Fix setup program

Verseghy · Jul 7, 2024 · e40caf4 · e40caf4
1 parent 447312c
commit e40caf4
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 14 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/iam-setup/Cargo.toml b/iam-setup/Cargo.toml
@@ -11,3 +11,4 @@ kube = "0.92.1"
 libiam = { version = "0.1.0", path = "../libiam" }
 rand = "0.8.5"
 tokio = { version = "1.38.0", features = ["rt", "macros"] }
+url = "2.5.2"
diff --git a/iam-setup/src/main.rs b/iam-setup/src/main.rs
@@ -14,15 +14,16 @@ use rand::{
     distributions::{Alphanumeric, DistString},
     rngs::OsRng,
 };
+use url::Url;
 
-async fn generate_mysql_password(client: Client) -> anyhow::Result<()> {
-    const SECRET_NAME: &str = "mysql";
-    const SECRET_KEY: &str = "MYSQL_ROOT_PASSWORD";
+const MYSQL_SECRET_NAME: &str = "mysql";
+const MYSQL_SECRET_KEY: &str = "MYSQL_ROOT_PASSWORD";
 
+async fn generate_mysql_password(client: Client) -> anyhow::Result<()> {
     let secrets: Api<Secret> = Api::default_namespaced(client);
 
     if secrets
-        .get_opt(SECRET_NAME)
+        .get_opt(MYSQL_SECRET_NAME)
         .await
         .context("Failed to query secret")?
         .is_some()
@@ -38,12 +39,12 @@ async fn generate_mysql_password(client: Client) -> anyhow::Result<()> {
             &PostParams::default(),
             &Secret {
                 metadata: ObjectMeta {
-                    name: Some(SECRET_NAME.to_owned()),
+                    name: Some(MYSQL_SECRET_NAME.to_owned()),
                     ..Default::default()
                 },
                 string_data: Some({
                     let mut map = BTreeMap::new();
-                    map.insert(SECRET_KEY.to_owned(), mysql_password);
+                    map.insert(MYSQL_SECRET_KEY.to_owned(), mysql_password);
                     map
                 }),
                 ..Default::default()
@@ -74,8 +75,29 @@ async fn create_admin_user(client: Client) -> anyhow::Result<()> {
     let iam_url = env::var("IAM_URL").context("IAM_URL is not set")?;
     let database_url = env::var("DATABASE_URL").context("DATABASE_URL is not set")?;
 
+    let database_password = {
+        let secrets = secrets
+            .get_opt(MYSQL_SECRET_NAME)
+            .await
+            .context("Failed to query secret")?
+            .context("No mysql secret")?
+            .string_data
+            .unwrap();
+
+        secrets
+            .get(MYSQL_SECRET_KEY)
+            .context("No mysql password")?
+            .to_owned()
+    };
+
+    let database_url = {
+        let mut url = Url::parse(&database_url).context("invalid url")?;
+        url.set_password(Some(&database_password)).unwrap();
+        url
+    };
+
     let iam = Iam::new(&iam_url);
-    let db = testing::Database::connect(&database_url).await;
+    let db = testing::Database::connect(database_url.as_str()).await;
 
     let admin_password = Alphanumeric.sample_string(&mut OsRng, 64);
     let user = User::register(&iam, "admin", ADMIN_EMAIL, &admin_password).await?;