From 884476606cffa05738dc6aa6c8abc0c9376f3858 Mon Sep 17 00:00:00 2001 From: Tobias Trabelsi Date: Sat, 26 Nov 2022 21:59:39 +0100 Subject: [PATCH] fixed readme --- README.md | 50 ++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 8cd0f09..c54241c 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ And you are set to create your first secret using this operator. For that you ne ```yaml --- -apiVersion: "lerentis.uploadfilter24.eu/v1beta3" +apiVersion: "lerentis.uploadfilter24.eu/v1beta4" kind: BitwardenSecret metadata: name: name-of-your-management-object @@ -65,9 +65,11 @@ spec: - element: secretName: nameOfTheFieldInBitwarden # for example username secretRef: nameOfTheKeyInTheSecretToBeCreated + secretScope: login # for custom entries on bitwarden use 'fields' - element: secretName: nameOfAnotherFieldInBitwarden # for example password secretRef: nameOfAnotherKeyInTheSecretToBeCreated + secretScope: login # for custom entries on bitwarden use 'fields' id: "A Secret ID from bitwarden" name: "Name of the secret to be created" namespace: "Namespace of the secret to be created" @@ -96,7 +98,7 @@ For managing registry credentials, or pull secrets, you can create another kind ```yaml --- -apiVersion: "lerentis.uploadfilter24.eu/v1beta3" +apiVersion: "lerentis.uploadfilter24.eu/v1beta4" kind: RegistryCredential metadata: name: name-of-your-management-object @@ -125,6 +127,50 @@ metadata: type: dockerconfigjson ``` +## BitwardenTemplate + +One of the more freely defined types that can be used with this operator you can just pass a whole template: + +```yaml +--- +apiVersion: "lerentis.uploadfilter24.eu/v1beta4" +kind: BitwardenTemplate +metadata: + name: name-of-your-management-object +spec: + filename: "Key of the secret to be created" + name: "Name of the secret to be created" + namespace: "Namespace of the secret to be created" + template: | + --- + api: + enabled: True + key: {{ bitwarden_lookup("A Secret ID from bitwarden", "login or fields", "name of a field in bitwarden") }} + allowCrossOrigin: false + apps: + "some.app.identifier:some_version": + pubkey: {{ bitwarden_lookup("A Secret ID from bitwarden", "login or fields", "name of a field in bitwarden") }} + enabled: true +``` + +This will result in something like the following object: + +```yaml +apiVersion: v1 +data: + Key of the secret to be created: "base64 encoded and rendered template with secrets injected directly from bitwarden" +kind: Secret +metadata: + annotations: + managed: bitwarden-template.lerentis.uploadfilter24.eu + managedObject: namespace/name-of-your-management-object + name: Name of the secret to be created + namespace: Namespace of the secret to be created +type: Opaque +``` + +please note that the rendering engine for this template is jinja2, with an addition of a custom `bitwarden_lookup` function, so there are more possibilities to inject here. + ## Short Term Roadmap - [ ] support more types