Created
March 6, 2024 06:32
-
-
Save making/3484dede6d729ff91fa198dbcf3091a5 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| NAMESPACE=$1 | |
| SERVICE_ACCOUNT=$2 | |
| SECRET_NAME=${SERVICE_ACCOUNT}-token | |
| cat <<EOF | kubectl apply -n ${NAMESPACE} -f - > /dev/null | |
| apiVersion: v1 | |
| kind: Secret | |
| metadata: | |
| name: ${SECRET_NAME} | |
| annotations: | |
| kubernetes.io/service-account.name: "${SERVICE_ACCOUNT}" | |
| type: kubernetes.io/service-account-token | |
| EOF | |
| TOKEN=`kubectl get secret ${SECRET_NAME} -n ${NAMESPACE} -o 'jsonpath={.data.token}' | base64 --decode` | |
| CREDENTIALS_NAME="${NAMESPACE}:${SERVICE_ACCOUNT}" | |
| kubectl config set-credentials ${CREDENTIALS_NAME} --token=${TOKEN} > /dev/null | |
| CURRENT_CLUSTER=`kubectl config view --minify=true -o jsonpath='{.clusters[0].name}'` | |
| CONTEXT_NAME="${CURRENT_CLUSTER}:${CREDENTIALS_NAME}" | |
| kubectl config set-context ${CONTEXT_NAME} \ | |
| --cluster=${CURRENT_CLUSTER} \ | |
| --namespace=${NAMESPACE} \ | |
| --user=${CREDENTIALS_NAME} > /dev/null | |
| CURRENT_CONTEXT=`kubectl config current-context` | |
| kubectl config use-context ${CONTEXT_NAME} > /dev/null | |
| kubectl config view --minify=true --raw=true | |
| kubectl config use-context ${CURRENT_CONTEXT} > /dev/null | |
| if [ "$3" != "--keep" ];then | |
| kubectl config delete-context ${CONTEXT_NAME} > /dev/null | |
| kubectl config unset "users.${CREDENTIALS_NAME}" > /dev/null | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment