lerentis/bitwarden-crd-operator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 18 Wiki Activity
33 Commits 6 Branches 18 Tags
aec384c78efe4e319d578786463143e2e193d44a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
lerentis aec384c78e
All checks were successful
continuous-integration/drone/push Build is passing
Details
Removed no longer needed dependency
2022-10-03 21:06:50 +00:00
.github/workflows
release on push to main branch
2022-10-03 19:17:16 +02:00
charts/bitwarden-crd-operator
release on push to main branch
2022-10-03 19:17:16 +02:00
.dockerignore
wip
2022-09-04 23:21:33 +02:00
.drone.yml
drone release pipeline
2022-10-03 17:59:46 +02:00
.gitignore
wrapping bitwarden cli to login and get an item
2022-09-12 23:03:28 +02:00
bitwarden-crd-operator.py
free-key-value-definition (#1)
2022-10-03 14:00:11 +00:00
CODE_OF_CONDUCT.md
wrapping bitwarden cli to login and get an item
2022-09-12 23:03:28 +02:00
Dockerfile
silence pip warning
2022-09-14 22:58:48 +02:00
example.yaml
free-key-value-definition (#1)
2022-10-03 14:00:11 +00:00
LICENSE
wrapping bitwarden cli to login and get an item
2022-09-12 23:03:28 +02:00
pyvenv.cfg
wip
2022-09-04 23:21:33 +02:00
README.md
install instructions in readme
2022-10-03 19:28:14 +02:00
requirements.txt
Removed no longer needed dependency
2022-10-03 21:06:50 +00:00

README.md

Bitwarden CRD Operator

Build Status

Bitwarden CRD Operator is a kubernetes Operator based on kopf. The goal is to create kubernetes native secret objects from bitwarden.

DISCLAIMER:
This project is still very work in progress :)

Getting started

For now a few secrets need to be passed to helm. I will change this in the future to give the option to also use a kubernetes secret for this.

You will need a ClientID and ClientSecret (where to get these) as well as your password. Expose these to the operator as described in this example:

env:
  - name: BW_HOST
    value: "https://bitwarden.your.tld.org"
  - name: BW_CLIENTID
    value: "user.your-client-id"
  - name: BW_CLIENTSECRET
    value: "YoUrCliEntSecRet"
  - name: BW_PASSWORD
    value: "YourSuperSecurePassword"

BW_HOST can be omitted if you are using the Bitwarden SaaS offering.

After that it is a basic helm deployment:

helm repo add bitwarden-operator https://lerentis.github.io/bitwarden-crd-operator
helm repo update 
kubectl create namespace bw-operator
helm upgrade --install --namespace bw-operator -f values.yaml bw-operator bitwarden-operator/bitwarden-crd-operator

And you are set to create your first secret using this operator. For that you need to add a CRD Object like this to your cluster:

---
apiVersion: "lerentis.uploadfilter24.eu/v1beta2"
kind: BitwardenSecret
metadata:
  name: name-of-your-management-object
spec:
  content:
    - element:
        secretName: nameOfTheFieldInBitwarden # for example username
        secretRef: nameOfTheKeyInTheSecretToBeCreated 
    - element:
        secretName: nameOfAnotherFieldInBitwarden # for example password
        secretRef: nameOfAnotherKeyInTheSecretToBeCreated 
  id: "A Secret ID from bitwarden"
  name: "Name of the secret to be created"
  namespace: "Namespace of the secret to be created"

The ID can be extracted from the browser when you open a item the ID is in the URL. The resulting secret looks something like this:

apiVersion: v1
data:
  nameOfTheKeyInTheSecretToBeCreated: "base64 encoded value of TheFieldInBitwarden"
  nameOfAnotherKeyInTheSecretToBeCreated: "base64 encoded value of AnotherFieldInBitwarden"
kind: Secret
metadata:
  annotations:
    managed: bitwarden-secrets.lerentis.uploadfilter24.eu
    managedObject: bw-operator/test
  name: name-of-your-management-object
  namespace: default
type: Opaque

Short Term Roadmap

  • support more types
  • offer option to use a existing secret in helm chart
  • host chart on gh pages
  • write release pipeline
  • maybe extend spec to offer modification of keys as well
Description
No description provided
Readme 530 KiB
Releases 18
0.6.4 Latest
2023-06-24 16:43:48 +00:00
Languages
Python 87.9%
Smarty 5.8%
Dockerfile 4.3%
Makefile 2%