bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sso: retry mas secret lookup

Browse Source
This commit is contained in:
Brad Stein 2026-01-17 03:29:36 -03:00
parent acfab6a150
commit 268a1d9449
1 changed files with 22 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
services/keycloak/mas-secrets-ensure-job.yaml
View File

@ -10,7 +10,7 @@ imagePullSecrets:
apiVersion: batch/v1
kind: Job
metadata:
name: mas-secrets-ensure-20
name: mas-secrets-ensure-21
namespace: sso
spec:
backoffLimit: 0
@ -75,14 +75,31 @@ spec:
echo "Failed to fetch Keycloak admin token" >&2
exit 1
fi
CLIENT_ID="$(curl -sS -H "Authorization: Bearer ${ACCESS_TOKEN}" \
"$KC_URL/admin/realms/atlas/clients?clientId=othrys-mas" | jq -r '.[0].id' 2>/dev/null || true)"
CLIENT_ID=""
for attempt in 1 2 3 4 5; do
CLIENT_QUERY="$(curl -sS -H "Authorization: Bearer ${ACCESS_TOKEN}" \
"$KC_URL/admin/realms/atlas/clients?clientId=othrys-mas" || true)"
CLIENT_ID="$(echo "$CLIENT_QUERY" | jq -r '.[0].id' 2>/dev/null || true)"
if [ -n "$CLIENT_ID" ] && [ "$CLIENT_ID" != "null" ]; then
break
fi
echo "Keycloak client lookup failed (attempt ${attempt})" >&2
sleep $((attempt * 2))
done
if [ -z "$CLIENT_ID" ] || [ "$CLIENT_ID" = "null" ]; then
echo "Keycloak client othrys-mas not found" >&2
exit 1
fi
CLIENT_SECRET=""
for attempt in 1 2 3 4 5; do
CLIENT_SECRET="$(curl -sS -H "Authorization: Bearer ${ACCESS_TOKEN}" \
"$KC_URL/admin/realms/atlas/clients/${CLIENT_ID}/client-secret" | jq -r '.value' 2>/dev/null || true)"
if [ -n "$CLIENT_SECRET" ] && [ "$CLIENT_SECRET" != "null" ]; then
break
fi
echo "Keycloak client secret lookup failed (attempt ${attempt})" >&2
sleep $((attempt * 2))
done
if [ -z "$CLIENT_SECRET" ] || [ "$CLIENT_SECRET" = "null" ]; then
echo "Keycloak client secret not found" >&2
exit 1