-
Task
-
Resolution: Unresolved
-
Normal
-
None
-
None
-
Quality / Stability / Reliability
-
False
-
-
False
-
Not Selected
-
-
-
Moderate
-
None
Please consider adding the ability to create a new admin user during OCP cluster deployment. It is difficult to remember the kubeadmin auto-generated password and I always create a new user with a simple user and password on every cluster I use. Here is the script I use. The Jenkinsfile would need to be updated to include a text field for both the new username and password. If blank, no new user should be made as this field should be optional.
#Variables
API_URL=<url>
OCP_USER=kubeadmin
OCP_PASSWORD=<password>
NEW_USER_NAME=admin
NEW_USER_PASSWORD=admin
GROUP_NAME=admingroup
#Log into the cluster
oc --insecure-skip-tls-verify login -u ${OCP_USER} -p ${OCP_PASSWORD} -s ${API_URL}
#Create the htpasswd file
htpasswd -cBb htpasswd ${NEW_USER_NAME} ${NEW_USER_PASSWORD}
#Add htpasswd file to the cluster as a secret
oc create secret generic htpasswd --from-file=htpasswd -n openshift-config
#Add the htpasswd OAuth instance
oc replace -f - <<API
apiVersion: config.openshift.io/v1
kind: OAuth
metadata:
name: cluster
spec:
identityProviders:
- name: htpasswd
mappingMethod: claim
type: HTPasswd
htpasswd:
fileData:
name: htpasswd
API
#Add user to admin group
oc adm groups new ${GROUP_NAME}
oc adm groups add-users ${GROUP_NAME} ${NEW_USER_NAME}
oc adm policy add-cluster-role-to-group cluster-admin ${GROUP_NAME}
#Delete htpasswd file
rm htpasswd