Skip to content

Commit

Permalink
Updating hardcoded admin password
Browse files Browse the repository at this point in the history
  • Loading branch information
roller1187 committed Nov 2, 2020
1 parent e1f89e2 commit 1b717cf
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 5 deletions.
1 change: 0 additions & 1 deletion roles/gitea-ocp/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ _gitea_namespace: gitea
_gitea_name: gitea

_gitea_admin_user: administrator
_gitea_admin_password: openshift
_gitea_admin_email: [email protected]

_gitea_postgresql_service_name: postgresql
Expand Down
25 changes: 21 additions & 4 deletions roles/gitea-ocp/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -91,8 +91,25 @@
- set_fact:
gitea_pod_name: '{{ gitea_pod.resources[0].metadata.name }}'

- name: Create Gitea admin user
community.kubernetes.k8s_exec:
- name: Check for administrator credential secret
k8s_info:
namespace: "{{ _gitea_namespace }}"
pod: '{{ gitea_pod_name }}'
command: /home/gitea/gitea --config=/home/gitea/conf/app.ini admin create-user --username '{{ _gitea_admin_user }}' --password '{{ _gitea_admin_password }}' --admin --email '{{ _gitea_admin_email }}' --access-token --must-change-password=false
kind: Secret
name: "{{ _gitea_name }}-admin-credentials"
register: gitea_admin_credentials

- name: Generate administrator password
block:
- set_fact:
gitea_admin_password: "{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"

- name: Create gitea-admin-credentials Secret
k8s:
definition: "{{ lookup('template', 'secret.yml.j2') | from_yaml }}"

- name: Create Gitea admin user
community.kubernetes.k8s_exec:
namespace: "{{ _gitea_namespace }}"
pod: '{{ gitea_pod_name }}'
command: /home/gitea/gitea --config=/home/gitea/conf/app.ini admin create-user --username '{{ _gitea_admin_user }}' --password '{{ gitea_admin_password }}' --admin --email '{{ _gitea_admin_email }}' --access-token --must-change-password=false
when: not gitea_admin_credentials.resources
8 changes: 8 additions & 0 deletions roles/gitea-ocp/templates/secret.yml.j2
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: "{{ _gitea_name }}-admin-credentials"
namespace: "{{ _gitea_namespace }}"
data:
username: "{{ 'administrator' | b64encode }}"
password: "{{ gitea_admin_password | b64encode }}"

0 comments on commit 1b717cf

Please sign in to comment.