#!/bin/bash # Script to directly apply Cloudflare credentials secret # Default values ZONE_ID="5485880624d63a6fdf003b8e994f0dd8" # Using the known Zone ID API_TOKEN="" # You'll need to provide this ROUTER_URL="router-default.apps.hub.euw.container.mom" # Default value # Text formatting RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[0;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color echo -e "${BLUE}=== Container Mom Operator: Apply Cloudflare Credentials Secret ===${NC}" echo # Check if kubectl/oc is available if ! command -v kubectl &> /dev/null; then if ! command -v oc &> /dev/null; then echo -e "${RED}Error: Neither kubectl nor oc is installed or in PATH${NC}" exit 1 else CMD="oc" fi else CMD="kubectl" fi # Parse command line arguments while [[ $# -gt 0 ]]; do case $1 in --api-token) API_TOKEN="$2" shift 2 ;; --zone-id) ZONE_ID="$2" shift 2 ;; --router-url) ROUTER_URL="$2" shift 2 ;; --help) echo "Usage: $0 [options]" echo echo "Options:" echo " --api-token TOKEN Set Cloudflare API token (required)" echo " --zone-id ID Override Cloudflare Zone ID (defaults to known ID)" echo " --router-url URL Set OpenShift router URL (has default)" echo " --help Show this help message" exit 0 ;; *) echo -e "${RED}Unknown option: $1${NC}" echo "Use --help for usage information" exit 1 ;; esac done # Check if API token is provided if [ -z "$API_TOKEN" ]; then echo -e "${RED}Error: Cloudflare API token is required${NC}" echo "Please provide it with --api-token option" exit 1 fi # Verify current context echo -e "${BLUE}Current Kubernetes context:${NC} $($CMD config current-context)" echo # Check if namespace exists, create if it doesn't if ! $CMD get namespace container-mom-system &> /dev/null; then echo -e "${YELLOW}Namespace container-mom-system does not exist, creating...${NC}" $CMD create namespace container-mom-system fi # Create or update the secret echo -e "${BLUE}Applying Cloudflare credentials secret with:${NC}" echo -e " Zone ID: ${YELLOW}$ZONE_ID${NC}" echo -e " Router URL: ${YELLOW}$ROUTER_URL${NC}" echo -e " API Token: ${YELLOW}[REDACTED]${NC}" echo echo -e "${BLUE}Creating/updating secret...${NC}" $CMD create secret generic cloudflare-credentials \ -n container-mom-system \ --from-literal=CLOUDFLARE_API_TOKEN="$API_TOKEN" \ --from-literal=CLOUDFLARE_ZONE_ID="$ZONE_ID" \ --from-literal=OPENSHIFT_ROUTER_URL="$ROUTER_URL" \ --dry-run=client -o yaml | $CMD apply -f - if [ $? -eq 0 ]; then echo -e "${GREEN}✓ Secret successfully applied!${NC}" # Check if operator pod exists and offer to restart it if $CMD get pods -n container-mom-system -l app=container-mom-operator -o name &> /dev/null; then echo -e "${BLUE}Would you like to restart the operator to apply the changes? [y/N]${NC}" read -r restart if [[ "$restart" =~ ^[Yy]$ ]]; then echo -e "${BLUE}Restarting the operator...${NC}" $CMD rollout restart deployment container-mom-operator -n container-mom-system echo -e "${GREEN}✓ Operator restart initiated${NC}" fi fi else echo -e "${RED}Failed to apply the secret${NC}" exit 1 fi echo echo -e "${BLUE}To verify the secret's contents:${NC}" echo -e " $CMD get secret cloudflare-credentials -n container-mom-system -o yaml" echo echo -e "${BLUE}To check if the operator is using the secret correctly:${NC}" echo -e " $CMD logs -n container-mom-system deploy/container-mom-operator | grep -i cloudflare" echo echo -e "${BLUE}Done.${NC}"