AverageMarcus/kube-1password-secrets
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Updated readme

Browse Source
This commit is contained in:
Marcus Noble 2020-04-25 19:03:59 +01:00
parent aebf937820
commit 59fbbfcfe0
3 changed files with 45 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.dockerignore
View File

@ -17,3 +17,4 @@ lerna-debug.log*
*.code-workspace *.code-workspace
.history/ .history/
Dockerfile Dockerfile
manifests

2
Makefile
View File

@ -1,6 +1,6 @@
.DEFAULT_GOAL := default .DEFAULT_GOAL := default
IMAGE ?= docker.cloud.cluster.fun/private/kube-1password-secrets:latest IMAGE ?= docker.cloud.cluster.fun/averagemarcus/kube-1password-secrets:latest
.PHONY: test # Run all tests, linting and format checks .PHONY: test # Run all tests, linting and format checks
test: lint check-format run-tests test: lint check-format run-tests

45
README.md
View File

@ -1,15 +1,54 @@
# kube-1password-secrets # kube-1password-secrets
Sync secrets from a 1Password vault into Kubernetes secrets Sync secrets from a 1Password vault into Kubernetes secrets.
> **Note:** This should not be considered production grade. It is built on top of the 1Password CLI client which could stop working without warning due to changes made by 1Password.
## Features ## Features
* Sync data from items stored in 1Password to Secret resources within Kubernetes
* Rename fields when storing the data in the Kubernetes secret
## Install ## Install
```sh 1. Create an environment variable with your 1Password credentials:
```sh
cp ./manifests/example.env ./manifests/.env
```
1. Deploy to Kubernetes
```sh
make release
```
## Usage
1Password secrets are configured using annotation on Secret resources in Kubernetes.
The only required value is the ID of the secret in 1Password. You can get this by looking at the URL when viewing the secret in 1Password, e.g.
> my.1password.com/vaults/123456789qwertyuiop/allitems/**123456example7890**
Example:
```yaml
apiVersion: v1
kind: Secret
metadata:
name: example-secret
annotations:
kube-1password: 123456example7890 # [Required] This is the ID of the item within 1Password
kube-1password/vault: Kubernetes # The name of the Vault
kube-1password/username-key: "user" # The key the username should be saved as in the Secret resource (default: `username`)
kube-1password/password-key: "pass" # The key the password should be saved as in the Secret resource (default: `password`)
kube-1password/secret-text-key: "note" # The key the secret text should be saved as in the Secret resource (default: `secretText`)
type: Opaque
``` ```
kube-1password-secrets currently supports *Login*, *Secure Note* and *Password* item types in 1Password. Only the **username**, **password** and **notes** fields are retrieved.
## Building from source ## Building from source
With Docker: With Docker:
@ -26,6 +65,8 @@ make build
## Resources ## Resources
* [1Password CLI client](https://app-updates.agilebits.com/product_history/CLI)
## Contributing ## Contributing
If you find a bug or have an idea for a new feature please [raise an issue](/AverageMarcus/kube-1password-secrets/issues/new) to discuss it. If you find a bug or have an idea for a new feature please [raise an issue](/AverageMarcus/kube-1password-secrets/issues/new) to discuss it.