From fd837bf976bb85c30fbcfe3569fe134afbb5e9fd Mon Sep 17 00:00:00 2001 From: JesseBot Date: Fri, 18 Aug 2023 10:20:20 +0200 Subject: [PATCH] network policy is configurable and optional now :) (#63) --- charts/bitwarden-eso-provider/Chart.yaml | 2 +- charts/bitwarden-eso-provider/README.md | 4 +++- .../bitwarden-eso-provider/templates/network-policy.yaml | 4 +++- charts/bitwarden-eso-provider/values.yaml | 7 +++++++ 4 files changed, 14 insertions(+), 3 deletions(-) diff --git a/charts/bitwarden-eso-provider/Chart.yaml b/charts/bitwarden-eso-provider/Chart.yaml index be7102a..e0e94e8 100644 --- a/charts/bitwarden-eso-provider/Chart.yaml +++ b/charts/bitwarden-eso-provider/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.0 +version: 0.3.1 # renovate: image=jessebot/bweso appVersion: "v0.2.0" diff --git a/charts/bitwarden-eso-provider/README.md b/charts/bitwarden-eso-provider/README.md index 69f3448..31b30e2 100644 --- a/charts/bitwarden-eso-provider/README.md +++ b/charts/bitwarden-eso-provider/README.md @@ -1,6 +1,6 @@ # bitwarden-eso-provider -![Version: 0.3.0](https://img.shields.io/badge/Version-0.3.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.2.0](https://img.shields.io/badge/AppVersion-v0.2.0-informational?style=flat-square) +![Version: 0.3.1](https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v0.2.0](https://img.shields.io/badge/AppVersion-v0.2.0-informational?style=flat-square) Helm chart to use Bitwarden as a Provider for External Secrets Operator @@ -36,6 +36,8 @@ Helm chart to use Bitwarden as a Provider for External Secrets Operator | image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | | | nameOverride | string | `""` | this overrides the name of the chart | +| network_policy.enabled | bool | `true` | enable a network policy between bitwarden_eso_provider and external-secrets-operator | +| network_policy.labels | object | `{"app.kubernetes.io/name":"external-secrets"}` | specify the labels you'd like to match against for the network policy | | nodeSelector | object | `{}` | | | podAnnotations | object | `{}` | additional annotations to apply to the bitwarden ESO provider pod | | podSecurityContext | object | `{}` | | diff --git a/charts/bitwarden-eso-provider/templates/network-policy.yaml b/charts/bitwarden-eso-provider/templates/network-policy.yaml index 753cde3..84e6157 100644 --- a/charts/bitwarden-eso-provider/templates/network-policy.yaml +++ b/charts/bitwarden-eso-provider/templates/network-policy.yaml @@ -1,3 +1,4 @@ +{{- if .Values.network_policy }} --- kind: NetworkPolicy apiVersion: networking.k8s.io/v1 @@ -12,4 +13,5 @@ spec: - from: - namespaceSelector: matchLabels: - kubernetes.io/metadata.name: external-secrets + {{ toYaml .Values.network_policy.labels | indent 2 }} +{{- end }} diff --git a/charts/bitwarden-eso-provider/values.yaml b/charts/bitwarden-eso-provider/values.yaml index c0a0493..6e4b743 100644 --- a/charts/bitwarden-eso-provider/values.yaml +++ b/charts/bitwarden-eso-provider/values.yaml @@ -100,3 +100,10 @@ nodeSelector: {} tolerations: [] affinity: {} + +network_policy: + # -- enable a network policy between bitwarden_eso_provider and external-secrets-operator + enabled: true + # -- specify the labels you'd like to match against for the network policy + labels: + app.kubernetes.io/name: external-secrets