lerentis/bitwarden-crd-operator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 18 Wiki Activity

Compare commits

base: lerentis:1d147aad9a0cf33f8453f1c582d39931f124880e
Branches Tags
lerentis:main
lerentis:Lerentis/issue60
lerentis:Lerentis/issue29
lerentis:Lerentis/issue25
lerentis:gh-pages
lerentis:0.6.4
lerentis:v0.6.2
lerentis:v0.6.1
lerentis:v0.6.0
lerentis:v0.5.4
lerentis:v0.5.3
lerentis:v0.5.2
lerentis:v0.5.1
lerentis:v0.5.0
lerentis:v0.4.2
lerentis:v0.4.1
lerentis:v0.4.0
lerentis:v0.3.0
lerentis:v0.2.1
lerentis:v0.2.0
lerentis:v0.1.2
lerentis:v0.1.1
lerentis:v0.1.0
..
compare: lerentis:6a8945af21a8a48cfecd3795d4d50ae69db74e67
Branches Tags
lerentis:main
lerentis:Lerentis/issue60
lerentis:Lerentis/issue29
lerentis:Lerentis/issue25
lerentis:gh-pages
lerentis:0.6.4
lerentis:v0.6.2
lerentis:v0.6.1
lerentis:v0.6.0
lerentis:v0.5.4
lerentis:v0.5.3
lerentis:v0.5.2
lerentis:v0.5.1
lerentis:v0.5.0
lerentis:v0.4.2
lerentis:v0.4.1
lerentis:v0.4.0
lerentis:v0.3.0
lerentis:v0.2.1
lerentis:v0.2.0
lerentis:v0.1.2
lerentis:v0.1.1
lerentis:v0.1.0

No commits in common. "1d147aad9a0cf33f8453f1c582d39931f124880e" and "6a8945af21a8a48cfecd3795d4d50ae69db74e67" have entirely different histories.
1d147aad9a ... 6a8945af21

10 changed files with 13 additions and 168 deletions
Show Stats Expand all files Collapse all files

4
.github/workflows/release.yml vendored
View File

@ -36,7 +36,7 @@ jobs:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Get app version from chart
uses: mikefarah/yq@v4.40.5
uses: mikefarah/yq@v4.40.2
id: app_version
with:
cmd: yq '.appVersion' charts/bitwarden-crd-operator/Chart.yaml
@ -77,7 +77,7 @@ jobs:
uses: WyriHaximus/github-action-get-previous-tag@v1
- name: Download SBOM from github action
uses: actions/download-artifact@v4
uses: actions/download-artifact@v3
with:
name: ${{ env.ANCHORE_SBOM_ACTION_PRIOR_ARTIFACT }}

2
.github/workflows/test-and-lint.yml vendored
View File

@ -16,7 +16,7 @@ jobs:
with:
version: v3.11.2
- uses: actions/setup-python@v5
- uses: actions/setup-python@v4
with:
python-version: '3.9'
check-latest: true

4
Dockerfile
View File

@ -1,4 +1,4 @@
FROM alpine:3.18.4
FROM alpine:3.18.3
LABEL org.opencontainers.image.source=https://github.com/Lerentis/bitwarden-crd-operator
LABEL org.opencontainers.image.description="Kubernetes Operator to create k8s secrets from bitwarden"
@ -7,7 +7,7 @@ LABEL org.opencontainers.image.licenses=MIT
ARG PYTHON_VERSION=3.11.6-r0
ARG PIP_VERSION=23.1.2-r0
ARG GCOMPAT_VERSION=1.1.0-r1
ARG LIBCRYPTO_VERSION=3.1.3-r0
ARG LIBCRYPTO_VERSION=3.1.2-r0
ARG BW_VERSION=2023.1.0
COPY requirements.txt /requirements.txt

52
charts/bitwarden-crd-operator/crds/bitwarden-secrets.yaml
View File

@ -14,42 +14,6 @@ spec:
- bws
versions:
- name: v1beta4
served: false
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
content:
type: array
items:
type: object
properties:
element:
type: object
properties:
secretName:
type: string
secretRef:
type: string
secretScope:
type: string
required:
- secretName
id:
type: string
namespace:
type: string
name:
type: string
required:
- id
- namespace
- name
- name: v1beta5
served: true
storage: true
schema:
@ -81,22 +45,6 @@ spec:
type: string
name:
type: string
labels:
type: array
items:
type: object
properties:
json:
x-kubernetes-preserve-unknown-fields: true
type: object
properties:
spec:
type: object
properties:
foo:
type: string
bar:
type: string
required:
- id
- namespace

39
charts/bitwarden-crd-operator/crds/bitwarden-templates.yaml
View File

@ -14,29 +14,6 @@ spec:
- bwt
versions:
- name: v1beta4
served: false
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
filename:
type: string
template:
type: string
namespace:
type: string
name:
type: string
required:
- filename
- template
- namespace
- name
- name: v1beta5
served: true
storage: true
schema:
@ -54,22 +31,6 @@ spec:
type: string
name:
type: string
labels:
type: array
items:
type: object
properties:
json:
x-kubernetes-preserve-unknown-fields: true
type: object
properties:
spec:
type: object
properties:
foo:
type: string
bar:
type: string
required:
- filename
- template

45
charts/bitwarden-crd-operator/crds/registry-credentials.yaml
View File

@ -14,35 +14,6 @@ spec:
- rgc
versions:
- name: v1beta4
served: false
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
usernameRef:
type: string
passwordRef:
type: string
registry:
type: string
id:
type: string
namespace:
type: string
name:
type: string
required:
- id
- namespace
- name
- usernameRef
- passwordRef
- registry
- name: v1beta5
served: true
storage: true
schema:
@ -64,22 +35,6 @@ spec:
type: string
name:
type: string
labels:
type: array
items:
type: object
properties:
json:
x-kubernetes-preserve-unknown-fields: true
type: object
properties:
spec:
type: object
properties:
foo:
type: string
bar:
type: string
required:
- id
- namespace

10
example.yaml
View File

@ -1,5 +1,5 @@
---
apiVersion: "lerentis.uploadfilter24.eu/v1beta5"
apiVersion: "lerentis.uploadfilter24.eu/v1beta4"
kind: BitwardenSecret
metadata:
name: test
@ -16,10 +16,8 @@ spec:
id: "88781348-c81c-4367-9801-550360c21295"
name: "test-secret"
namespace: "default"
labels:
- key: value
---
apiVersion: "lerentis.uploadfilter24.eu/v1beta5"
apiVersion: "lerentis.uploadfilter24.eu/v1beta4"
kind: BitwardenSecret
metadata:
name: test-scope
@ -31,6 +29,4 @@ spec:
secretScope: fields
id: "466fc4b0-ffca-4444-8d88-b59d4de3d928"
name: "test-scope"
namespace: "default"
labels:
- key: value
namespace: "default"

9
src/dockerlogin.py
View File

@ -44,7 +44,6 @@ def create_managed_registry_secret(spec, name, namespace, logger, **kwargs):
id = spec.get('id')
secret_name = spec.get('name')
secret_namespace = spec.get('namespace')
labels = spec.get('labels')
unlock_bw(logger)
logger.info(f"Locking up secret with ID: {id}")
@ -56,13 +55,9 @@ def create_managed_registry_secret(spec, name, namespace, logger, **kwargs):
"managed": "registry-credential.lerentis.uploadfilter24.eu",
"managedObject": f"{namespace}/{name}"
}
if not labels:
labels = {}
secret = kubernetes.client.V1Secret()
secret.metadata = kubernetes.client.V1ObjectMeta(
name=secret_name, annotations=annotations, labels=labels)
name=secret_name, annotations=annotations)
secret = create_dockerlogin(
logger,
secret,
@ -71,7 +66,7 @@ def create_managed_registry_secret(spec, name, namespace, logger, **kwargs):
password_ref,
registry)
api.create_namespaced_secret(
obj = api.create_namespaced_secret(
secret_namespace, secret
)

9
src/kv.py
View File

@ -41,7 +41,6 @@ def create_managed_secret(spec, name, namespace, logger, body, **kwargs):
id = spec.get('id')
secret_name = spec.get('name')
secret_namespace = spec.get('namespace')
labels = spec.get('labels')
unlock_bw(logger)
logger.info(f"Locking up secret with ID: {id}")
@ -53,16 +52,12 @@ def create_managed_secret(spec, name, namespace, logger, body, **kwargs):
"managed": "bitwarden-secret.lerentis.uploadfilter24.eu",
"managedObject": f"{namespace}/{name}"
}
if not labels:
labels = {}
secret = kubernetes.client.V1Secret()
secret.metadata = kubernetes.client.V1ObjectMeta(
name=secret_name, annotations=annotations, labels=labels)
name=secret_name, annotations=annotations)
secret = create_kv(secret, secret_json_object, content_def)
api.create_namespaced_secret(
obj = api.create_namespaced_secret(
namespace="{}".format(secret_namespace),
body=secret
)

7
src/template.py
View File

@ -33,7 +33,6 @@ def create_managed_secret(spec, name, namespace, logger, body, **kwargs):
filename = spec.get('filename')
secret_name = spec.get('name')
secret_namespace = spec.get('namespace')
labels = spec.get('labels')
unlock_bw(logger)
@ -43,13 +42,9 @@ def create_managed_secret(spec, name, namespace, logger, body, **kwargs):
"managed": "bitwarden-template.lerentis.uploadfilter24.eu",
"managedObject": f"{namespace}/{name}"
}
if not labels:
labels = {}
secret = kubernetes.client.V1Secret()
secret.metadata = kubernetes.client.V1ObjectMeta(
name=secret_name, annotations=annotations, labels=labels)
name=secret_name, annotations=annotations)
secret = create_template_secret(logger, secret, filename, template)
obj = api.create_namespaced_secret(