Create secrets credentials when generating manifest

Signed-off-by: gabriel-farache <[email protected]>
rhdhorchestrator · Jul 15, 2024 · 03d7d84 · 03d7d84
1 parent adf06d5
commit 03d7d84
Show file tree

Hide file tree

Showing 11 changed files with 26 additions and 3 deletions.
diff --git a/create-ocp-project/secret.properties b/create-ocp-project/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/escalation/secret.properties b/escalation/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/modify-vm-resources/secret.properties b/modify-vm-resources/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/move2kube/secret.properties b/move2kube/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/mta-v6.x/secret.properties b/mta-v6.x/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/mta-v7.x/secret.properties b/mta-v7.x/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/mta/secret.properties b/mta/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/mtv-migration/secret.properties b/mtv-migration/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/mtv-plan/secret.properties b/mtv-plan/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/request-vm-cnv/secret.properties b/request-vm-cnv/secret.properties
@@ -0,0 +1 @@
+NOTIFICATIONS_BEARER_TOKEN=
diff --git a/scripts/gen_manifests.sh b/scripts/gen_manifests.sh
@@ -23,6 +23,11 @@ echo -e "\nquarkus.flyway.migrate-at-start=true" >> application.properties
 # https://github.com/apache/incubator-kie-tools/pull/2136
 ../kn workflow gen-manifest --namespace ""
 
+
+if [ "$ENABLE_PERSISTENCE" = false ]; then
+  exit
+fi
+
 # Find the workflow file with .sw.yaml suffix since kn-cli uses the ID to generate resource names
 workflow_file=$(printf '%s\n' ./*.sw.yaml 2>/dev/null | head -n 1)
 
@@ -45,10 +50,18 @@ SONATAFLOW_CR=manifests/01-sonataflow_${workflow_id}.yaml
 yq --inplace eval '.metadata.annotations["sonataflow.org/profile"] = "prod"' "${SONATAFLOW_CR}"
 
 yq --inplace ".spec.podTemplate.container.image=\"quay.io/orchestrator/serverless-workflow-${workflow_id}:latest\"" "${SONATAFLOW_CR}"
-yq --inplace ".spec.podTemplate.container.envFrom=[{\"secretRef\": { \"name\": \"${workflow_id}-creds\"}}]" "${SONATAFLOW_CR}"
 
-if [ "$ENABLE_PERSISTENCE" = false ]; then
-  exit
+if test -f "secret.properties"; then
+  if [ ! -f kubectl ]; then
+    echo "Installing kubectl CLI"
+    curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" 
+    chmod +x kubectl
+  else 
+    echo "kubectl cli already available"
+  fi
+
+  yq --inplace ".spec.podTemplate.container.envFrom=[{\"secretRef\": { \"name\": \"${workflow_id}-creds\"}}]" "${SONATAFLOW_CR}"
+  ../kubectl create -n sonataflow-infra secret generic "${workflow_id}-creds" --from-env-file=secret.properties --dry-run=client -oyaml > "manifests/01-secret_${workflow_id}.yaml"
 fi
 
 yq --inplace ".spec |= (