Compare commits
6 Commits
c753737497
...
361d0866e9
Author | SHA1 | Date | |
---|---|---|---|
361d0866e9 | |||
9d4ade904e | |||
8c3714f7e0 | |||
36ae5cc602 | |||
d908419b78 | |||
2d399ff8ce |
24
.github/workflows/test-and-lint.yml
vendored
24
.github/workflows/test-and-lint.yml
vendored
@ -1,4 +1,4 @@
|
|||||||
name: Lint and Test Charts
|
name: Lint and Test
|
||||||
|
|
||||||
on: pull_request
|
on: pull_request
|
||||||
|
|
||||||
@ -36,10 +36,20 @@ jobs:
|
|||||||
if: steps.list-changed.outputs.changed == 'true'
|
if: steps.list-changed.outputs.changed == 'true'
|
||||||
run: ct lint --target-branch ${{ github.event.repository.default_branch }}
|
run: ct lint --target-branch ${{ github.event.repository.default_branch }}
|
||||||
|
|
||||||
- name: Create kind cluster
|
pr-build:
|
||||||
if: steps.list-changed.outputs.changed == 'true'
|
runs-on: ubuntu-latest
|
||||||
uses: helm/kind-action@v1.4.0
|
steps:
|
||||||
|
- name: Set up QEMU
|
||||||
|
uses: docker/setup-qemu-action@v2
|
||||||
|
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v2
|
||||||
|
|
||||||
|
- name: "GHCR Build"
|
||||||
|
id: docker_build
|
||||||
|
uses: docker/build-push-action@v4
|
||||||
|
with:
|
||||||
|
push: false
|
||||||
|
platforms: linux/amd64,linux/arm64
|
||||||
|
tags: ghcr.io/lerentis/bitwarden-crd-operator:dev
|
||||||
|
|
||||||
- name: Run chart-testing (install)
|
|
||||||
if: steps.list-changed.outputs.changed == 'true'
|
|
||||||
run: ct install --target-branch ${{ github.event.repository.default_branch }}
|
|
||||||
|
35
Dockerfile
35
Dockerfile
@ -1,12 +1,3 @@
|
|||||||
FROM alpine:latest as builder
|
|
||||||
|
|
||||||
ARG BW_VERSION=2023.1.0
|
|
||||||
|
|
||||||
RUN apk add wget unzip
|
|
||||||
|
|
||||||
RUN cd /tmp && wget https://github.com/bitwarden/clients/releases/download/cli-v${BW_VERSION}/bw-linux-${BW_VERSION}.zip && \
|
|
||||||
unzip /tmp/bw-linux-${BW_VERSION}.zip
|
|
||||||
|
|
||||||
FROM alpine:3.17.3
|
FROM alpine:3.17.3
|
||||||
|
|
||||||
LABEL org.opencontainers.image.source=https://github.com/Lerentis/bitwarden-crd-operator
|
LABEL org.opencontainers.image.source=https://github.com/Lerentis/bitwarden-crd-operator
|
||||||
@ -17,18 +8,36 @@ ARG PYTHON_VERSION=3.10.11-r0
|
|||||||
ARG PIP_VERSION=22.3.1-r1
|
ARG PIP_VERSION=22.3.1-r1
|
||||||
ARG GCOMPAT_VERSION=1.1.0-r0
|
ARG GCOMPAT_VERSION=1.1.0-r0
|
||||||
ARG LIBCRYPTO_VERSION=3.0.8-r4
|
ARG LIBCRYPTO_VERSION=3.0.8-r4
|
||||||
|
ARG BW_VERSION=2023.1.0
|
||||||
|
|
||||||
COPY --from=builder /tmp/bw /usr/local/bin/bw
|
COPY requirements.txt /requirements.txt
|
||||||
COPY requirements.txt requirements.txt
|
|
||||||
|
|
||||||
RUN set -eux; \
|
RUN set -eux; \
|
||||||
|
apk add --virtual build-dependencies wget unzip; \
|
||||||
|
ARCH="$(apk --print-arch)"; \
|
||||||
|
case "${ARCH}" in \
|
||||||
|
aarch64|arm64) \
|
||||||
|
apk add npm; \
|
||||||
|
npm install -g @bitwarden/cli@${BW_VERSION}; \
|
||||||
|
;; \
|
||||||
|
amd64|x86_64) \
|
||||||
|
cd /tmp; \
|
||||||
|
wget https://github.com/bitwarden/clients/releases/download/cli-v${BW_VERSION}/bw-linux-${BW_VERSION}.zip; \
|
||||||
|
unzip /tmp/bw-linux-${BW_VERSION}.zip; \
|
||||||
|
;; \
|
||||||
|
*) \
|
||||||
|
echo "Unsupported arch: ${ARCH}"; \
|
||||||
|
exit 1; \
|
||||||
|
;; \
|
||||||
|
esac; \
|
||||||
|
apk del --purge build-dependencies; \
|
||||||
addgroup -S -g 1000 bw-operator; \
|
addgroup -S -g 1000 bw-operator; \
|
||||||
adduser -S -D -u 1000 -G bw-operator bw-operator; \
|
adduser -S -D -u 1000 -G bw-operator bw-operator; \
|
||||||
mkdir -p /home/bw-operator; \
|
mkdir -p /home/bw-operator; \
|
||||||
chown -R bw-operator /home/bw-operator; \
|
chown -R bw-operator /home/bw-operator; \
|
||||||
chmod +x /usr/local/bin/bw; \
|
|
||||||
apk add gcc musl-dev libstdc++ gcompat=${GCOMPAT_VERSION} python3=${PYTHON_VERSION} py3-pip=${PIP_VERSION} libcrypto3=${LIBCRYPTO_VERSION} libssl3=${LIBCRYPTO_VERSION}; \
|
apk add gcc musl-dev libstdc++ gcompat=${GCOMPAT_VERSION} python3=${PYTHON_VERSION} py3-pip=${PIP_VERSION} libcrypto3=${LIBCRYPTO_VERSION} libssl3=${LIBCRYPTO_VERSION}; \
|
||||||
pip install -r requirements.txt --no-warn-script-location; \
|
pip install -r /requirements.txt --no-warn-script-location; \
|
||||||
|
rm /requirements.txt; \
|
||||||
apk del --purge gcc musl-dev libstdc++;
|
apk del --purge gcc musl-dev libstdc++;
|
||||||
|
|
||||||
COPY --chown=bw-operator:bw-operator src /home/bw-operator
|
COPY --chown=bw-operator:bw-operator src /home/bw-operator
|
||||||
|
@ -4,9 +4,9 @@ description: Deploy the Bitwarden CRD Operator
|
|||||||
|
|
||||||
type: application
|
type: application
|
||||||
|
|
||||||
version: "v0.7.1"
|
version: "v0.7.2"
|
||||||
|
|
||||||
appVersion: "0.6.1"
|
appVersion: "0.6.2"
|
||||||
|
|
||||||
keywords:
|
keywords:
|
||||||
- operator
|
- operator
|
||||||
@ -20,7 +20,7 @@ home: https://lerentis.github.io/bitwarden-crd-operator/
|
|||||||
sources:
|
sources:
|
||||||
- https://github.com/Lerentis/bitwarden-crd-operator
|
- https://github.com/Lerentis/bitwarden-crd-operator
|
||||||
|
|
||||||
kubeVersion: '>= 1.23.0-0'
|
kubeVersion: ">= 1.23.0-0"
|
||||||
|
|
||||||
maintainers:
|
maintainers:
|
||||||
- name: lerentis
|
- name: lerentis
|
||||||
@ -55,10 +55,10 @@ annotations:
|
|||||||
content:
|
content:
|
||||||
- element:
|
- element:
|
||||||
secretName: username
|
secretName: username
|
||||||
secretRef: nameofUser
|
secretRef: nameofUser
|
||||||
- element:
|
- element:
|
||||||
secretName: password
|
secretName: password
|
||||||
secretRef: passwordOfUser
|
secretRef: passwordOfUser
|
||||||
id: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
|
id: "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee"
|
||||||
name: "test-secret"
|
name: "test-secret"
|
||||||
namespace: "default"
|
namespace: "default"
|
||||||
@ -90,15 +90,13 @@ annotations:
|
|||||||
apps:
|
apps:
|
||||||
"some.app.identifier:some_version":
|
"some.app.identifier:some_version":
|
||||||
pubkey: {{ bitwarden_lookup("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "fields", "public_key") }}
|
pubkey: {{ bitwarden_lookup("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee", "fields", "public_key") }}
|
||||||
enabled: true
|
enabled: true
|
||||||
artifacthub.io/license: MIT
|
artifacthub.io/license: MIT
|
||||||
artifacthub.io/operator: "true"
|
artifacthub.io/operator: "true"
|
||||||
artifacthub.io/containsSecurityUpdates: "true"
|
artifacthub.io/containsSecurityUpdates: "false"
|
||||||
artifacthub.io/changes: |
|
artifacthub.io/changes: |
|
||||||
- kind: fixed
|
- kind: fixed
|
||||||
description: "Fixed fields lookup"
|
description: "Fallback to npm package on ARM as native bitwarden cli package is not compatible with ARM"
|
||||||
- kind: fixed
|
|
||||||
description: "Fixed CVE-2023-1255 in base image"
|
|
||||||
artifacthub.io/images: |
|
artifacthub.io/images: |
|
||||||
- name: bitwarden-crd-operator
|
- name: bitwarden-crd-operator
|
||||||
image: ghcr.io/lerentis/bitwarden-crd-operator:0.6.1
|
image: ghcr.io/lerentis/bitwarden-crd-operator:0.6.2
|
||||||
|
@ -14,15 +14,15 @@ imagePullSecrets: []
|
|||||||
nameOverride: ""
|
nameOverride: ""
|
||||||
fullnameOverride: ""
|
fullnameOverride: ""
|
||||||
|
|
||||||
#env:
|
# env:
|
||||||
# - name: BW_HOST
|
# - name: BW_HOST
|
||||||
# value: "define_it"
|
# value: "define_it"
|
||||||
# - name: BW_CLIENTID
|
# - name: BW_CLIENTID
|
||||||
# value: "define_it"
|
# value: "define_it"
|
||||||
# - name: BW_CLIENTSECRET
|
# - name: BW_CLIENTSECRET
|
||||||
# value: "define_it"
|
# value: "define_it"
|
||||||
# - name: BW_PASSWORD
|
# - name: BW_PASSWORD
|
||||||
# value: "define_id"
|
# value: "define_id"
|
||||||
|
|
||||||
externalConfigSecret:
|
externalConfigSecret:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
Loading…
Reference in New Issue
Block a user