generated from coulomb/repo-seed
fix(privacyidea): correct image to ghcr.io/gpappsoft, port 5001→8080
privacyidea/privacyidea:3.12 and privacyidea/otpserver:3.12.2 do not exist on Docker Hub. Correct image is ghcr.io/gpappsoft/privacyidea-docker:3.12.2 which listens on port 8080. Update all port references: deployment, service, ingress, netpol-mfa, netpol-sso (keycape→privacyIDEA egress rule). Also: creds-bootstrap-agent.sh — restart privacyIDEA deployment after applying new secrets so the pod picks up updated env vars. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -188,8 +188,17 @@ if [[ "$DRY_RUN" == false ]]; then
|
||||
fi
|
||||
done
|
||||
[[ "$ALL_OK" == true ]] || die "One or more required secrets are missing — check creds-apply output above"
|
||||
|
||||
# Restart privacyIDEA if the deployment exists, so it picks up the newly
|
||||
# generated secrets. Without this, a running pod would have stale env vars.
|
||||
if kubectl get deployment privacyidea -n mfa &>/dev/null 2>&1; then
|
||||
log "restarting privacyIDEA deployment to pick up new secrets..."
|
||||
kubectl rollout restart deployment/privacyidea -n mfa
|
||||
ok "privacyIDEA restart triggered"
|
||||
fi
|
||||
else
|
||||
echo " [dry-run] would verify K8s secrets"
|
||||
echo " [dry-run] would restart privacyIDEA if deployment exists"
|
||||
fi
|
||||
|
||||
# ── Phase 5: Post-apply bootstrap — wait for privacyIDEA ──────────────────────
|
||||
|
||||
Reference in New Issue
Block a user