Merge pull request #29 from 1Password/release/v1.0.1

Release v1.0.1

.VERSION

@@ -1 +1 @@
-v1.0.0
+v1.0.1

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,36 @@
+---
+name: Bug report
+about: Report bugs and errors found while using the Operator.
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+### Your environment
+
+<!-- Version of the Operator when the error occurred -->
+Operator Version:
+
+<!-- What version of the Connect server are you running?
+You can get this information from the Integrations section in 1Password
+https://start.1password.com/integrations/active
+-->
+Connect Server Version:
+
+<!-- What version of Kubernetes have you deployed the operator to? -->
+Kubernetes Version:
+
+## What happened?
+<!-- Describe the bug or error -->
+
+## What did you expect to happen?
+<!-- Describe what should have happened -->
+
+## Steps to reproduce
+1. <!-- Describe Steps to reproduce the issue -->
+
+
+## Notes & Logs
+<!-- Paste any logs here that may help with debugging.
+Remember to remove any sensitive information before sharing! -->

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,9 @@
+# docs: https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
+blank_issues_enabled: true
+contact_links:
+  - name: 1Password Community
+    url: https://1password.community/categories/secrets-automation
+    about: Please ask general Secrets Automation questions here.
+  - name: 1Password Security Bug Bounty
+    url: https://bugcrowd.com/agilebits
+    about: Please report security vulnerabilities here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,32 @@
+---
+name: Feature request
+about: Suggest an idea for the Operator
+title: ''
+labels: feature-request
+assignees: ''
+
+---
+
+### Summary
+<!-- Briefly describe the feature in one or two sentences. You can include more details later. -->
+
+### Use cases
+<!-- Describe the use cases that make this feature useful to others.
+The description should help the reader understand why the feature is necessary.
+The better we understand your use case, the better we can help create an appropriate solution. -->
+
+### Proposed solution
+<!-- If you already have an idea for how the feature should work, use this space to describe it.
+We'll work with you to find a workable approach, and any implementation details are appreciated.
+-->
+
+### Is there a workaround to accomplish this today?
+<!-- If there's a way to accomplish this feature request without changes to the codebase, we'd like to hear it.
+-->
+
+### References & Prior Work
+<!-- If a similar feature was implemented in another project or tool, add a link so we can better understand your request.
+Links to relevant documentation or RFCs are also appreciated. -->
+
+* <!-- Reference 1 -->
+* <!-- Reference 2, etc -->

.github/workflows/release.yml

@@ -1,13 +1,15 @@
-name: goreleaser
+name: release
 
 on:
   push:
     tags:
-      - '*'
+      - 'v*'
 
 jobs:
-  goreleaser:
+  release-docker:
     runs-on: ubuntu-latest
+    env:
+      DOCKER_CLI_EXPERIMENTAL: "enabled"
     steps:
       -
         name: Checkout
@@ -15,15 +17,38 @@ jobs:
         with:
           fetch-depth: 0
       -
-        name: Set up Go
-        uses: actions/setup-go@v2
+        name: Docker meta
+        id: meta
+        uses: crazy-max/ghaction-docker-meta@v2
         with:
-          go-version: 1.15
+          images: |
+            1password/onepassword-operator
+          # Publish image for x.y.z and x.y
+          # The latest tag is automatically added for semver tags
+          tags: |
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
       -
-        name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v2
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Docker Login
+        uses: docker/login-action@v1
         with:
-          version: latest
-          args: release --rm-dist
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            operator_version=${{ github.event.ref }}

.goreleaser.yml

@@ -1,55 +0,0 @@
-project_name: onepassword-operator
-builds:
-  - env:
-      - CGO_ENABLED=0
-    binary: manager
-    main: ./cmd/manager/main.go
-    flags:
-      - -mod=vendor
-      - -trimpath
-    ldflags:
-      - -s -w -X "github.com/1Password/onepassword-operator/version.Version={{ .Version }}"
-    mod_timestamp: '{{ .CommitTimestamp }}'
-    goos:
-      - linux
-    goarch:
-      - amd64
-      - arm64
-dockers:
-  - image_templates: ["1password/{{ .ProjectName }}:{{ .Version }}-amd64"]
-    goos: linux
-    goarch: amd64
-    dockerfile: Dockerfile-goreleaser
-    use_buildx: true
-    extra_files:
-      - deploy/connect/
-    build_flag_templates:
-      - --platform=linux/amd64
-      - --label=org.opencontainers.image.title={{ .ProjectName }}
-      - --label=org.opencontainers.image.description={{ .ProjectName }}
-      - --label=org.opencontainers.image.url=https://github.com/1Password/onepassword-operator
-      - --label=org.opencontainers.image.source=https://github.com/1Password/onepassword-operator
-      - --label=org.opencontainers.image.version={{ .Version }}
-      - --label=org.opencontainers.image.revision={{ .FullCommit }}
-      - --label=org.opencontainers.image.licenses=MIT
-  - image_templates: ["1password/{{ .ProjectName }}:{{ .Version }}-arm64v8"]
-    goos: linux
-    goarch: arm64
-    dockerfile: Dockerfile-goreleaser
-    use_buildx: true
-    extra_files:
-      - deploy/connect/
-    build_flag_templates:
-      - --platform=linux/arm64/v8
-      - --label=org.opencontainers.image.title={{ .ProjectName }}
-      - --label=org.opencontainers.image.description={{ .ProjectName }}
-      - --label=org.opencontainers.image.url=https://github.com/1Password/onepassword-operator
-      - --label=org.opencontainers.image.source=https://github.com/1Password/onepassword-operator
-      - --label=org.opencontainers.image.version={{ .Version }}
-      - --label=org.opencontainers.image.revision={{ .FullCommit }}
-      - --label=org.opencontainers.image.licenses=MIT
-docker_manifests:
-  - name_template: 1password/{{ .ProjectName }}:{{ .Version }}
-    image_templates:
-      - 1password/{{ .ProjectName }}:{{ .Version }}-amd64
-      - 1password/{{ .ProjectName }}:{{ .Version }}-arm64v8

CHANGELOG.md

@@ -12,6 +12,15 @@
 
 ---
 
+[//]: # (START/v1.0.1)
+# v1.0.1
+
+## Features
+* This release also contains an arm64 Docker image. {#20}
+* Docker images are also pushed to the :latest and :<major>.<minor> tags.
+
+---
+
 [//]: # (START/v1.0.0)
 # v1.0.0
 

Dockerfile

@@ -14,8 +14,6 @@ COPY vendor/ vendor/
 # Build
 ARG operator_version=dev
 RUN CGO_ENABLED=0 \
-    GOOS=linux \
-    GOARCH=amd64 \
     GO111MODULE=on \
     go build \
     -ldflags "-X version.Version=$operator_version" \

Dockerfile-goreleaser

@@ -1,9 +0,0 @@
-# Use distroless as minimal base image to package the manager binary
-# Refer to https://github.com/GoogleContainerTools/distroless for more details
-FROM gcr.io/distroless/static:nonroot
-WORKDIR /
-COPY ./manager .
-USER nonroot:nonroot
-COPY deploy/connect/ deploy/connect/
-
-ENTRYPOINT ["/manager"]

README.md

@@ -102,7 +102,7 @@ To create a Kubernetes Secret from a 1Password item, create a yaml file with the
 
 ```yaml
 apiVersion: onepassword.com/v1
-kind: OnePasswordItem # {insert_new_name}
+kind: OnePasswordItem
 metadata:
   name: <item_name> #this name will also be used for naming the generated kubernetes secret
 spec:
@@ -131,8 +131,8 @@ kind: Deployment
 metadata:
   name: deployment-example
   annotations:
-    operator.1password.io/item-path: "vaults/{vault_id_or_title}/items/{item_id_or_title}"
-    operator.1password.io/item-name: "{secret_name}"
+    operator.1password.io/item-path: "vaults/<vault_id_or_title>/items/<item_id_or_title>"
+    operator.1password.io/item-name: "<secret_name>"
 ```
 
 Applying this yaml file will create a Kubernetes Secret with the name `<secret_name>` and contents from the location specified at the specified Item Path.