Updated readme

2020-04-25 19:03:59 +01:00 · 2020-04-25 19:03:59 +01:00 · 59fbbfcfe0
commit 59fbbfcfe0
parent aebf937820
3 changed files with 45 additions and 3 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -17,3 +17,4 @@ lerna-debug.log*
 *.code-workspace
 .history/
 Dockerfile
+manifests
--- a/2
+++ b/2
@ -1,6 +1,6 @@
 .DEFAULT_GOAL := default

-IMAGE ?= docker.cloud.cluster.fun/private/kube-1password-secrets:latest
+IMAGE ?= docker.cloud.cluster.fun/averagemarcus/kube-1password-secrets:latest

 .PHONY: test # Run all tests, linting and format checks
 test: lint check-format run-tests
--- a/README.md
+++ b/README.md
@ -1,15 +1,54 @@
 # kube-1password-secrets

-Sync secrets from a 1Password vault into Kubernetes secrets
+Sync secrets from a 1Password vault into Kubernetes secrets.
+
+> **Note:** This should not be considered production grade. It is built on top of the 1Password CLI client which could stop working without warning due to changes made by 1Password.

 ## Features

+* Sync data from items stored in 1Password to Secret resources within Kubernetes
+* Rename fields when storing the data in the Kubernetes secret
+
 ## Install

-```sh
+1. Create an environment variable with your 1Password credentials:

+    ```sh
+    cp ./manifests/example.env ./manifests/.env
+    ```
+
+1. Deploy to Kubernetes
+
+    ```sh
+    make release
+    ```
+
+## Usage
+
+1Password secrets are configured using annotation on Secret resources in Kubernetes.
+
+The only required value is the ID of the secret in 1Password. You can get this by looking at the URL when viewing the secret in 1Password, e.g.
+
+> my.1password.com/vaults/123456789qwertyuiop/allitems/**123456example7890**
+
+Example:
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: example-secret
+  annotations:
+    kube-1password: 123456example7890       # [Required] This is the ID of the item within 1Password
+    kube-1password/vault: Kubernetes        # The name of the Vault
+    kube-1password/username-key: "user"     # The key the username should be saved as in the Secret resource (default: `username`)
+    kube-1password/password-key: "pass"     # The key the password should be saved as in the Secret resource (default: `password`)
+    kube-1password/secret-text-key: "note"  # The key the secret text should be saved as in the Secret resource (default: `secretText`)
+type: Opaque
 ```

+kube-1password-secrets currently supports *Login*, *Secure Note* and *Password* item types in 1Password. Only the **username**, **password** and **notes** fields are retrieved.
+
 ## Building from source

 With Docker:
@ -26,6 +65,8 @@ make build

 ## Resources

+* [1Password CLI client](https://app-updates.agilebits.com/product_history/CLI)
+
 ## Contributing

 If you find a bug or have an idea for a new feature please [raise an issue](/AverageMarcus/kube-1password-secrets/issues/new) to discuss it.