File tree Expand file tree Collapse file tree 1 file changed +43
-0
lines changed Expand file tree Collapse file tree 1 file changed +43
-0
lines changed Original file line number Diff line number Diff line change 1+ # ## A generator script to create self-signed certificates and Kubernetes secret for local development purpose, required mkcert and kubectl
2+ #! /bin/bash
3+
4+ set -o errexit
5+ set -o nounset
6+ set -o pipefail
7+ set -o errtrace
8+
9+ PRODUCT=buildkit
10+ DIR=./.certs
11+ if [[ " $# " -lt 1 ]]; then
12+ echo " Usage: $0 SAN [SAN...]"
13+ echo
14+ echo " Example: $0 buildkitd.default.svc 127.0.0.1"
15+ echo
16+ echo " The following files will be created under ${DIR} "
17+ echo " - daemon/{ca.pem,cert.pem,key.pem}"
18+ echo " - client/{ca.pem,cert.pem,key.pem}"
19+ echo " - ${PRODUCT} -daemon-certs.yaml"
20+ echo " - ${PRODUCT} -client-certs.yaml"
21+ echo " - SAN"
22+ exit 1
23+ fi
24+ if ! command -v mkcert > /dev/null; then
25+ echo " Missing mkcert (https://github.com/FiloSottile/mkcert)"
26+ exit 1
27+ fi
28+ SAN=$@
29+ SAN_CLIENT=client
30+
31+ mkdir -p $DIR ${DIR} /daemon ${DIR} /client
32+ (
33+ cd $DIR
34+ echo $SAN | tr " " " \n" > SAN
35+ CAROOT=$( pwd) ${SAN} > /dev/null 2>&1
36+ CAROOT=$( pwd) ${SAN_CLIENT} > /dev/null 2>&1
37+ cp -f rootCA.pem daemon/ca.pem
38+ cp -f rootCA.pem client/ca.pem
39+ rm -f rootCA.pem rootCA-key.pem
40+
41+ kubectl create secret generic ${PRODUCT} -daemon-certs --dry-run=client -o yaml --from-file=./daemon > ${PRODUCT} -daemon-certs.yaml
42+ kubectl create secret generic ${PRODUCT} -client-certs --dry-run=client -o yaml --from-file=./client > ${PRODUCT} -client-certs.yaml
43+ )
You can’t perform that action at this time.
0 commit comments