philipp/doran
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: persist a durable kubeconfig after bootstrap

Browse source
This commit is contained in:
Philipp 2026-03-28 23:14:57 +01:00
parent 28abf6b06c
commit e048079fa6
1 changed files with 26 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
scripts/hetzner/bootstrap.sh
View file

@ -385,6 +385,32 @@ else
done done
fi fi
DURABLE_K3S_API_URL="$K3S_API_URL"
DURABLE_INSECURE_SKIP_TLS_VERIFY=0
if [[ "$USE_SSH_TUNNEL_FOR_K3S" == "1" ]]; then
if [[ -n "${TAILSCALE_CONTROL_PLANE_HOSTNAME:-}" ]]; then
DURABLE_K3S_API_URL="https://${TAILSCALE_CONTROL_PLANE_HOSTNAME}:6443"
elif [[ "$TF_ADMIN_CIDR_BLOCKS" != '[]' ]]; then
DURABLE_K3S_API_URL="https://${SERVER_IP}:6443"
DURABLE_INSECURE_SKIP_TLS_VERIFY=1
fi
fi
python3 - "$KUBECONFIG_PATH" "$DURABLE_K3S_API_URL" "$DURABLE_INSECURE_SKIP_TLS_VERIFY" <<'PY'
import sys
import yaml
path, server, insecure = sys.argv[1], sys.argv[2], sys.argv[3] == '1'
config = yaml.safe_load(open(path))
cluster = config['clusters'][0]['cluster']
cluster['server'] = server
if insecure:
cluster.pop('certificate-authority-data', None)
cluster['insecure-skip-tls-verify'] = True
else:
cluster.pop('insecure-skip-tls-verify', None)
yaml.safe_dump(config, open(path, 'w'), sort_keys=False)
PY
K3S_API_URL="$DURABLE_K3S_API_URL"
echo "bootstrap complete" echo "bootstrap complete"
echo "project_name=$PROJECT_NAME" echo "project_name=$PROJECT_NAME"
echo "project_namespace=$PROJECT_NAMESPACE" echo "project_namespace=$PROJECT_NAMESPACE"