2024-07-07 04:27:20 +00:00
|
|
|
apiVersion: v1
|
|
|
|
kind: ConfigMap
|
|
|
|
metadata:
|
|
|
|
name: secrets-init
|
|
|
|
data:
|
|
|
|
initialize-secrets.py: |
|
|
|
|
#!/usr/bin/python
|
|
|
|
import os
|
|
|
|
import sys
|
|
|
|
|
|
|
|
for f in sys.argv[1:]:
|
|
|
|
with open(f"/config/{f}") as r:
|
|
|
|
c = r.read()
|
|
|
|
|
|
|
|
for k, v in os.environ.items():
|
|
|
|
if not k.startswith("SECRET_"):
|
|
|
|
continue
|
|
|
|
|
|
|
|
if v is not None:
|
|
|
|
c = c.replace(k, v)
|
|
|
|
print("replaced", k)
|
|
|
|
|
2024-08-22 19:33:10 +00:00
|
|
|
if os.getenv("DEBUG_PRINT_SECRETS_IN_PLAINTEXT") == "i promise to rotate the secrets after I do this":
|
|
|
|
print(c)
|
|
|
|
|
2024-07-07 04:27:20 +00:00
|
|
|
with open(f"/data/{f}", 'w') as w:
|
|
|
|
w.write(c)
|