free-key-value-definition #1
16
README.md
16
README.md
@ -39,12 +39,18 @@ And you are set to create your first secret using this operator. For that you ne
|
||||
|
||||
```yaml
|
||||
---
|
||||
apiVersion: "lerentis.uploadfilter24.eu/v1beta1"
|
||||
apiVersion: "lerentis.uploadfilter24.eu/v1beta2"
|
||||
kind: BitwardenSecret
|
||||
metadata:
|
||||
name: name-of-your-management-object
|
||||
spec:
|
||||
type: "UsernamePassword"
|
||||
content:
|
||||
- element:
|
||||
secretName: nameOfTheFieldInBitwarden # for example username
|
||||
secretRef: nameOfTheKeyInTheSecretToBeCreated
|
||||
- element:
|
||||
secretName: nameOfAnotherFieldInBitwarden # for example password
|
||||
secretRef: nameOfAnotherKeyInTheSecretToBeCreated
|
||||
id: "A Secret ID from bitwarden"
|
||||
name: "Name of the secret to be created"
|
||||
namespace: "Namespace of the secret to be created"
|
||||
@ -55,8 +61,8 @@ The ID can be extracted from the browser when you open a item the ID is in the U
|
||||
```yaml
|
||||
apiVersion: v1
|
||||
data:
|
||||
password: "base64 encoded password"
|
||||
username: "base64 encoded username"
|
||||
nameOfTheKeyInTheSecretToBeCreated: "base64 encoded value of TheFieldInBitwarden"
|
||||
nameOfAnotherKeyInTheSecretToBeCreated: "base64 encoded value of AnotherFieldInBitwarden"
|
||||
kind: Secret
|
||||
metadata:
|
||||
annotations:
|
||||
@ -73,4 +79,4 @@ type: Opaque
|
||||
[] offer option to use a existing secret in helm chart
|
||||
[] host chart on gh pages
|
||||
[] write release pipeline
|
||||
[] maybe extend spec to offer modification of keys as well
|
||||
[x] maybe extend spec to offer modification of keys as well
|
||||
|
@ -35,14 +35,9 @@ def bitwarden_signin(logger, **kwargs):
|
||||
unlock_bw(logger)
|
||||
|
||||
@kopf.on.create('bitwarden-secrets.lerentis.uploadfilter24.eu')
|
||||
def create_fn(spec, name, namespace, logger, body, **kwargs):
|
||||
|
||||
logger.info(f"Type of spec: {type(body)}")
|
||||
scope = body['spec']['scope']
|
||||
logger.info(f"spec: {scope}")
|
||||
|
||||
|
||||
def create_managed_secret(spec, name, namespace, logger, body, **kwargs):
|
||||
|
||||
content_def = body['spec']['content']
|
||||
id = spec.get('id')
|
||||
secret_name = spec.get('name')
|
||||
secret_namespace = spec.get('namespace')
|
||||
@ -61,12 +56,15 @@ def create_fn(spec, name, namespace, logger, body, **kwargs):
|
||||
secret.metadata = kubernetes.client.V1ObjectMeta(name=secret_name, annotations=annotations)
|
||||
secret.type = "Opaque"
|
||||
secret.data = {}
|
||||
for elemw in scope:
|
||||
for k, elem in elemw.items():
|
||||
for eleml in content_def:
|
||||
for k, elem in eleml.items():
|
||||
for key,value in elem.items():
|
||||
logger.info(f"key: {key} value: {value}")
|
||||
secret.data["username"] = str(base64.b64encode(secret_json_object["login"]["username"].encode("utf-8")), "utf-8")
|
||||
secret.data["password"] = str(base64.b64encode(secret_json_object["login"]["password"].encode("utf-8")), "utf-8")
|
||||
if key == "secretName":
|
||||
_secret_key = value
|
||||
if key == "secretRef":
|
||||
_secret_ref = value
|
||||
|
||||
secret.data[_secret_ref] = str(base64.b64encode(secret_json_object["login"][_secret_key].encode("utf-8")), "utf-8")
|
||||
|
||||
obj = api.create_namespaced_secret(
|
||||
secret_namespace, secret
|
||||
@ -80,5 +78,13 @@ def my_handler(spec, old, new, diff, **_):
|
||||
pass
|
||||
|
||||
@kopf.on.delete('bitwarden-secrets.lerentis.uploadfilter24.eu')
|
||||
def my_handler(spec, name, namespace, logger, **kwargs):
|
||||
pass
|
||||
def delete_managed_secret(spec, name, namespace, logger, **kwargs):
|
||||
secret_name = spec.get('name')
|
||||
secret_namespace = spec.get('namespace')
|
||||
api = kubernetes.client.CoreV1Api()
|
||||
|
||||
try:
|
||||
api.delete_namespaced_secret(secret_name, secret_namespace)
|
||||
logger.info(f"Secret {secret_namespace}/{secret_name} has been deleted")
|
||||
except:
|
||||
logger.warn(f"Could not delete secret {secret_namespace}/{secret_name}!")
|
||||
|
@ -22,7 +22,7 @@ spec:
|
||||
spec:
|
||||
type: object
|
||||
properties:
|
||||
scope:
|
||||
content:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
|
@ -4,7 +4,7 @@ kind: BitwardenSecret
|
||||
metadata:
|
||||
name: test
|
||||
spec:
|
||||
scope:
|
||||
content:
|
||||
- element:
|
||||
secretName: username
|
||||
secretRef: nameofUser
|
||||
|
Loading…
Reference in New Issue
Block a user