Last active
November 4, 2025 16:04
-
-
Save superseb/cad9b87c844f166b9c9bf97f5dea1609 to your computer and use it in GitHub Desktop.
Revisions
-
superseb revised this gist
Jul 4, 2022 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -23,7 +23,7 @@ CLUSTERID=`curl -s -u $ADMINBEARERTOKEN $RANCHERENDPOINT/clusters?name=$CLUSTERN curl -s -u $ADMINBEARERTOKEN $RANCHERENDPOINT/clusterroletemplatebinding -H 'content-type: application/json' --data-binary '{"type":"clusterRoleTemplateBinding","clusterId":"'$CLUSTERID'","userPrincipalId":"local://'$USERID'","roleTemplateId":"'$CLUSTERROLE'"}' --insecure # Login as user and get usertoken LOGINRESPONSE=`curl -s $RANCHERENDPOINT/v3-public/localProviders/local?action=login -H 'content-type: application/json' --data-binary '{"username":"'$USERNAME'","password":"'$PASSWORD'"}' --insecure` USERTOKEN=`echo $LOGINRESPONSE | jq -r .token` # Generate and save kubeconfig -
Jun 15, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,33 @@ #!/bin/bash RANCHERENDPOINT=https://your_rancher_endpoint/v3 # The name of the cluster where the user needs to be added CLUSTERNAME=your_cluster_name # Username, password and realname of the user USERNAME=username PASSWORD=password REALNAME=myrealname # Role of the user GLOBALROLE=user CLUSTERROLE=cluster-member # Admin bearer token to create user ADMINBEARERTOKEN=token-xxxxx:x # Create user and assign role USERID=`curl -s -u $ADMINBEARERTOKEN $RANCHERENDPOINT/user -H 'content-type: application/json' --data-binary '{"me":false,"mustChangePassword":false,"type":"user","username":"'$USERNAME'","password":"'$PASSWORD'","name":"'$REALNAME'"}' --insecure | jq -r .id` curl -s -u $ADMINBEARERTOKEN $RANCHERENDPOINT/globalrolebinding -H 'content-type: application/json' --data-binary '{"type":"globalRoleBinding","globalRoleId":"'$GLOBALROLE'","userId":"'$USERID'"}' --insecure # Get clusterid from name CLUSTERID=`curl -s -u $ADMINBEARERTOKEN $RANCHERENDPOINT/clusters?name=$CLUSTERNAME --insecure | jq -r .data[].id` # Add user as member to cluster curl -s -u $ADMINBEARERTOKEN $RANCHERENDPOINT/clusterroletemplatebinding -H 'content-type: application/json' --data-binary '{"type":"clusterRoleTemplateBinding","clusterId":"'$CLUSTERID'","userPrincipalId":"local://'$USERID'","roleTemplateId":"'$CLUSTERROLE'"}' --insecure # Login as user and get usertoken LOGINRESPONSE=`curl -s $RANCHERENDPOINT-public/localProviders/local?action=login -H 'content-type: application/json' --data-binary '{"username":"'$USERNAME'","password":"'$PASSWORD'"}' --insecure` USERTOKEN=`echo $LOGINRESPONSE | jq -r .token` # Generate and save kubeconfig curl -s -u $USERTOKEN $RANCHERENDPOINT/clusters/$CLUSTERID?action=generateKubeconfig -X POST -H 'content-type: application/json' --insecure | jq -r .config > kubeconfig # Set mustChangePassword to true for user to change password upon login curl -s -u $ADMINBEARERTOKEN $RANCHERENDPOINT/users/$USERID -X PUT -H 'content-type: application/json' --data-binary '{"mustChangePassword":true}' --insecure