Compare commits
6 Commits
c753737497
...
361d0866e9
Author | SHA1 | Date | |
---|---|---|---|
361d0866e9 | |||
9d4ade904e | |||
8c3714f7e0 | |||
36ae5cc602 | |||
d908419b78 | |||
2d399ff8ce |
24
.github/workflows/test-and-lint.yml
vendored
24
.github/workflows/test-and-lint.yml
vendored
@ -1,4 +1,4 @@
|
||||
name: Lint and Test Charts
|
||||
name: Lint and Test
|
||||
|
||||
on: pull_request
|
||||
|
||||
@ -36,10 +36,20 @@ jobs:
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
run: ct lint --target-branch ${{ github.event.repository.default_branch }}
|
||||
|
||||
- name: Create kind cluster
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
uses: helm/kind-action@v1.4.0
|
||||
pr-build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v2
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: "GHCR Build"
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
push: false
|
||||
platforms: linux/amd64,linux/arm64
|
||||
tags: ghcr.io/lerentis/bitwarden-crd-operator:dev
|
||||
|
||||
- name: Run chart-testing (install)
|
||||
if: steps.list-changed.outputs.changed == 'true'
|
||||
run: ct install --target-branch ${{ github.event.repository.default_branch }}
|
||||
|
35
Dockerfile
35
Dockerfile
@ -1,12 +1,3 @@
|
||||
FROM alpine:latest as builder
|
||||
|
||||
ARG BW_VERSION=2023.1.0
|
||||
|
||||
RUN apk add wget unzip
|
||||
|
||||
RUN cd /tmp && wget https://github.com/bitwarden/clients/releases/download/cli-v${BW_VERSION}/bw-linux-${BW_VERSION}.zip && \
|
||||
unzip /tmp/bw-linux-${BW_VERSION}.zip
|
||||
|
||||
FROM alpine:3.17.3
|
||||
|
||||
LABEL org.opencontainers.image.source=https://github.com/Lerentis/bitwarden-crd-operator
|
||||
@ -17,18 +8,36 @@ ARG PYTHON_VERSION=3.10.11-r0
|
||||
ARG PIP_VERSION=22.3.1-r1
|
||||
ARG GCOMPAT_VERSION=1.1.0-r0
|
||||
ARG LIBCRYPTO_VERSION=3.0.8-r4
|
||||
ARG BW_VERSION=2023.1.0
|
||||
|
||||
COPY --from=builder /tmp/bw /usr/local/bin/bw
|
||||
COPY requirements.txt requirements.txt
|
||||
COPY requirements.txt /requirements.txt
|
||||
|
||||
RUN set -eux; \
|
||||
apk add --virtual build-dependencies wget unzip; \
|
||||
ARCH="$(apk --print-arch)"; \
|
||||
case "${ARCH}" in \
|
||||
aarch64|arm64) \
|
||||
apk add npm; \
|
||||
npm install -g @bitwarden/cli@${BW_VERSION}; \
|
||||
;; \
|
||||
amd64|x86_64) \
|
||||
cd /tmp; \
|
||||
wget https://github.com/bitwarden/clients/releases/download/cli-v${BW_VERSION}/bw-linux-${BW_VERSION}.zip; \
|
||||
unzip /tmp/bw-linux-${BW_VERSION}.zip; \
|
||||
;; \
|
||||
*) \
|
||||
echo "Unsupported arch: ${ARCH}"; \
|
||||
exit 1; \
|
||||
;; \
|
||||
esac; \
|
||||
apk del --purge build-dependencies; \
|
||||
addgroup -S -g 1000 bw-operator; \
|
||||
adduser -S -D -u 1000 -G bw-operator bw-operator; \
|
||||
mkdir -p /home/bw-operator; \
|
||||
chown -R bw-operator /home/bw-operator; \
|
||||
chmod +x /usr/local/bin/bw; \
|
||||
apk add gcc musl-dev libstdc++ gcompat=${GCOMPAT_VERSION} python3=${PYTHON_VERSION} py3-pip=${PIP_VERSION} libcrypto3=${LIBCRYPTO_VERSION} libssl3=${LIBCRYPTO_VERSION}; \
|
||||
pip install -r requirements.txt --no-warn-script-location; \
|
||||
pip install -r /requirements.txt --no-warn-script-location; \
|
||||
rm /requirements.txt; \
|
||||
apk del --purge gcc musl-dev libstdc++;
|
||||
|
||||
COPY --chown=bw-operator:bw-operator src /home/bw-operator
|
||||
|
@ -4,9 +4,9 @@ description: Deploy the Bitwarden CRD Operator
|
||||
|
||||
type: application
|
||||
|
||||
version: "v0.7.1"
|
||||
version: "v0.7.2"
|
||||
|
||||
appVersion: "0.6.1"
|
||||
appVersion: "0.6.2"
|
||||
|
||||
keywords:
|
||||
- operator
|
||||
@ -20,7 +20,7 @@ home: https://lerentis.github.io/bitwarden-crd-operator/
|
||||
sources:
|
||||
- https://github.com/Lerentis/bitwarden-crd-operator
|
||||
|
||||
kubeVersion: '>= 1.23.0-0'
|
||||
kubeVersion: ">= 1.23.0-0"
|
||||
|
||||
maintainers:
|
||||
- name: lerentis
|
||||
@ -55,10 +55,10 @@ annotations:
|
||||
content:
|
||||
- element:
|
||||
secretName: username
|
||||
secretRef: nameofUser
|
||||
secretRef: nameofUser
|
||||
- element:
|
||||
secretName: password
|
||||
secretRef: passwordOfUser
|
||||
secretRef: passwordOfUser
|
||||
id: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
|
||||
name: "test-secret"
|
||||
namespace: "default"
|
||||
@ -90,15 +90,13 @@ annotations:
|
||||
apps:
|
||||
"some.app.identifier:some_version":
|
||||
pubkey: {{ bitwarden_lookup("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "fields", "public_key") }}
|
||||
enabled: true
|
||||
enabled: true
|
||||
artifacthub.io/license: MIT
|
||||
artifacthub.io/operator: "true"
|
||||
artifacthub.io/containsSecurityUpdates: "true"
|
||||
artifacthub.io/operator: "true"
|
||||
artifacthub.io/containsSecurityUpdates: "false"
|
||||
artifacthub.io/changes: |
|
||||
- kind: fixed
|
||||
description: "Fixed fields lookup"
|
||||
- kind: fixed
|
||||
description: "Fixed CVE-2023-1255 in base image"
|
||||
description: "Fallback to npm package on ARM as native bitwarden cli package is not compatible with ARM"
|
||||
artifacthub.io/images: |
|
||||
- name: bitwarden-crd-operator
|
||||
image: ghcr.io/lerentis/bitwarden-crd-operator:0.6.1
|
||||
image: ghcr.io/lerentis/bitwarden-crd-operator:0.6.2
|
||||
|
@ -14,15 +14,15 @@ imagePullSecrets: []
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
|
||||
#env:
|
||||
# - name: BW_HOST
|
||||
# value: "define_it"
|
||||
# - name: BW_CLIENTID
|
||||
# value: "define_it"
|
||||
# - name: BW_CLIENTSECRET
|
||||
# value: "define_it"
|
||||
# - name: BW_PASSWORD
|
||||
# value: "define_id"
|
||||
# env:
|
||||
# - name: BW_HOST
|
||||
# value: "define_it"
|
||||
# - name: BW_CLIENTID
|
||||
# value: "define_it"
|
||||
# - name: BW_CLIENTSECRET
|
||||
# value: "define_it"
|
||||
# - name: BW_PASSWORD
|
||||
# value: "define_id"
|
||||
|
||||
externalConfigSecret:
|
||||
enabled: false
|
||||
|
Loading…
Reference in New Issue
Block a user