diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a2bbe0b..d11317b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,9 +26,18 @@ jobs: with: version: v3.10.0 + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@v5.0.0 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.PASSPHRASE }} + - name: Run chart-releaser uses: helm/chart-releaser-action@v1.4.1 with: charts_dir: charts env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + CR_SIGN: "true" + CR_KEY: "FF0C2839718CAF2E" diff --git a/Dockerfile b/Dockerfile index 4471461..352a02d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,47 +7,21 @@ RUN apk add wget unzip RUN cd /tmp && wget https://github.com/bitwarden/clients/releases/download/cli-v${BW_VERSION}/bw-linux-${BW_VERSION}.zip && \ unzip /tmp/bw-linux-${BW_VERSION}.zip -#FROM alpine:3.18 as run -# -#RUN set -eux; \ -# groupadd -r bw-operator ; \ -# useradd -r -g bw-operator -s /sbin/nologin bw-operator; \ -# mkdir -p /home/bw-operator; \ -# chown -R bw-operator /home/bw-operator; \ -# chmod +x /usr/local/bin/bw; \ -# apk add libstdc++ python3 py-pip -#COPY --chown=bw-operator:bw-operator bitwarden-crd-operator.py /home/bw-operator/bitwarden-crd-operator.py -# -#USER bw-operator -# -#RUN set -eux; \ -# pip install -r requirements.txt --no-warn-script-location -# -#ENTRYPOINT [ "/home/bw-operator/.local/bin/kopf", "run", "--all-namespaces", "--liveness=http://0.0.0.0:8080/healthz" ] -#CMD [ "/home/bw-operator/bitwarden-crd-operator.py" ] - -FROM ubuntu:jammy +FROM alpine:3.17 COPY --from=builder /tmp/bw /usr/local/bin/bw +COPY --chown=bw-operator:bw-operator src /home/bw-operator COPY requirements.txt requirements.txt RUN set -eux; \ - groupadd -r bw-operator ; \ - useradd -r -g bw-operator -s /sbin/nologin bw-operator; \ + addgroup -S -g 1000 bw-operator; \ + adduser -S -D -u 1000 -G bw-operator bw-operator; \ mkdir -p /home/bw-operator; \ chown -R bw-operator /home/bw-operator; \ chmod +x /usr/local/bin/bw; \ - apt-get update; \ - apt-get upgrade -y; \ - apt-get install -y --no-install-recommends python3 python3-pip; \ - apt-get clean; \ - apt-get -y autoremove; \ - pip install -r requirements.txt; \ - rm requirements.txt; \ - pip cache purge; \ - rm -rf /root/.cache; - -COPY --chown=bw-operator:bw-operator src /home/bw-operator + apk add gcc musl-dev libstdc++ gcompat python3 py-pip; \ + pip install -r requirements.txt --no-warn-script-location; \ + apk del --purge gcc musl-dev libstdc++; USER bw-operator diff --git a/charts/bitwarden-crd-operator/Chart.yaml b/charts/bitwarden-crd-operator/Chart.yaml index 9c1a040..a8db67e 100644 --- a/charts/bitwarden-crd-operator/Chart.yaml +++ b/charts/bitwarden-crd-operator/Chart.yaml @@ -4,9 +4,9 @@ description: Deploy the Bitwarden CRD Operator type: application -version: "v0.3.1" +version: "v0.3.2" -appVersion: "0.2.1" +appVersion: "0.3.0" keywords: - operator @@ -39,11 +39,42 @@ annotations: name: registry-credential displayName: Regestry Credentials description: Management Object to create regestry secrets from bitwarden + artifacthub.io/crdsExamples: | + - apiVersion: lerentis.uploadfilter24.eu/v1beta3 + kind: BitwardenSecret + metadata: + name: test + spec: + content: + - element: + secretName: username + secretRef: nameofUser + - element: + secretName: password + secretRef: passwordOfUser + id: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee" + name: "test-secret" + namespace: "default" + - apiVersion: lerentis.uploadfilter24.eu/v1beta3 + kind: RegistryCredential + metadata: + name: test + spec: + usernameRef: "username" + passwordRef: "password" + registry: "docker.io" + id: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee" + name: "test-regcred" + namespace: "default" artifacthub.io/license: MIT artifacthub.io/operator: "true" artifacthub.io/changes: | - kind: changed - description: "Mainternence update and image rebuild to include upstream fixes" + description: "Switched to Alpine image" + - kind: added + description: "Added CRDs Example to artifactshub" + - kind: added + description: "Sign helm chart" artifacthub.io/images: | - name: bitwarden-crd-operator image: lerentis/bitwarden-crd-operator:0.2.1