startup and programatically creating secret with annotations

Dockerfile

@@ -23,7 +23,6 @@ RUN set -eux; \
     apt-get clean;
 
 COPY --chown=bw-operator:bw-operator bitwarden-crd-operator.py /home/bw-operator/bitwarden-crd-operator.py
-COPY --chown=bw-operator:bw-operator templates /home/bw-operator/templates
 
 USER bw-operator
 

bitwarden-crd-operator.py

@@ -2,8 +2,17 @@
 import kopf
 import kubernetes
 import base64
-from jinja2 import Template
+import os
 
+def get_secret_from_bitwarden(type, id):
+    pass
+
+@kopf.on.startup()
+def bitwarden_signin(logger, **kwargs):
+    if 'BW_HOST' in os.environ:
+        output = os.popen(f"bw config server {os.getenv('BW_HOST')}")
+    else:
+        logger.info(f"BW_HOST not set. Assuming SaaS installation")
 
 @kopf.on.create('bitwarden-secrets.lerentis.uploadfilter24.eu')
 def create_fn(spec, name, namespace, logger, **kwargs):
@@ -15,37 +24,23 @@ def create_fn(spec, name, namespace, logger, **kwargs):
 
     api = kubernetes.client.CoreV1Api()
 
-    # TODO: this should better be a os lookup
+    annotations = {
-    #with open('/home/bw-operator/templates/username-password.yaml.j2') as file_:
+        "managed": "bitwarden-secrets.lerentis.uploadfilter24.eu",
-    #    template = Template(file_.read())
+        "managedObject": name
-
-    #data = template.render(
-    #    original_crd=name,
-    #    secret_name=secret_name,
-    #    namespace=secret_namespace,
-    #    username=str(base64.b64encode("test".encode("utf-8")), "utf-8"),
-    #    password=str(base64.b64encode("test".encode("utf-8")), "utf-8")
-    #)
-
-    metadata = {
-        'name': secret_name,
-        'namespace': secret_namespace
     }
-    data = {
+    secret = kubernetes.client.V1Secret()
+    secret.metadata = kubernetes.client.V1ObjectMeta(name=secret_name, annotations=annotations)
+    secret.type = "Opaque"
+    secret.data = {
             'username': str(base64.b64encode("test".encode("utf-8")), "utf-8"),
             'password': str(base64.b64encode("test".encode("utf-8")), "utf-8")
         }
-    api_version = 'v1'
-    kind = 'Secret'
-    body = kubernetes.client.V1Secret(api_version, data , kind, metadata, 
-    type='Opaque')
 
     obj = api.create_namespaced_secret(
-        namespace=secret_namespace,
+        secret_namespace, secret
-        body=body
     )
 
-    logger.info(f"Secret {name} is created: {obj}")
+    logger.info(f"Secret {secret_namespace}/{secret_name} is created")
 
 
 @kopf.on.update('bitwarden-secrets.lerentis.uploadfilter24.eu')
@@ -53,5 +48,5 @@ def my_handler(spec, old, new, diff, **_):
     pass
 
 @kopf.on.delete('bitwarden-secrets.lerentis.uploadfilter24.eu')
-def my_handler(spec, **_):
+def my_handler(spec, name, namespace, logger, **kwargs):
     pass

chart/bitwarden-crd-operator/values.yaml

@@ -8,14 +8,14 @@ image:
   repository: lerentis/bitwarden-crd-operator
   pullPolicy: IfNotPresent
   # Overrides the image tag whose default is the chart appVersion.
-  tag: "600de4334491e51e1412f80231d3fcf0db765214"
+  tag: "dev-5"
 
 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
 
 #env:
-#  - name: BITWARDEN_OPERATOR_HOST
+#  - name: BW_HOST
 #    value: "define_it"
 #  - name: BW_CLIENTID
 #    value: "define_it"

templates/username-password.yaml.j2

@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-  annotations:
-    managed: "bitwarden-secrets.lerentis.uploadfilter24.eu"
-    crd: "{{ original_crd }}"
-  name: "{{ secret_name }}"
-  namespace: "{{ namespace }}"
-type: Opaque
-data:
-  username: "{{ username }}"
-  password: "{{ password }}"