diff --git a/scripts/hacks b/scripts/hacks index f832ef26..c51e5a38 100755 --- a/scripts/hacks +++ b/scripts/hacks @@ -31,9 +31,14 @@ gitea_url = f"http://{gitea_user}:{urllib.parse.quote_plus(gitea_pass)}@{gitea_h kanidm_host = client.NetworkingV1Api().read_namespaced_ingress('kanidm', 'kanidm').spec.rules[0].host -def create_secret(name: str, namespace: str, data: dict) -> None: +def apply_secret(name: str, namespace: str, data: dict) -> None: try: client.CoreV1Api().read_namespaced_secret(name, namespace) + patch_body = client.V1Secret( + metadata=client.V1ObjectMeta(name=name), + data=data, + ) + client.CoreV1Api().replace_namespaced_secret(name, namespace, patch_body) except client.exceptions.ApiException: # Secret doesn't exist, create a new one new_secret = client.V1Secret( @@ -60,7 +65,7 @@ def setup_gitea_access_token(name: str, scopes: list[str]) -> None: ) if resp.status_code == 201: - create_secret( + apply_secret( f"gitea.{name}", "global-secrets", { @@ -92,7 +97,7 @@ def setup_gitea_oauth_app(name: str, redirect_uri: str) -> None: ) if resp.status_code == 201: - create_secret( + apply_secret( f"gitea.{name}", "global-secrets", { @@ -190,7 +195,7 @@ def setup_kanidm_oauth_app(name: str, redirect_uri: str) -> None: check=True, ).stdout.decode("utf-8"))['secret'] - create_secret( + apply_secret( f"kanidm.{name}", "global-secrets", {