mirror of https://github.com/fluxcd/flux2.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
38 lines
1.3 KiB
YAML
38 lines
1.3 KiB
YAML
4 years ago
|
apiVersion: batch/v1beta1
|
||
|
|
kind: CronJob
|
||
|
|
metadata:
|
||
|
|
name: credentials-sync
|
||
|
|
namespace: flux-system
|
||
|
|
spec:
|
||
|
|
jobTemplate:
|
||
|
|
spec:
|
||
|
|
template:
|
||
|
|
spec:
|
||
|
|
containers:
|
||
|
|
- name: sync
|
||
|
|
image: mcr.microsoft.com/azure-cli
|
||
|
|
env:
|
||
|
|
- name: RECONCILE_SH
|
||
|
|
value: |-
|
||
|
|
reconcile() {
|
||
|
|
echo "Starting ACR token sync -- $(date)"
|
||
|
|
echo "Logging into Azure"
|
||
|
|
az login --identity
|
||
|
|
echo "Logging into ACR: ${ACR_NAME}"
|
||
|
|
output="$(az acr login --expose-token -o=tsv -n "${ACR_NAME}")"
|
||
|
|
read token server <<< "${output}"
|
||
|
|
user="00000000-0000-0000-0000-000000000000"
|
||
|
|
|
||
|
|
echo "Creating secret: ${KUBE_SECRET}"
|
||
|
|
/kbin/kubectl create secret docker-registry "${KUBE_SECRET}" \
|
||
|
|
--docker-server="${server}" \
|
||
|
|
--docker-username="00000000-0000-0000-0000-000000000000" \
|
||
|
|
--docker-password="${token}" \
|
||
|
|
--dry-run=client -o=yaml \
|
||
|
|
| grep -v "creationTimestamp:" \
|
||
|
|
| /kbin/kubectl apply -f -
|
||
|
|
|
||
|
|
echo "Finished ACR token sync -- $(date)"
|
||
|
|
echo
|
||
|
|
}
|