| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183 |
- # Generate Kubernetes Secret and ConfigMap Templates for All Services
- # 为所有微服务生成 Kubernetes Secret 和 ConfigMap 模板
- param(
- [string]$OutputDir = "d:\coding-area\devops\helm\kubernetes-secrets",
- [string]$Namespace = "production"
- )
- # Service list
- $services = @(
- 'shop-recycle-account',
- 'shop-recycle-agent-pc-web',
- 'shop-recycle-async-web',
- 'shop-recycle-customer-wechat-web',
- 'shop-recycle-data-statistics',
- 'shop-recycle-dealdata-service',
- 'shop-recycle-dispatcher',
- 'shop-recycle-erp-pc-web',
- 'shop-recycle-gateway',
- 'shop-recycle-gateway-out',
- 'shop-recycle-gateway-out-upgrade',
- 'shop-recycle-import-web',
- 'shop-recycle-login-center',
- 'shop-recycle-marketer-pc-web',
- 'shop-recycle-merchant',
- 'shop-recycle-merchant-pc-web',
- 'shop-recycle-merchant-wechat-web',
- 'shop-recycle-msg',
- 'shop-recycle-order-center',
- 'shop-recycle-order-search',
- 'shop-recycle-oss-web',
- 'shop-recycle-out-web',
- 'shop-recycle-payment',
- 'shop-recycle-payment-web',
- 'shop-recycle-pis',
- 'shop-recycle-platform',
- 'shop-recycle-platform-pc-web',
- 'shop-recycle-sche',
- 'shop-recycle-store',
- 'shop-recycle-store-pc-web',
- 'shop-recycle-store-wechat-web',
- 'shop-recycle-wechat',
- 'shop-recycle-wechat-web',
- 'shop-recycle-ws-web'
- )
- $basePath = "d:\coding-area\devops\helm\conf"
- # Create output directories
- $secretsDir = "$OutputDir\secrets"
- $configmapsDir = "$OutputDir\configmaps"
- if (-not (Test-Path $secretsDir)) {
- New-Item -ItemType Directory -Path $secretsDir -Force | Out-Null
- }
- if (-not (Test-Path $configmapsDir)) {
- New-Item -ItemType Directory -Path $configmapsDir -Force | Out-Null
- }
- Write-Host "Generating Kubernetes Secret and ConfigMap templates..." -ForegroundColor Cyan
- Write-Host "Output Directory: $OutputDir" -ForegroundColor Yellow
- Write-Host ""
- foreach ($service in $services) {
- $ymlPath = "$basePath\$service\conf\application.yml"
-
- if (Test-Path $ymlPath) {
- $content = Get-Content $ymlPath -Raw
- $lines = $content -split "`n"
-
- $secretData = @()
- $configData = @()
-
- foreach ($line in $lines) {
- if ($line.Trim() -eq '' -or $line.TrimStart().StartsWith('#')) {
- continue
- }
-
- $lower = $line.ToLower()
-
- # Determine if this is sensitive data
- $isSensitive = $false
- if ($lower -match 'password|secret|key|token|username|user|credential|auth|api-key|app-id|app-secret') {
- $isSensitive = $true
- }
-
- # Skip password/secret values that are null or empty
- if ($lower -match ':\s*null|:\s*""\s*$|:\s*$') {
- continue
- }
-
- $fieldName = ($line -split ':')[0].Trim()
- $fieldValue = ($line -split ':', 2)[1].Trim() -replace '"', '' -replace "'", ""
-
- if ($isSensitive) {
- if ($fieldValue -and $fieldValue -ne 'null') {
- $secretData += " $fieldName" + ": `"" + '${' + $fieldName.ToUpper().Replace('.', '_').Replace('-', '_') + "}`""
- }
- } else {
- if ($fieldValue -and $fieldValue -ne 'null') {
- $configData += " $fieldName" + ": `"$fieldValue`""
- }
- }
- }
-
- # Generate Secret YAML
- $secretYaml = @"
- apiVersion: v1
- kind: Secret
- metadata:
- name: $service-secret
- namespace: $Namespace
- type: Opaque
- stringData:
- "@
-
- if ($secretData.Count -gt 0) {
- $secretYaml += "`n" + ($secretData -join "`n")
- } else {
- $secretYaml += "`n # No sensitive data found or all values are empty"
- }
-
- # Generate ConfigMap YAML
- $configYaml = @"
- apiVersion: v1
- kind: ConfigMap
- metadata:
- name: $service-configmap
- namespace: $Namespace
- data:
- "@
-
- if ($configData.Count -gt 0) {
- $configYaml += "`n" + ($configData -join "`n")
- } else {
- $configYaml += "`n # No non-sensitive configuration data found"
- }
-
- # Write files
- $secretFile = "$secretsDir\$service-secret.yaml"
- $configFile = "$configmapsDir\$service-configmap.yaml"
-
- $secretYaml | Out-File -FilePath $secretFile -Encoding UTF8
- $configYaml | Out-File -FilePath $configFile -Encoding UTF8
-
- Write-Host "Generated: $service" -ForegroundColor Green
- Write-Host " Secret: $($secretData.Count) fields -> $secretFile"
- Write-Host " ConfigMap: $($configData.Count) fields -> $configFile"
- Write-Host ""
- }
- }
- # Create apply script
- $applyScript = @"
- #!/bin/bash
- # Apply all Secrets and ConfigMaps to Kubernetes
- echo "Applying Secrets..."
- kubectl apply -f $secretsDir -n $Namespace
- echo "Applying ConfigMaps..."
- kubectl apply -f $configmapsDir -n $Namespace
- echo "Verification:"
- kubectl get secrets -n $Namespace | grep -E 'shop-recycle.*-secret'
- kubectl get configmaps -n $Namespace | grep -E 'shop-recycle.*-configmap'
- echo "Done!"
- "@
- $applyScript | Out-File -FilePath "$OutputDir\apply-secrets.sh" -Encoding UTF8
- Write-Host "========== SUMMARY ==========" -ForegroundColor Cyan
- Write-Host "Total services processed: $($services.Count)"
- Write-Host "Secrets directory: $secretsDir"
- Write-Host "ConfigMaps directory: $configmapsDir"
- Write-Host "Apply script: $OutputDir\apply-secrets.sh"
- Write-Host ""
- Write-Host "Next steps:" -ForegroundColor Yellow
- Write-Host "1. Review all generated YAML files"
- Write-Host "2. Replace placeholder values with actual credentials"
- Write-Host "3. Run: bash $OutputDir\apply-secrets.sh"
- Write-Host ""
|
