lerentis/bitwarden-crd-operator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 18 Wiki Activity

documentation and version alignement
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Tobias Trabelsi 2022-09-14 22:53:48 +02:00
parent a1287a1a6d
commit 74e429b0ca
Signed by: lerentis
GPG Key ID: FF0C2839718CAF2E
6 changed files with 77 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
README.md
View File

@ -1,7 +1,75 @@
# bitwarden-crd-operator # Bitwarden CRD Operator
[![Build Status](https://drone.uploadfilter24.eu/api/badges/lerentis/bitwarden-crd-operator/status.svg?ref=refs/heads/main)](https://drone.uploadfilter24.eu/lerentis/bitwarden-crd-operator) [![Build Status](https://drone.uploadfilter24.eu/api/badges/lerentis/bitwarden-crd-operator/status.svg?ref=refs/heads/main)](https://drone.uploadfilter24.eu/lerentis/bitwarden-crd-operator)
This project is still very work in progress :) Bitwarden CRD Operator is a kubernetes Operator based on [kopf](https://github.com/nolar/kopf/). The goal is to create kubernetes native secret objects from bitwarden.
I will add documentation when this is actually usefull at some point > DISCLAIMER:
> This project is still very work in progress :)
## Getting started
For now a few secrets need to be passed to helm. I will change this in the future to give the option to also use a kubernetes secret for this.
You will need a `ClientID` and `ClientSecret` ([where to get these](https://bitwarden.com/help/personal-api-key/)) as well as your password.
Expose these to the operator as described in this example:
```yaml
env:
- name: BW_HOST
value: "https://bitwarden.your.tld.org"
- name: BW_CLIENTID
value: "user.your-client-id"
- name: BW_CLIENTSECRET
value: "YoUrCliEntSecRet"
- name: BW_PASSWORD
value: "YourSuperSecurePassword"
```
`BW_HOST` can be omitted if you are using the Bitwarden SaaS offering.
After that it is a basic helm deployment:
```bash
kubectl create namespace bw-operator
helm upgrade --install --namespace bw-operator -f chart/bitwarden-crd-operator/values.yaml bw-operator chart/bitwarden-crd-operator
```
And you are set to create your first secret using this operator. For that you need to add a CRD Object like this to your cluster:
```yaml
---
apiVersion: "lerentis.uploadfilter24.eu/v1beta1"
kind: BitwardenSecret
metadata:
name: name-of-your-management-object
spec:
type: "UsernamePassword"
id: "A Secret ID from bitwarden"
name: "Name of the secret to be created"
namespace: "Namespace of the secret to be created"
```
The ID can be extracted from the browser when you open a item the ID is in the URL. The resulting secret looks something like this:
```yaml
apiVersion: v1
data:
password: "base64 encoded password"
username: "base64 encoded username"
kind: Secret
metadata:
annotations:
managed: bitwarden-secrets.lerentis.uploadfilter24.eu
managedObject: bw-operator/test
name: name-of-your-management-object
namespace: default
type: Opaque
```
## Short Term Roadmap
[] support more types
[] offer option to use a existing secret in helm chart
[] host chart on gh pages
[] maybe extend spec to offer modification of keys as well

1
chart/bitwarden-crd-operator/.helmignore
View File

@ -21,3 +21,4 @@
.idea/ .idea/
*.tmproj *.tmproj
.vscode/ .vscode/
myvalues.yaml

19
chart/bitwarden-crd-operator/Chart.yaml
View File

@ -1,24 +1,9 @@
apiVersion: v2 apiVersion: v2
name: bitwarden-crd-operator name: bitwarden-crd-operator
description: A Helm chart for Kubernetes description: Deploy the Bitwarden CRD Operator
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0 version: 0.1.0
# This is the version number of the application being deployed. This version number should be appVersion: "0.1.0"
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"

2
chart/bitwarden-crd-operator/crds/bitwarden-secrets.yaml
View File

@ -12,7 +12,7 @@ spec:
shortNames: shortNames:
- bws - bws
versions: versions:
- name: v1 - name: v1beta1
served: true served: true
storage: true storage: true
schema: schema:

2
chart/bitwarden-crd-operator/values.yaml
View File

@ -8,7 +8,7 @@ image:
repository: lerentis/bitwarden-crd-operator repository: lerentis/bitwarden-crd-operator
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion. # Overrides the image tag whose default is the chart appVersion.
tag: "dev-5" tag: "a1287a1a6d436d18e5a4a44745e6a990835e60b0"
imagePullSecrets: [] imagePullSecrets: []
nameOverride: "" nameOverride: ""

2
test.yaml → example.yaml
View File

@ -1,5 +1,5 @@
--- ---
apiVersion: "lerentis.uploadfilter24.eu/v1" apiVersion: "lerentis.uploadfilter24.eu/v1beta1"
kind: BitwardenSecret kind: BitwardenSecret
metadata: metadata:
name: test name: test