#2 OZG-7121 script: Add fetch client secret script

94e5a443 · Jan Zickermann · 888a6eb3 · 94e5a443 · 94e5a443 · 94e5a443
Commit 94e5a443 authored 5 months ago by Jan Zickermann
--- a/keystore-truststore-from-tls-secret.dockerfile
+++ b/keystore-truststore-from-tls-secret.dockerfile
@@ -2,7 +2,7 @@ FROM alpine:3.21

 RUN apk add --no-cache openssl openjdk11

-COPY --chown=185 src/main/resources/store/keystore-truststore-from-tls-secret.sh /opt/
+COPY --chown=185 scripts/keystore-truststore-from-tls-secret.sh /opt/

 VOLUME /store /tls
 USER 185

--- a/scripts/fetch-client-tls-secret.sh
+++ b/scripts/fetch-client-tls-secret.sh
+#!/bin/bash
+
+set -e
+
+CLIENT_NAME=${CLIENT_NAME:-clienta}
+NAMESPACE=${NAMESPACE:-by-enable-dev}
+TLS_DIR=${CLIENT_NAME}-tls
+
+export IN_CA_CRT="$TLS_DIR"/ca.crt
+export IN_TLS_KEY="$TLS_DIR"/tls.key
+export IN_TLS_CRT="$TLS_DIR"/tls.crt
+
+export OUT_JKS_TRUSTSTORE="$TLS_DIR"/truststore.jks
+export OUT_P12_KEYSTORE="$TLS_DIR"/keystore.p12
+
+fetch_secret_file() {
+  kubectl get secret -n "$NAMESPACE" "xta-test-server-${CLIENT_NAME}-tls-secret" -o jsonpath="$1" | base64 -d
+}
+
+mkdir -p "$TLS_DIR"
+
+fetch_secret_file '{.data.ca\.crt}' > "$IN_CA_CRT"
+fetch_secret_file '{.data.tls\.key}' > "$IN_TLS_KEY"
+fetch_secret_file '{.data.tls\.crt}' > "$IN_TLS_CRT"
+
+exec /bin/sh keystore-truststore-from-tls-secret.sh
+
--- a/scripts/fetch-trust-store.sh
+++ b/scripts/fetch-trust-store.sh
--- a/src/main/resources/store/keystore-truststore-from-tls-secret.sh
+++ b/src/main/resources/store/keystore-truststore-from-tls-secret.sh