kube/create-skia-corp-cert.sh - buildbot.git - Git at Google

 #/bin/bash

 # Creates the SSL cert used by k8s in skia-corp.

 set -e -x
 source ../kube/corp-config.sh
 source ../bash/ramdisk.sh


 SUBJ="
 C=US
 ST=New York
 O=
 localityName=New York City
 commonName=*
 organizationalUnitName=Skia
 emailAddress=skiabot@google.com
 "

 cd /tmp/ramdisk

 # Create the SSL cert. Details here:
 # https://kubernetes.io/docs/user-guide/ingress/#tls
 openssl genrsa -out tls.key 2048
 openssl req -new -subj "$(echo -n "$SUBJ" | tr "\n" "/")" -key tls.key -out tls.csr -passin pass:
 openssl x509 -req -days 365 -in tls.csr -signkey tls.key -out tls.crt

 # Create the k8s secret.
 cat > secret.yaml <<- EOM
 apiVersion: v1
 data:
   tls.crt: $(cat tls.crt | base64 -w 0)
   tls.key: $(cat tls.key | base64 -w 0)
 kind: Secret
 metadata:
   name: skia-corp-tls
   namespace: default
 type: kubernetes.io/tls
 EOM

 kubectl apply -f secret.yaml

 cd -
	#/bin/bash

	# Creates the SSL cert used by k8s in skia-corp.

	set -e -x
	source ../kube/corp-config.sh
	source ../bash/ramdisk.sh


	SUBJ="
	C=US
	ST=New York
	O=
	localityName=New York City
	commonName=*
	organizationalUnitName=Skia
	emailAddress=skiabot@google.com
	"

	cd /tmp/ramdisk

	# Create the SSL cert. Details here:
	# https://kubernetes.io/docs/user-guide/ingress/#tls
	openssl genrsa -out tls.key 2048
	openssl req -new -subj "$(echo -n "$SUBJ" \| tr "\n" "/")" -key tls.key -out tls.csr -passin pass:
	openssl x509 -req -days 365 -in tls.csr -signkey tls.key -out tls.crt

	# Create the k8s secret.
	cat > secret.yaml <<- EOM
	apiVersion: v1
	data:
	tls.crt: $(cat tls.crt \| base64 -w 0)
	tls.key: $(cat tls.key \| base64 -w 0)
	kind: Secret
	metadata:
	name: skia-corp-tls
	namespace: default
	type: kubernetes.io/tls
	EOM

	kubectl apply -f secret.yaml

	cd -