mirror of
https://github.com/1Password/onepassword-operator.git
synced 2025-10-23 16:00:46 +00:00
Add yaml files for deploying Connect
These yaml files are used when the environment variable `MANAGE_CONNECT` for the operator is set to `true`.
This commit is contained in:
Eddy Filip
68
config/connect/deployment.yaml
Normal file
68
config/connect/deployment.yaml
Normal file
@@ -0,0 +1,68 @@
|
|||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: onepassword-connect
|
||||||
|
spec:
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: onepassword-connect
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: onepassword-connect
|
||||||
|
version: "1.0.0"
|
||||||
|
spec:
|
||||||
|
volumes:
|
||||||
|
- name: shared-data
|
||||||
|
emptyDir: {}
|
||||||
|
- name: credentials
|
||||||
|
secret:
|
||||||
|
secretName: op-credentials
|
||||||
|
initContainers:
|
||||||
|
- name: sqlite-permissions
|
||||||
|
image: alpine:3.12
|
||||||
|
command:
|
||||||
|
- "/bin/sh"
|
||||||
|
- "-c"
|
||||||
|
args:
|
||||||
|
- "mkdir -p /home/opuser/.op/data && chown -R 999 /home/opuser && chmod -R 700 /home/opuser && chmod -f -R 600 /home/opuser/.op/config || :"
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /home/opuser/.op/data
|
||||||
|
name: shared-data
|
||||||
|
containers:
|
||||||
|
- name: connect-api
|
||||||
|
image: 1password/connect-api:latest
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "0.2"
|
||||||
|
ports:
|
||||||
|
- containerPort: 8080
|
||||||
|
env:
|
||||||
|
- name: OP_SESSION
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: op-credentials
|
||||||
|
key: op-session
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /home/opuser/.op/data
|
||||||
|
name: shared-data
|
||||||
|
- name: connect-sync
|
||||||
|
image: 1password/connect-sync:latest
|
||||||
|
resources:
|
||||||
|
limits:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "0.2"
|
||||||
|
ports:
|
||||||
|
- containerPort: 8081
|
||||||
|
env:
|
||||||
|
- name: OP_HTTP_PORT
|
||||||
|
value: "8081"
|
||||||
|
- name: OP_SESSION
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: op-credentials
|
||||||
|
key: op-session
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /home/opuser/.op/data
|
||||||
|
name: shared-data
|
||||||
15
config/connect/service.yaml
Normal file
15
config/connect/service.yaml
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: onepassword-connect
|
||||||
|
spec:
|
||||||
|
type: NodePort
|
||||||
|
selector:
|
||||||
|
app: onepassword-connect
|
||||||
|
ports:
|
||||||
|
- port: 8080
|
||||||
|
name: connect-api
|
||||||
|
nodePort: 30080
|
||||||
|
- port: 8081
|
||||||
|
name: connect-sync
|
||||||
|
nodePort: 30081
|
||||||
@@ -2,12 +2,12 @@ package onepassword
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
appsv1 "k8s.io/api/apps/v1"
|
appsv1 "k8s.io/api/apps/v1"
|
||||||
corev1 "k8s.io/api/core/v1"
|
corev1 "k8s.io/api/core/v1"
|
||||||
errors "k8s.io/apimachinery/pkg/api/errors"
|
"k8s.io/apimachinery/pkg/api/errors"
|
||||||
|
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/types"
|
"k8s.io/apimachinery/pkg/types"
|
||||||
"k8s.io/apimachinery/pkg/util/yaml"
|
"k8s.io/apimachinery/pkg/util/yaml"
|
||||||
"sigs.k8s.io/controller-runtime/pkg/client"
|
"sigs.k8s.io/controller-runtime/pkg/client"
|
||||||
@@ -15,8 +15,8 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
var logConnectSetup = logf.Log.WithName("ConnectSetup")
|
var logConnectSetup = logf.Log.WithName("ConnectSetup")
|
||||||
var deploymentPath = "deploy/connect/deployment.yaml"
|
var deploymentPath = "config/connect/deployment.yaml"
|
||||||
var servicePath = "deploy/connect/service.yaml"
|
var servicePath = "config/connect/service.yaml"
|
||||||
|
|
||||||
func SetupConnect(kubeClient client.Client, deploymentNamespace string) error {
|
func SetupConnect(kubeClient client.Client, deploymentNamespace string) error {
|
||||||
err := setupService(kubeClient, servicePath, deploymentNamespace)
|
err := setupService(kubeClient, servicePath, deploymentNamespace)
|
||||||
|
|||||||
@@ -23,9 +23,9 @@ func TestServiceSetup(t *testing.T) {
|
|||||||
objs := []runtime.Object{}
|
objs := []runtime.Object{}
|
||||||
|
|
||||||
// Create a fake client to mock API calls.
|
// Create a fake client to mock API calls.
|
||||||
client := fake.NewFakeClientWithScheme(s, objs...)
|
client := fake.NewClientBuilder().WithScheme(s).WithRuntimeObjects(objs...).Build()
|
||||||
|
|
||||||
err := setupService(client, "../../deploy/connect/service.yaml", defaultNamespacedName.Namespace)
|
err := setupService(client, "../../config/connect/service.yaml", defaultNamespacedName.Namespace)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Error Setting Up Connect: %v", err)
|
t.Errorf("Error Setting Up Connect: %v", err)
|
||||||
@@ -48,9 +48,9 @@ func TestDeploymentSetup(t *testing.T) {
|
|||||||
objs := []runtime.Object{}
|
objs := []runtime.Object{}
|
||||||
|
|
||||||
// Create a fake client to mock API calls.
|
// Create a fake client to mock API calls.
|
||||||
client := fake.NewFakeClientWithScheme(s, objs...)
|
client := fake.NewClientBuilder().WithScheme(s).WithRuntimeObjects(objs...).Build()
|
||||||
|
|
||||||
err := setupDeployment(client, "../../deploy/connect/deployment.yaml", defaultNamespacedName.Namespace)
|
err := setupDeployment(client, "../../config/connect/deployment.yaml", defaultNamespacedName.Namespace)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Error Setting Up Connect: %v", err)
|
t.Errorf("Error Setting Up Connect: %v", err)
|
||||||
|
|||||||
Reference in New Issue
Block a user