From 380438dbdf42bd43c0a0bc95790be9227906cc45 Mon Sep 17 00:00:00 2001 From: titver968 Date: Tue, 18 Nov 2025 10:25:27 +0100 Subject: [PATCH] plane secret patcher and dns --- argocd/apps/plane/plane-secret-patcher.yaml | 75 ++++++++++----------- 1 file changed, 34 insertions(+), 41 deletions(-) diff --git a/argocd/apps/plane/plane-secret-patcher.yaml b/argocd/apps/plane/plane-secret-patcher.yaml index 0c3363d..aa8a045 100644 --- a/argocd/apps/plane/plane-secret-patcher.yaml +++ b/argocd/apps/plane/plane-secret-patcher.yaml @@ -18,51 +18,41 @@ spec: - /bin/sh - -c - | - # Patch plane-app-secrets - kubectl patch secret plane-app-secrets -n plane --type='json' -p='[ - {"op": "replace", "path": "/data/DATABASE_URL", "value": "'$(echo -n "postgresql://plane:plane@plane-pgdb:5432/plane" | base64)'"}, - {"op": "replace", "path": "/data/REDIS_URL", "value": "'$(echo -n "redis://plane-redis:6379/" | base64)'"}, - {"op": "replace", "path": "/data/AMQP_URL", "value": "'$(echo -n "amqp://plane:plane@plane-rabbitmq/" | base64)'"} - ]' - - # Patch plane-live-secrets - kubectl patch secret plane-live-secrets -n plane --type='json' -p='[ - {"op": "replace", "path": "/data/REDIS_URL", "value": "'$(echo -n "redis://plane-redis:6379/" | base64)'"} - ]' - - echo "Secrets patched successfully" + echo "Patching Plane Secrets & DNS Config…" - kubectl patch deployment plane-api-wl -n plane --type='json' -p='[ - { - "op": "add", - "path": "/spec/template/spec/dnsConfig", - "value": { - "options": [{"name": "ndots", "value": "1"}] - } - } - ]' + DB_URL=$(echo -n "postgresql://plane:plane@plane-pgdb:5432/plane" | base64) + REDIS_URL=$(echo -n "redis://plane-redis:6379/" | base64) + AMQP_URL=$(echo -n "amqp://plane:plane@plane-rabbitmq/" | base64) - # Patch Worker Deployment - kubectl patch deployment plane-worker-wl -n plane --type='json' -p='[ - { - "op": "add", - "path": "/spec/template/spec/dnsConfig", - "value": { - "options": [{"name": "ndots", "value": "1"}] - } - } - ]' + kubectl patch secret plane-app-secrets -n plane --type=json -p " + [ + {\"op\": \"replace\", \"path\": \"/data/DATABASE_URL\", \"value\": \"${DB_URL}\"}, + {\"op\": \"replace\", \"path\": \"/data/REDIS_URL\", \"value\": \"${REDIS_URL}\"}, + {\"op\": \"replace\", \"path\": \"/data/AMQP_URL\", \"value\": \"${AMQP_URL}\"} + ]" - # Patch Beat Worker - kubectl patch deployment plane-beat-worker-wl -n plane --type='json' -p='[ - { - "op": "add", - "path": "/spec/template/spec/dnsConfig", - "value": { - "options": [{"name": "ndots", "value": "1"}] + kubectl patch secret plane-live-secrets -n plane --type=json -p " + [ + {\"op\": \"replace\", \"path\": \"/data/REDIS_URL\", \"value\": \"${REDIS_URL}\"} + ]" + + echo "Secrets patched successfully!" + + # Deployments: plane-api-wl, plane-worker-wl, plane-beat-worker-wl + for item in plane-api-wl plane-worker-wl plane-beat-worker-wl; do + kubectl patch deployment $item -n plane --type=json -p " + [ + { + \"op\": \"add\", + \"path\": \"/spec/template/spec/dnsConfig\", + \"value\": { + \"options\": [{\"name\": \"ndots\", \"value\": \"1\"}] + } } - } - ]' + ]" || echo "DNS patch failed or already applied for $item" + done + + echo "All patches completed!" --- apiVersion: v1 kind: ServiceAccount @@ -79,6 +69,9 @@ rules: - apiGroups: [""] resources: ["secrets"] verbs: ["get", "patch"] +- apiGroups: ["apps"] + resources: ["deployments"] + verbs: ["patch", "get"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding