From e511edefcdcb2723572d768c73de92d0d22cd294 Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@oceanbox.io>
Date: Sun, 11 May 2025 10:16:31 +0200
Subject: [PATCH] fix: improve argo remote cluster credentials reset

---
 argocd/_ekman.yaml                             | 14 ++++++++++++++
 argocd/ekman-cluster-admin-token.yaml          | 10 ++++++++++
 argocd/ekman.yaml                              |  6 +++---
 argocd/kustomize-helm-with-rewrite/generate.sh |  2 ++
 argocd/reset-ekman-cluster.sh                  | 10 ++++++++--
 5 files changed, 37 insertions(+), 5 deletions(-)
 create mode 100644 argocd/_ekman.yaml
 create mode 100644 argocd/ekman-cluster-admin-token.yaml

diff --git a/argocd/_ekman.yaml b/argocd/_ekman.yaml
new file mode 100644
index 00000000..5bcdb9bc
--- /dev/null
+++ b/argocd/_ekman.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+stringData:
+  config: '{"bearerToken":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjFja0VGbHBYYjMxVEZiWFBNYVNERldhZTlHUXFWdDM2cGpGZUhTVFB3QU0ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJjbHVzdGVyLWFkbWluLXRva2VuIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImNsdXN0ZXItYWRtaW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC51aWQiOiI0YjE2ZmQzYi1mNjJiLTQ2MzctOGIwNC0yMGNiNTBlNzhiMmYiLCJzdWIiOiJzeXN0ZW06c2VydmljZWFjY291bnQ6a3ViZS1zeXN0ZW06Y2x1c3Rlci1hZG1pbiJ9.sd3AP4HmHgjLXSmQMZC6lEeVX2y1_RdzCK34-TKtu2k_6NhGtGopc10ZdNXy68uigwVLVNFW1fREpj5z3mgpWyQPUzZrXN0ANp0C3oM8rt77cKRrmn_ZQuiMjH_0_t4tmjwIWla5rQ52Y7QC-zoCMfAkalofh1Jo0yu8QeWIXd3Q0hnfGiIKCwVrfWrZXopLbiuntKColFMQPkenz-pPo5DjcMAarmlXGy-TztGvN1X5NkVWy8DXrSUPLL_JZ5Ok5DZoGejilrssj45sXBeUyTM5pIYZi7gE5ngB2y1nod9UakkPKXeF_ZyFtvLMtvXOCi1YNgfYM9crtuECz8DoRA","tlsClientConfig":{"insecure":true}}'
+  name: ekman
+  server: https://10.255.241.99:4443
+kind: Secret
+metadata:
+  labels:
+    argocd.argoproj.io/secret-type: cluster
+  name: cluster-ekman
+  namespace: argocd
+type: Opaque
+
+
diff --git a/argocd/ekman-cluster-admin-token.yaml b/argocd/ekman-cluster-admin-token.yaml
new file mode 100644
index 00000000..34fae31b
--- /dev/null
+++ b/argocd/ekman-cluster-admin-token.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    kubernetes.io/service-account.name: cluster-admin
+  name: cluster-admin-token
+  namespace: kube-system
+type: kubernetes.io/service-account-token
+
+
diff --git a/argocd/ekman.yaml b/argocd/ekman.yaml
index 211a9584..b5d7eaf3 100644
--- a/argocd/ekman.yaml
+++ b/argocd/ekman.yaml
@@ -1,14 +1,14 @@
 apiVersion: v1
 stringData:
-  config: |
-    {"bearerToken":"","tlsClientConfig":{"insecure":true}}
+  config: '{"bearerToken":"@token@","tlsClientConfig":{"insecure":true}}'
   name: ekman
   server: https://10.255.241.99:4443
 kind: Secret
 metadata:
   labels:
     argocd.argoproj.io/secret-type: cluster
-  name: cluster-10.255.241.99-4046803085
+  name: cluster-ekman
   namespace: argocd
 type: Opaque
 
+
diff --git a/argocd/kustomize-helm-with-rewrite/generate.sh b/argocd/kustomize-helm-with-rewrite/generate.sh
index ac2fb4da..d0cf4ca4 100644
--- a/argocd/kustomize-helm-with-rewrite/generate.sh
+++ b/argocd/kustomize-helm-with-rewrite/generate.sh
@@ -23,6 +23,8 @@ fi
 [ -f values-$PARAM_ENV.yaml ] && VALUES="$VALUES -f values-$PARAM_ENV.yaml"
 VALUES="$VALUES -f parameters.yaml"
 
+helm dependency update $CHART >/tmp/$ARGOCD_APP_NAME-helm-dependency-build.out
+
 mkdir -p base
 echo "helm template -n $ARGOCD_APP_NAMESPACE $PARAM_FLAGS $VALUES $ARGOCD_APP_NAME $CHART" > /tmp/$ARGOCD_APP_NAME-helm.sh
 helm template -n $ARGOCD_APP_NAMESPACE $PARAM_FLAGS $VALUES $ARGOCD_APP_NAME $CHART > ./base/_manifest.yaml
diff --git a/argocd/reset-ekman-cluster.sh b/argocd/reset-ekman-cluster.sh
index 9d2ccfbc..c113b361 100644
--- a/argocd/reset-ekman-cluster.sh
+++ b/argocd/reset-ekman-cluster.sh
@@ -1,9 +1,15 @@
 #!/bin/sh
 
+echo "reset ekman cluster admin token... "
 kubectl --context ekman delete -f ekman-cluster-admin-token.yaml
+sleep 1
 kubectl --context ekman apply -f ekman-cluster-admin-token.yaml
 
 secret=$(kubectl --context ekman get secret -n kube-system | grep cluster-admin-token | cut -d' ' -f1)
 token=$(kubectl --context ekman get secret -n kube-system $secret -o yaml | grep ' token:' | cut -d' ' -f4 | base64 -d)
-sed -r "s/:\"ey[^\"]+/:\"$token/" ekman.yaml
-kubectl --context oceanbox apply -f ekman.yaml
+sed "s/@token@/$token/" ekman.yaml > _ekman.yaml
+echo "configure argocd ekman-cluster..."
+cat _ekman.yaml
+kubectl --context oceanbox apply -f _ekman.yaml
+echo "done."
+