From 2d399ff8ce494a5a93d5c8758a1a33a4b86610a4 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Thu, 11 May 2023 10:22:15 +0200 Subject: [PATCH 1/6] use npm package on arm --- Dockerfile | 35 ++++++++++++++++++++++------------- 1 file changed, 22 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index 94396a6..4197dfd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,3 @@ -FROM alpine:latest as builder - -ARG BW_VERSION=2023.1.0 - -RUN apk add wget unzip - -RUN cd /tmp && wget https://github.com/bitwarden/clients/releases/download/cli-v${BW_VERSION}/bw-linux-${BW_VERSION}.zip && \ - unzip /tmp/bw-linux-${BW_VERSION}.zip - FROM alpine:3.17.3 LABEL org.opencontainers.image.source=https://github.com/Lerentis/bitwarden-crd-operator @@ -17,18 +8,36 @@ ARG PYTHON_VERSION=3.10.11-r0 ARG PIP_VERSION=22.3.1-r1 ARG GCOMPAT_VERSION=1.1.0-r0 ARG LIBCRYPTO_VERSION=3.0.8-r4 +ARG BW_VERSION=2023.1.0 -COPY --from=builder /tmp/bw /usr/local/bin/bw -COPY requirements.txt requirements.txt +COPY requirements.txt /requirements.txt RUN set -eux; \ + apk add --virtual build-dependencies wget unzip; \ + ARCH="$(apk --print-arch)"; \ + case "${ARCH}" in \ + aarch64|arm64) \ + apk add npm; \ + npm install -g @bitwarden/cli@${BW_VERSION}; \ + ;; \ + amd64|x86_64) \ + cd /tmp; \ + wget https://github.com/bitwarden/clients/releases/download/cli-v${BW_VERSION}/bw-linux-${BW_VERSION}.zip; \ + unzip /tmp/bw-linux-${BW_VERSION}.zip; \ + ;; \ + *) \ + echo "Unsupported arch: ${ARCH}"; \ + exit 1; \ + ;; \ + esac; \ + apk del --purge build-dependencies; \ addgroup -S -g 1000 bw-operator; \ adduser -S -D -u 1000 -G bw-operator bw-operator; \ mkdir -p /home/bw-operator; \ chown -R bw-operator /home/bw-operator; \ - chmod +x /usr/local/bin/bw; \ apk add gcc musl-dev libstdc++ gcompat=${GCOMPAT_VERSION} python3=${PYTHON_VERSION} py3-pip=${PIP_VERSION} libcrypto3=${LIBCRYPTO_VERSION} libssl3=${LIBCRYPTO_VERSION}; \ - pip install -r requirements.txt --no-warn-script-location; \ + pip install -r /requirements.txt --no-warn-script-location; \ + rm /requirements.txt; \ apk del --purge gcc musl-dev libstdc++; COPY --chown=bw-operator:bw-operator src /home/bw-operator From d908419b78228ac1d54d29a99782617bf5385ba6 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Thu, 11 May 2023 10:27:43 +0200 Subject: [PATCH 2/6] build test image in ci --- .github/workflows/test-and-lint.yml | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test-and-lint.yml b/.github/workflows/test-and-lint.yml index 835147d..19281ed 100644 --- a/.github/workflows/test-and-lint.yml +++ b/.github/workflows/test-and-lint.yml @@ -1,4 +1,4 @@ -name: Lint and Test Charts +name: Lint and Test on: pull_request @@ -43,3 +43,20 @@ jobs: - name: Run chart-testing (install) if: steps.list-changed.outputs.changed == 'true' run: ct install --target-branch ${{ github.event.repository.default_branch }} + pr-build: + runs-on: ubuntu-latest + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: "GHCR Build" + id: docker_build + uses: docker/build-push-action@v4 + with: + push: false + platforms: linux/amd64,linux/arm64 + tags: ghcr.io/lerentis/bitwarden-crd-operator:dev + From 36ae5cc6028a6f5921871b3285dcc81332cde907 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Thu, 11 May 2023 10:35:30 +0200 Subject: [PATCH 3/6] prepare release --- charts/bitwarden-crd-operator/Chart.yaml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/charts/bitwarden-crd-operator/Chart.yaml b/charts/bitwarden-crd-operator/Chart.yaml index e848e47..ca0f4c8 100644 --- a/charts/bitwarden-crd-operator/Chart.yaml +++ b/charts/bitwarden-crd-operator/Chart.yaml @@ -4,9 +4,9 @@ description: Deploy the Bitwarden CRD Operator type: application -version: "v0.7.1" +version: "v0.7.2" -appVersion: "0.6.1" +appVersion: "0.6.2" keywords: - operator @@ -93,12 +93,10 @@ annotations: enabled: true artifacthub.io/license: MIT artifacthub.io/operator: "true" - artifacthub.io/containsSecurityUpdates: "true" + artifacthub.io/containsSecurityUpdates: "false" artifacthub.io/changes: | - kind: fixed - description: "Fixed fields lookup" - - kind: fixed - description: "Fixed CVE-2023-1255 in base image" + description: "Fallback to npm package on ARM as native bitwarden cli package is not compatible with ARM" artifacthub.io/images: | - name: bitwarden-crd-operator - image: ghcr.io/lerentis/bitwarden-crd-operator:0.6.1 + image: ghcr.io/lerentis/bitwarden-crd-operator:0.6.2 From 8c3714f7e01371aad4cde42d457642dd631e81f2 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Thu, 11 May 2023 10:37:44 +0200 Subject: [PATCH 4/6] fix trailing spaces --- charts/bitwarden-crd-operator/Chart.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/bitwarden-crd-operator/Chart.yaml b/charts/bitwarden-crd-operator/Chart.yaml index ca0f4c8..74e7d1a 100644 --- a/charts/bitwarden-crd-operator/Chart.yaml +++ b/charts/bitwarden-crd-operator/Chart.yaml @@ -20,7 +20,7 @@ home: https://lerentis.github.io/bitwarden-crd-operator/ sources: - https://github.com/Lerentis/bitwarden-crd-operator -kubeVersion: '>= 1.23.0-0' +kubeVersion: ">= 1.23.0-0" maintainers: - name: lerentis @@ -55,10 +55,10 @@ annotations: content: - element: secretName: username - secretRef: nameofUser + secretRef: nameofUser - element: secretName: password - secretRef: passwordOfUser + secretRef: passwordOfUser id: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee" name: "test-secret" namespace: "default" @@ -90,9 +90,9 @@ annotations: apps: "some.app.identifier:some_version": pubkey: {{ bitwarden_lookup("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "fields", "public_key") }} - enabled: true + enabled: true artifacthub.io/license: MIT - artifacthub.io/operator: "true" + artifacthub.io/operator: "true" artifacthub.io/containsSecurityUpdates: "false" artifacthub.io/changes: | - kind: fixed From 9d4ade904ec7b6d66ae379fa8715fa86f7b4716e Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Thu, 11 May 2023 10:40:19 +0200 Subject: [PATCH 5/6] fixed comment space... --- charts/bitwarden-crd-operator/values.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/bitwarden-crd-operator/values.yaml b/charts/bitwarden-crd-operator/values.yaml index b153a88..5a3aa6e 100644 --- a/charts/bitwarden-crd-operator/values.yaml +++ b/charts/bitwarden-crd-operator/values.yaml @@ -14,15 +14,15 @@ imagePullSecrets: [] nameOverride: "" fullnameOverride: "" -#env: -# - name: BW_HOST -# value: "define_it" -# - name: BW_CLIENTID -# value: "define_it" -# - name: BW_CLIENTSECRET -# value: "define_it" -# - name: BW_PASSWORD -# value: "define_id" +# env: +# - name: BW_HOST +# value: "define_it" +# - name: BW_CLIENTID +# value: "define_it" +# - name: BW_CLIENTSECRET +# value: "define_it" +# - name: BW_PASSWORD +# value: "define_id" externalConfigSecret: enabled: false From 361d0866e93bf45888b9041501d35832267c65d9 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Thu, 11 May 2023 10:48:25 +0200 Subject: [PATCH 6/6] linting should be okay for now --- .github/workflows/test-and-lint.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/.github/workflows/test-and-lint.yml b/.github/workflows/test-and-lint.yml index 19281ed..5bacf55 100644 --- a/.github/workflows/test-and-lint.yml +++ b/.github/workflows/test-and-lint.yml @@ -36,13 +36,6 @@ jobs: if: steps.list-changed.outputs.changed == 'true' run: ct lint --target-branch ${{ github.event.repository.default_branch }} - - name: Create kind cluster - if: steps.list-changed.outputs.changed == 'true' - uses: helm/kind-action@v1.4.0 - - - name: Run chart-testing (install) - if: steps.list-changed.outputs.changed == 'true' - run: ct install --target-branch ${{ github.event.repository.default_branch }} pr-build: runs-on: ubuntu-latest steps: