From 1d7594501e560437bf7daca304c536cc06982e49 Mon Sep 17 00:00:00 2001
From: Maarten de Waard <maarten@greenhost.nl>
Date: Wed, 15 Dec 2021 16:43:11 +0100
Subject: [PATCH] (automatically) add URL-encoded version of smtp password to
 cluster secrets

---
 .../single-sign-on/single-sign-on-values-configmap.yaml     | 2 +-
 install/install-stackspin.sh                                | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/flux2/core/base/single-sign-on/single-sign-on-values-configmap.yaml b/flux2/core/base/single-sign-on/single-sign-on-values-configmap.yaml
index 35fadcef7..be6e45347 100644
--- a/flux2/core/base/single-sign-on/single-sign-on-values-configmap.yaml
+++ b/flux2/core/base/single-sign-on/single-sign-on-values-configmap.yaml
@@ -65,7 +65,7 @@ data:
               base_url: https://sso.${domain}/api/
           courier:
             smtp:
-              connection_uri: smtp://${outgoing_mail_smtp_user}:${outgoing_mail_smtp_password}@${outgoing_mail_smtp_host}:${outgoing_mail_smtp_port}/
+              connection_uri: smtp://${outgoing_mail_smtp_user}:${outgoing_mail_smtp_password_urlencoded}@${outgoing_mail_smtp_host}:${outgoing_mail_smtp_port}/
               from_address: ${outgoing_mail_from_address}
           secrets:
             session:
diff --git a/install/install-stackspin.sh b/install/install-stackspin.sh
index 4a075e540..d913734f3 100755
--- a/install/install-stackspin.sh
+++ b/install/install-stackspin.sh
@@ -5,6 +5,12 @@ set -euo pipefail
 # shellcheck source=install/flux-version-check.sh
 . "$(dirname "$0")/flux-version-check.sh"
 
+# Check if stackspin-cluster-variables secret exists
+smtp_password=$(kubectl get secret -n flux-system stackspin-cluster-variables --template '{{.data.outgoing_mail_smtp_password}}' | base64 -d)
+smtp_password_urlencoded=$(python -c "import urllib.parse; print(urllib.parse.quote('${smtp_password}', safe=''), end='')" | base64 -w0)
+# Add url-encoded version of password to the cluster
+kubectl patch secret -n flux-system stackspin-cluster-variables -p "{\"data\": {\"outgoing_mail_smtp_password_urlencoded\": \"${smtp_password_urlencoded}\"}}"
+
 flux install \
   --network-policy=false \
   --watch-all-namespaces=true \
-- 
GitLab