fix(kanidm): fix automatic_refresh toml generation in init container
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/kubeconform Pipeline was successful

The \n escape in a shell variable wasn't interpreted as a newline when
passed as a printf %s argument, causing automatic_refresh to be appended
to the partner_cert string on the same line, breaking TOML parsing.
Use separate printf calls per peer type instead.
This commit is contained in:
2026-05-31 00:23:18 +10:00
parent 60f1f3130b
commit 949b7d908c
+7 -4
View File
@@ -53,10 +53,13 @@ spec:
cert_file="/repl-certs/${peer}"
[ -s "${cert_file}" ] || continue
fqdn="${peer}.kanidm-headless.kanidm.svc.cluster.local"
refresh=""
[ "${peer}" = "kanidm-0" ] && refresh="\nautomatic_refresh = true"
printf '\n[replication."repl://%s:8444"]\ntype = "mutual-pull"\npartner_cert = "%s"%s\n' \
"${fqdn}" "$(cat ${cert_file})" "${refresh}" >> /config/server.toml
if [ "${peer}" = "kanidm-0" ]; then
printf '\n[replication."repl://%s:8444"]\ntype = "mutual-pull"\npartner_cert = "%s"\nautomatic_refresh = true\n' \
"${fqdn}" "$(cat ${cert_file})" >> /config/server.toml
else
printf '\n[replication."repl://%s:8444"]\ntype = "mutual-pull"\npartner_cert = "%s"\n' \
"${fqdn}" "$(cat ${cert_file})" >> /config/server.toml
fi
done
env:
- name: POD_NAME