trying to create secret from jinja template

2022-09-10 14:55:53 +02:00 · 2022-09-10 14:55:53 +02:00 · 53d2789128
commit 53d2789128
parent b020ebf7d6
6 changed files with 60 additions and 13 deletions
--- a/3
+++ b/3
@ -23,11 +23,12 @@ RUN set -eux; \
    apt-get clean;

 COPY --chown=bw-operator:bw-operator bitwarden-crd-operator.py /home/bw-operator/bitwarden-crd-operator.py
+COPY --chown=bw-operator:bw-operator templates /home/bw-operator/templates

 USER bw-operator

 RUN set -eux; \
    pip install -r requirements.txt

-ENTRYPOINT [ "/home/bw-operator/.local/bin/kopf", "run", "--liveness=http://0.0.0.0:8080/healthz" ]
+ENTRYPOINT [ "/home/bw-operator/.local/bin/kopf", "run", "--all-namespaces", "--liveness=http://0.0.0.0:8080/healthz" ]
 CMD [ "/home/bw-operator/bitwarden-crd-operator.py" ]
--- a/bitwarden-crd-operator.py
+++ b/bitwarden-crd-operator.py
@ -1,17 +1,43 @@
 #!/usr/bin/env python3
+import os
 import kopf
+import kubernetes
+from jinja2 import Environment, FileSystemLoader
+

@kopf.on.create('bitwarden-secrets.lerentis.uploadfilter24.eu')
-def create_fn(body, **kwargs):
+def create_fn(spec, name, namespace, logger, **kwargs):

-    # The all-purpose function for the event creation.
-    kopf.event(body, type="SomeType", reason="SomeReason", message="Some message")
+    type = spec.get('type')
+    id = spec.get('id')
+    secret_name = spec.get('name')
+    secret_namespace = spec.get('namespace')

-    # The shortcuts for the conventional events and common cases.
-    kopf.info(body, reason="SomeReason", message="Some message")
-    kopf.warn(body, reason="SomeReason", message="Some message")
+    api = kubernetes.client.CoreV1Api()

-    try:
-        raise RuntimeError("Exception text.")
-    except Exception:
-        kopf.exception(body, reason="SomeReason", message="Some exception:")
+    environment = Environment(loader=FileSystemLoader(os.path.join(os.path.dirname(__file__), '/templates')))
+
+    template = environment.get_template('username-password.yaml.j2')
+    data = template.render(
+        original_crd=name,
+        secret_name=secret_name,
+        namespace=secret_namespace,
+        username="test",
+        password="test"
+    )
+
+    obj = api.create_namespaced_secret(
+        namespace=secret_namespace,
+        body=data
+    )
+
+    logger.info(f"Secret {name} is created: {obj}")
+
+
+@kopf.on.update('bitwarden-secrets.lerentis.uploadfilter24.eu')
+def my_handler(spec, old, new, diff, **_):
+    pass
+
+@kopf.on.delete('bitwarden-secrets.lerentis.uploadfilter24.eu')
+def my_handler(spec, **_):
+    pass
--- a/chart/bitwarden-crd-operator/crds/bitwarden-secrets.yaml
+++ b/chart/bitwarden-crd-operator/crds/bitwarden-secrets.yaml
@ -26,4 +26,8 @@ spec:
                  type: string
                id:
                  type: string
+                namespace:
+                  type: string
+                name:
+                  type: string

--- a/requirements.txt
+++ b/requirements.txt
@ -1 +1,3 @@
-kopf
+kopf
+kubernetes
+jinja2
--- a/templates/username-password.yaml.j2
+++ b/templates/username-password.yaml.j2
@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  annotations:
+    managed: "bitwarden-secrets.lerentis.uploadfilter24.eu"
+    crd: "{{ original_crd }}"
+  name: "{{ secret_name }}"
+  namespace: "{{ namespace }}"
+type: Opaque
+data:
+  username: "{{ username | base64 }}"
+  password: "{{ password | base64 }}"
--- a/test.yaml
+++ b/test.yaml
@ -5,4 +5,6 @@ metadata:
  name: test
 spec:
  type: "password"
-  id: "123456"
+  id: "123456"
+  name: "test-secret"
+  namespace: "default"