1Password/onepassword-operator
1
0
Fork 0
mirror of https://github.com/1Password/onepassword-operator.git synced 2025-10-22 07:28:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
176 Commits 18 Branches 18 Tags
23b66f73af0f8c19039cd1818fb377b07117cceb
Commit Graph

69 Commits

Author SHA1 Message Date
Eddy Filip
75501e5b1c Add missing packages 
- `version` is used for getting the operator version and the operator SDK version in the logs.
- `k8suitl` is extracted from the operator-sdk to be able to fetch the namespace the operator is deployed to. This is used to deploy Connect in the same namespace if `MANAGE_CONNECT` is set to `true`. In the future, we may want to no rely on this, since this functionality is internal in the operator-sdk.
 2022-09-13 16:10:25 +03:00
Eddy Filip
28c3ffade7 Add yaml files for deploying Connect 
These yaml files are used when the environment variable `MANAGE_CONNECT` for the operator is set to `true`.
 2022-09-13 16:08:26 +03:00
Eddy Filip
e276ca1148 Clean test code 2022-09-13 15:57:53 +03:00
Eddy Filip
be7b63c37e Update Connect mock client to reflect the latest version of Connect client 2022-09-13 15:56:42 +03:00
Eddy Filip
622fcd64b8 Add packages 
- Add the packages that help the operator work as expected.
- Update `go.mod` by running `go mod tidy`.
 2022-09-13 15:40:39 +03:00
Eddy Filip
1aa1a3f546 Clear repo 
To be able to perform the migration, we need to start from an empty directory/repo.
 2022-09-13 12:26:08 +03:00
Joris Coenen
867e699030 Remove ready field from status 
The usage of such a field is considered deprecated, conditions
should be used instead.

If there is a use-case that is not covered by conditions only
we can always reconsider adding an extra field to the status.

See the k8s guidelines for more details on the deprecation:
https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
 2022-06-22 11:39:54 +02:00
Joris Coenen
ffab2cfdab Merge remote-tracking branch 'origin/main' into item-status 2022-06-22 11:33:23 +02:00
Joris Coenen
00436b4aee Place back description in CRD 
This comment was placed manually and therefore
disappeared when regenerating the CRDs.
 2022-06-21 14:38:48 +02:00
Joris Coenen
0ca3415a47 Merge pull request #113 from tim-oster/main 
Fix auto deployment restart dropping original pod annotations
 2022-06-15 18:21:59 +02:00
Joris Coenen
6c20db47d6 Add Status field to OnePasswordItem resource 
This makes it easier to see whehter the controller
succeeded in creating the Kubernetes secret for a
OnePasswordItem. If something failed, the `ready` field
will be `false` and the `OnePasswordItemReady` condition
will have a `status` of `False` with the error messages
in the `message` field.
 2022-06-15 17:46:56 +02:00
Tim Oster
874d5c57f9 Fix auto deployment restart dropping original pod annotations 2022-05-16 12:10:13 +02:00
Xabier Larrakoetxea
123cfa2c86 Avoid returning an error on secret update when secret types 'Opaque' and 'empty string' are treated as different 
Signed-off-by: Xabier Larrakoetxea <me@slok.dev>
 2022-04-14 11:08:51 +02:00
Joris Coenen
6326a856ae Fix test 
Annotations are no longer copied from the deployment to the secret,
so the test should not assert that the secret has a name annotation.
 2022-04-12 10:41:11 +02:00
Joris Coenen
1ddf92c5a0 Merge branch 'main' into secret-annotations 2022-04-12 10:15:32 +02:00
Joris Coenen
afa076d321 Stop copying annotations from OnePasswordItem and Deployment to Secret 
There is no reason for random annotations to be carried over. This
can lead to weird problems like the `kubectl.kubernetes.io/last-applied-configuration`
annotation ending up on a Secret.
 2022-04-11 15:55:28 +02:00
Joris Coenen
d4b04c233c Add missing error checks 2022-04-11 12:12:58 +02:00
Joris Coenen
ea68cfc2b4 Persist OwnerReferences when 1Password item is updated 2022-04-11 12:12:58 +02:00
Xabier Larrakoetxea
79868ae374 Add owner reference to the created secrets 
Signed-off-by: Xabier Larrakoetxea <me@slok.dev>
 2022-04-05 20:31:42 +02:00
Marton Soos
0b5efc8690 Merge branch 'main' into secret-path-updates 2022-03-28 15:30:46 +02:00
Marton Soos
62e55a3f19 Update tests and mock client 2022-03-24 12:13:34 +01:00
Marton Soos
d6f7b80c40 Log a message if a file on an item is ignored due to a field with the same name 2022-03-24 11:56:33 +01:00
Marton Soos
a903f9b1af Also add file data to kubernetes secrets 2022-03-24 11:37:24 +01:00
Marton Soos
b1e251dee6 Merge pull request #74 from Nuglif/main 
Verify secrets and FromEnv in addition to Env
 2022-02-18 20:13:08 +01:00
Marton Soos
b16960057a Update tests and add new test 2022-02-18 10:47:14 +01:00
Marton Soos
285496dc7e Error when secret type is changed 2022-02-18 10:27:48 +01:00
Marton Soos
f38cf7e1c2 Fix tests and add new test 2022-02-17 21:23:22 +01:00
Marton Soos
bb7a0c8ca9 Simplify secret type cast and default to Opaque 2022-02-17 19:36:49 +01:00
Marton Soos
302653832e Account for the fact that the '' type and Opaque are equivalent on secret comparison 2022-02-17 19:18:33 +01:00
Marton Soos
a1bcfdfdcb Merge branch 'main' into feature/kubernetes-secret-types 2022-02-17 17:54:17 +01:00
Andres Montalban
5d229c42d5 feat: Allow configuration of the Kubernetes Secret type to be created 2021-11-18 08:32:55 -03:00
Samuel Archambault
d9e003bdb7 cleanup comments 2021-09-24 14:02:46 -04:00
Samuel Archambault
b25f943b3a Verify secrets and FromEnv in addition to Env 2021-09-24 13:51:05 -04:00
Samuel Archambault
5fab662424 More logging if 1password item cant be read and continue processing others 2021-09-24 11:03:47 -04:00
mcmarkj
a760e524ea Merge branch 'main' of github.com:1Password/onepassword-operator into secret-path-updates 2021-09-13 13:28:25 +01:00
Floris van der Grinten
7aeb36e383 Merge pull request #66 from 1Password/fix/handling-key-names 
Handling key names
 2021-09-13 13:34:44 +02:00
Eddy Filip
670040477e Add max length for secret key names 
Max length for secret key names must be DNS1123 compliant (253)
 2021-09-08 16:02:08 +03:00
Eddy Filip
a45a310611 Make secret names DNS1123 Subdomain compiant 
This is done while ensuring that secret keys are compliant (contain alphanumeric characters, `-`, `_` and `.`)
 2021-09-08 15:36:40 +03:00
Eddy Filip
d80e8dd799 Add tests with names that contain . and _ 2021-09-08 13:58:48 +03:00
Eddy Filip
88728909ff Adjust regex to support _ and . and trim them 
Now secret names can also contain `_` and `.` and they will be trimmed from start and end of string to be DNS1123 compliant
 2021-09-08 13:49:32 +03:00
Marton Soos
e365ebfdfa Fix tests 2021-09-03 15:42:02 +03:00
Marton Soos
2c4b4df01a Do not make secret names lowercase on normalization 2021-09-03 15:41:46 +03:00
mcmarkj
19f774bb2d Merge branch 'main' of github.com:1Password/onepassword-operator into secret-path-updates 2021-08-19 16:17:57 +01:00
mcmarkj
0193a98681 Merge branch 'main' of github.com:1Password/onepassword-operator into pass-labels-and-annotations 2021-08-19 16:15:02 +01:00
mcmarkj
f241d7423d Use deepequal 2021-08-19 16:11:29 +01:00
Eddy Filip
8cfe98073e Improve testing 
Fix previous tests and add test for items with field names that are not valid DNS subdomain names.
 2021-08-16 14:51:44 +02:00
david.gunter
96b42e7c52 Label normalizer now fixes both Secret names and data keys. 
Each key in the `data` section of a secret must also be a valid DNS subdomain. The operator needs to "fix" the 1Password item fields before trying to create the secret.
 2021-08-06 13:18:21 -07:00
david.gunter
579b5848da Add secret name normalizer to the operator. 
The operator will now reformat 1Password item names to become valid names K8s Secret objects. Secret names must be a valid DNS subdomain name. See more: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names
 2021-08-05 16:39:55 -07:00
mcmarkj
dff934cbc3 Fix tests 2021-08-04 06:33:56 +01:00
mcmarkj
2096f4440f add logic for checking for label or annotation updates 2021-08-03 21:32:04 +01:00