34 lines
1.2 KiB
Bash
Executable File
34 lines
1.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
SOURCE_HOST="${SOURCE_HOST:-mevnode_bot}"
|
|
SOURCE_NAMESPACE="${SOURCE_NAMESPACE:-trade-staging}"
|
|
TARGET_HOST="${TARGET_HOST:-mevnode}"
|
|
TARGET_NAMESPACE="${TARGET_NAMESPACE:-trade-r001-canary}"
|
|
|
|
SECRETS=(
|
|
trade-postgres
|
|
trade-hasura
|
|
trade-api
|
|
trade-frontend-tokens
|
|
trade-basic-auth
|
|
)
|
|
|
|
ssh_source() {
|
|
ssh -o StrictHostKeyChecking=no "$SOURCE_HOST" "$@"
|
|
}
|
|
|
|
ssh_target() {
|
|
ssh -o StrictHostKeyChecking=no "$TARGET_HOST" "$@"
|
|
}
|
|
|
|
ssh_target "sudo k3s kubectl get ns ${TARGET_NAMESPACE} >/dev/null 2>&1 || sudo k3s kubectl create ns ${TARGET_NAMESPACE} >/dev/null"
|
|
|
|
for secret_name in "${SECRETS[@]}"; do
|
|
SECRET_JSON="$(ssh_source "sudo k3s kubectl -n ${SOURCE_NAMESPACE} get secret ${secret_name} -o json")"
|
|
printf '%s' "$SECRET_JSON" \
|
|
| jq --arg ns "$TARGET_NAMESPACE" 'del(.metadata.uid,.metadata.resourceVersion,.metadata.creationTimestamp,.metadata.managedFields,.metadata.ownerReferences,.metadata.selfLink,.metadata.annotations["kubectl.kubernetes.io/last-applied-configuration"]) | .metadata.namespace = $ns' \
|
|
| ssh_target "sudo k3s kubectl apply -f - >/dev/null"
|
|
echo "Synced ${secret_name} to ${TARGET_NAMESPACE}"
|
|
done
|