do
 done
 sleep 5
 # clean up the tmp file
-rm $TMP_DATA
+rm $TMP_DATA

services/auto-idler/idle-services.sh

@@ -10,7 +10,7 @@ prefixwith() {
 }
 
 # Create an JWT Admin Token to talk to the API
-API_ADMIN_JWT_TOKEN=$(./create_jwt.sh)
+API_ADMIN_JWT_TOKEN=$(./create_jwt.py)
 BEARER="Authorization: bearer $API_ADMIN_JWT_TOKEN"
 
 # Load all projects and their environments, but only development environments