|
|
@@ -0,0 +1,2370 @@
|
|
|
+
|
|
|
+<!doctype html>
|
|
|
+<html lang="en" class="no-js">
|
|
|
+ <head>
|
|
|
+
|
|
|
+ <meta charset="utf-8">
|
|
|
+ <meta name="viewport" content="width=device-width,initial-scale=1">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <link rel="icon" href="../../assets/images/favicon.png">
|
|
|
+ <meta name="generator" content="mkdocs-1.2.3, mkdocs-material-8.1.10">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <title>BitWarden - External Secrets Operator</title>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <link rel="stylesheet" href="../../assets/stylesheets/main.d6be258b.min.css">
|
|
|
+
|
|
|
+
|
|
|
+ <link rel="stylesheet" href="../../assets/stylesheets/palette.e6a45f82.min.css">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
|
|
|
+ <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700%7CRoboto+Mono&display=fallback">
|
|
|
+ <style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <script>__md_scope=new URL("../..",location),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <script>function gtag(){dataLayer.push(arguments)}window.dataLayer=window.dataLayer||[],gtag("js",new Date),gtag("config","G-QP38TD8K7V"),document.addEventListener("DOMContentLoaded",function(){document.forms.search&&document.forms.search.query.addEventListener("blur",function(){this.value&>ag("event","search",{search_term:this.value})}),"undefined"!=typeof location$&&location$.subscribe(function(e){gtag("config","G-QP38TD8K7V",{page_path:e.pathname})})})</script>
|
|
|
+ <script async src="https://www.googletagmanager.com/gtag/js?id=G-QP38TD8K7V"></script>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </head>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <body dir="ltr" data-md-color-scheme="" data-md-color-primary="none" data-md-color-accent="none">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
|
|
|
+ <input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
|
|
|
+ <label class="md-overlay" for="__drawer"></label>
|
|
|
+ <div data-md-component="skip">
|
|
|
+
|
|
|
+
|
|
|
+ <a href="#bitwarden-support-using-webhook-provider" class="md-skip">
|
|
|
+ Skip to content
|
|
|
+ </a>
|
|
|
+
|
|
|
+ </div>
|
|
|
+ <div data-md-component="announce">
|
|
|
+
|
|
|
+ </div>
|
|
|
+
|
|
|
+ <div data-md-component="outdated" hidden>
|
|
|
+ <aside class="md-banner md-banner--warning">
|
|
|
+
|
|
|
+ <div class="md-banner__inner md-grid md-typeset">
|
|
|
+
|
|
|
+ You're not viewing the latest version.
|
|
|
+ <a href="../../..">
|
|
|
+ <strong>Click here to go to latest.</strong>
|
|
|
+ </a>
|
|
|
+
|
|
|
+ </div>
|
|
|
+ <script>var el=document.querySelector("[data-md-component=outdated]"),outdated=__md_get("__outdated",sessionStorage);!0===outdated&&el&&(el.hidden=!1)</script>
|
|
|
+
|
|
|
+ </aside>
|
|
|
+ </div>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+<header class="md-header" data-md-component="header">
|
|
|
+ <nav class="md-header__inner md-grid" aria-label="Header">
|
|
|
+ <a href="../.." title="External Secrets Operator" class="md-header__button md-logo" aria-label="External Secrets Operator" data-md-component="logo">
|
|
|
+
|
|
|
+
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg>
|
|
|
+
|
|
|
+ </a>
|
|
|
+ <label class="md-header__button md-icon" for="__drawer">
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2z"/></svg>
|
|
|
+ </label>
|
|
|
+ <div class="md-header__title" data-md-component="header-title">
|
|
|
+ <div class="md-header__ellipsis">
|
|
|
+ <div class="md-header__topic">
|
|
|
+ <span class="md-ellipsis">
|
|
|
+ External Secrets Operator
|
|
|
+ </span>
|
|
|
+ </div>
|
|
|
+ <div class="md-header__topic" data-md-component="header-topic">
|
|
|
+ <span class="md-ellipsis">
|
|
|
+
|
|
|
+ BitWarden
|
|
|
+
|
|
|
+ </span>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-header__button md-icon" for="__search">
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
|
|
|
+ </label>
|
|
|
+ <div class="md-search" data-md-component="search" role="dialog">
|
|
|
+ <label class="md-search__overlay" for="__search"></label>
|
|
|
+ <div class="md-search__inner" role="search">
|
|
|
+ <form class="md-search__form" name="search">
|
|
|
+ <input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
|
|
|
+ <label class="md-search__icon md-icon" for="__search">
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"/></svg>
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
|
|
|
+ </label>
|
|
|
+ <nav class="md-search__options" aria-label="Search">
|
|
|
+
|
|
|
+ <button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"/></svg>
|
|
|
+ </button>
|
|
|
+ </nav>
|
|
|
+
|
|
|
+ </form>
|
|
|
+ <div class="md-search__output">
|
|
|
+ <div class="md-search__scrollwrap" data-md-scrollfix>
|
|
|
+ <div class="md-search-result" data-md-component="search-result">
|
|
|
+ <div class="md-search-result__meta">
|
|
|
+ Initializing search
|
|
|
+ </div>
|
|
|
+ <ol class="md-search-result__list"></ol>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+</div>
|
|
|
+
|
|
|
+
|
|
|
+ <div class="md-header__source">
|
|
|
+ <a href="https://github.com/external-secrets/external-secrets/" title="Go to repository" class="md-source" data-md-component="source">
|
|
|
+ <div class="md-source__icon md-icon">
|
|
|
+
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
|
|
|
+ </div>
|
|
|
+ <div class="md-source__repository">
|
|
|
+ External Secrets Operator
|
|
|
+ </div>
|
|
|
+</a>
|
|
|
+ </div>
|
|
|
+
|
|
|
+ </nav>
|
|
|
+
|
|
|
+</header>
|
|
|
+
|
|
|
+ <div class="md-container" data-md-component="container">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+<nav class="md-tabs" aria-label="Tabs" data-md-component="tabs">
|
|
|
+ <div class="md-tabs__inner md-grid">
|
|
|
+ <ul class="md-tabs__list">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-tabs__item">
|
|
|
+ <a href="../.." class="md-tabs__link">
|
|
|
+ Introduction
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-tabs__item">
|
|
|
+ <a href="../../api/components/" class="md-tabs__link">
|
|
|
+ API
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-tabs__item">
|
|
|
+ <a href="../../guides/introduction/" class="md-tabs__link">
|
|
|
+ Guides
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-tabs__item">
|
|
|
+ <a href="../../provider/aws-secrets-manager/" class="md-tabs__link">
|
|
|
+ Provider
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-tabs__item">
|
|
|
+ <a href="../gitops-using-fluxcd/" class="md-tabs__link md-tabs__link--active">
|
|
|
+ Examples
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-tabs__item">
|
|
|
+ <a href="../../contributing/devguide/" class="md-tabs__link">
|
|
|
+ Community
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </div>
|
|
|
+</nav>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <main class="md-main" data-md-component="main">
|
|
|
+ <div class="md-main__inner md-grid">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
|
|
|
+ <div class="md-sidebar__scrollwrap">
|
|
|
+ <div class="md-sidebar__inner">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+<nav class="md-nav md-nav--primary md-nav--lifted" aria-label="Navigation" data-md-level="0">
|
|
|
+ <label class="md-nav__title" for="__drawer">
|
|
|
+ <a href="../.." title="External Secrets Operator" class="md-nav__button md-logo" aria-label="External Secrets Operator" data-md-component="logo">
|
|
|
+
|
|
|
+
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 8a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3 3 3 0 0 0 3 3m0 3.54C9.64 9.35 6.5 8 3 8v11c3.5 0 6.64 1.35 9 3.54 2.36-2.19 5.5-3.54 9-3.54V8c-3.5 0-6.64 1.35-9 3.54z"/></svg>
|
|
|
+
|
|
|
+ </a>
|
|
|
+ External Secrets Operator
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <div class="md-nav__source">
|
|
|
+ <a href="https://github.com/external-secrets/external-secrets/" title="Go to repository" class="md-source" data-md-component="source">
|
|
|
+ <div class="md-source__icon md-icon">
|
|
|
+
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
|
|
|
+ </div>
|
|
|
+ <div class="md-source__repository">
|
|
|
+ External Secrets Operator
|
|
|
+ </div>
|
|
|
+</a>
|
|
|
+ </div>
|
|
|
+
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_1" data-md-state="indeterminate" type="checkbox" id="__nav_1" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <div class="md-nav__link md-nav__link--index ">
|
|
|
+ <a href="../..">Introduction</a>
|
|
|
+
|
|
|
+ <label for="__nav_1">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ </div>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Introduction" data-md-level="1">
|
|
|
+ <label class="md-nav__title" for="__nav_1">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Introduction
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../introduction/overview/" class="md-nav__link">
|
|
|
+ Overview
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../introduction/getting-started/" class="md-nav__link">
|
|
|
+ Getting started
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../introduction/faq/" class="md-nav__link">
|
|
|
+ FAQ
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../introduction/stability-support/" class="md-nav__link">
|
|
|
+ Stability and Support
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../introduction/deprecation-policy/" class="md-nav__link">
|
|
|
+ Deprecation Policy
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2" data-md-state="indeterminate" type="checkbox" id="__nav_2" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_2">
|
|
|
+ API
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="API" data-md-level="1">
|
|
|
+ <label class="md-nav__title" for="__nav_2">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ API
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/components/" class="md-nav__link">
|
|
|
+ Components
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_2" data-md-state="indeterminate" type="checkbox" id="__nav_2_2" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_2_2">
|
|
|
+ Core Resources
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Core Resources" data-md-level="2">
|
|
|
+ <label class="md-nav__title" for="__nav_2_2">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Core Resources
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/externalsecret/" class="md-nav__link">
|
|
|
+ ExternalSecret
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/secretstore/" class="md-nav__link">
|
|
|
+ SecretStore
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/clustersecretstore/" class="md-nav__link">
|
|
|
+ ClusterSecretStore
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/clusterexternalsecret/" class="md-nav__link">
|
|
|
+ ClusterExternalSecret
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/pushsecret/" class="md-nav__link">
|
|
|
+ PushSecret
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_3" data-md-state="indeterminate" type="checkbox" id="__nav_2_3" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <div class="md-nav__link md-nav__link--index ">
|
|
|
+ <a href="../../api/generator/">Generators</a>
|
|
|
+
|
|
|
+ <label for="__nav_2_3">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ </div>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Generators" data-md-level="2">
|
|
|
+ <label class="md-nav__title" for="__nav_2_3">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Generators
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/generator/acr/" class="md-nav__link">
|
|
|
+ Azure Container Registry
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/generator/ecr/" class="md-nav__link">
|
|
|
+ AWS Elastic Container Registry
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/generator/gcr/" class="md-nav__link">
|
|
|
+ Google Container Registry
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/generator/vault/" class="md-nav__link">
|
|
|
+ Vault Dynamic Secret
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/generator/password/" class="md-nav__link">
|
|
|
+ Password
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/generator/fake/" class="md-nav__link">
|
|
|
+ Fake
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_2_4" data-md-state="indeterminate" type="checkbox" id="__nav_2_4" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_2_4">
|
|
|
+ Reference Docs
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Reference Docs" data-md-level="2">
|
|
|
+ <label class="md-nav__title" for="__nav_2_4">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Reference Docs
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/spec/" class="md-nav__link">
|
|
|
+ API specification
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/controller-options/" class="md-nav__link">
|
|
|
+ Controller Options
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../api/metrics/" class="md-nav__link">
|
|
|
+ Metrics
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3" data-md-state="indeterminate" type="checkbox" id="__nav_3" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_3">
|
|
|
+ Guides
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Guides" data-md-level="1">
|
|
|
+ <label class="md-nav__title" for="__nav_3">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Guides
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/introduction/" class="md-nav__link">
|
|
|
+ Introduction
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_3_2" data-md-state="indeterminate" type="checkbox" id="__nav_3_2" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_3_2">
|
|
|
+ Advanced Templating
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Advanced Templating" data-md-level="2">
|
|
|
+ <label class="md-nav__title" for="__nav_3_2">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Advanced Templating
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/templating/" class="md-nav__link">
|
|
|
+ v2
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/templating-v1/" class="md-nav__link">
|
|
|
+ v1
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/generator/" class="md-nav__link">
|
|
|
+ Generators
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/all-keys-one-secret/" class="md-nav__link">
|
|
|
+ All keys, One secret
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/common-k8s-secret-types/" class="md-nav__link">
|
|
|
+ Common K8S Secret Types
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/controller-class/" class="md-nav__link">
|
|
|
+ Controller Classes
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/ownership-deletion-policy/" class="md-nav__link">
|
|
|
+ Lifecycle: ownership & deletion
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/decoding-strategy/" class="md-nav__link">
|
|
|
+ Decoding Strategies
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/getallsecrets/" class="md-nav__link">
|
|
|
+ Getting Multiple Secrets
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/multi-tenancy/" class="md-nav__link">
|
|
|
+ Multi Tenancy
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/datafrom-rewrite/" class="md-nav__link">
|
|
|
+ Rewriting Keys
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/v1beta1/" class="md-nav__link">
|
|
|
+ Upgrading to v1beta1
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/using-latest-image/" class="md-nav__link">
|
|
|
+ Using Latest Image
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../guides/disable-cluster-features/" class="md-nav__link">
|
|
|
+ Disable Cluster Features
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_4" data-md-state="indeterminate" type="checkbox" id="__nav_4" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_4">
|
|
|
+ Provider
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Provider" data-md-level="1">
|
|
|
+ <label class="md-nav__title" for="__nav_4">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Provider
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/aws-secrets-manager/" class="md-nav__link">
|
|
|
+ AWS Secrets Manager
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/aws-parameter-store/" class="md-nav__link">
|
|
|
+ AWS Parameter Store
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/azure-key-vault/" class="md-nav__link">
|
|
|
+ Azure Key Vault
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/google-secrets-manager/" class="md-nav__link">
|
|
|
+ Google Secret Manager
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/ibm-secrets-manager/" class="md-nav__link">
|
|
|
+ IBM Secrets Manager
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/akeyless/" class="md-nav__link">
|
|
|
+ Akeyless
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/hashicorp-vault/" class="md-nav__link">
|
|
|
+ HashiCorp Vault
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/yandex-certificate-manager/" class="md-nav__link">
|
|
|
+ Yandex Certificate Manager
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/yandex-lockbox/" class="md-nav__link">
|
|
|
+ Yandex Lockbox
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/gitlab-variables/" class="md-nav__link">
|
|
|
+ Gitlab Variables
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/oracle-vault/" class="md-nav__link">
|
|
|
+ Oracle Vault
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/1password-automation/" class="md-nav__link">
|
|
|
+ 1Password Secrets Automation
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/webhook/" class="md-nav__link">
|
|
|
+ Webhook
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/fake/" class="md-nav__link">
|
|
|
+ Fake
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/kubernetes/" class="md-nav__link">
|
|
|
+ Kubernetes
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/senhasegura-dsm/" class="md-nav__link">
|
|
|
+ senhasegura DevOps Secrets Management (DSM)
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/doppler/" class="md-nav__link">
|
|
|
+ Doppler
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/keeper-security/" class="md-nav__link">
|
|
|
+ Keeper Security
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../provider/scaleway/" class="md-nav__link">
|
|
|
+ Scaleway
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--active md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_5" type="checkbox" id="__nav_5" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_5">
|
|
|
+ Examples
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Examples" data-md-level="1">
|
|
|
+ <label class="md-nav__title" for="__nav_5">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Examples
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../gitops-using-fluxcd/" class="md-nav__link">
|
|
|
+ FluxCD
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../anchore-engine-credentials/" class="md-nav__link">
|
|
|
+ Anchore Engine
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../jenkins-kubernetes-credentials/" class="md-nav__link">
|
|
|
+ Jenkins
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--active">
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link md-nav__link--active" for="__toc">
|
|
|
+ BitWarden
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <a href="./" class="md-nav__link md-nav__link--active">
|
|
|
+ BitWarden
|
|
|
+ </a>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__title" for="__toc">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Table of contents
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#how-is-it-working" class="md-nav__link">
|
|
|
+ How is it working ?
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#requirements" class="md-nav__link">
|
|
|
+ Requirements
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#deploy-bitwarden-credentials" class="md-nav__link">
|
|
|
+ Deploy Bitwarden Credentials
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#deploy-bitwarden-cli-container" class="md-nav__link">
|
|
|
+ Deploy Bitwarden CLI container
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#deploy-clustersecretstore-or-secretstore" class="md-nav__link">
|
|
|
+ Deploy ClusterSecretStore (Or SecretStore)
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#how-to-use-it" class="md-nav__link">
|
|
|
+ How to use it ?
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ </ul>
|
|
|
+
|
|
|
+</nav>
|
|
|
+
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_6" data-md-state="indeterminate" type="checkbox" id="__nav_6" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_6">
|
|
|
+ Community
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Community" data-md-level="1">
|
|
|
+ <label class="md-nav__title" for="__nav_6">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Community
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_6_1" data-md-state="indeterminate" type="checkbox" id="__nav_6_1" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_6_1">
|
|
|
+ Contributing
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="Contributing" data-md-level="2">
|
|
|
+ <label class="md-nav__title" for="__nav_6_1">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Contributing
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../contributing/devguide/" class="md-nav__link">
|
|
|
+ Developer guide
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../contributing/process/" class="md-nav__link">
|
|
|
+ Contributing Process
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../contributing/release/" class="md-nav__link">
|
|
|
+ Release Process
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../contributing/coc/" class="md-nav__link">
|
|
|
+ Code of Conduct
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../contributing/roadmap/" class="md-nav__link">
|
|
|
+ Roadmap
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item md-nav__item--nested">
|
|
|
+
|
|
|
+
|
|
|
+ <input class="md-nav__toggle md-toggle" data-md-toggle="__nav_6_2" data-md-state="indeterminate" type="checkbox" id="__nav_6_2" checked>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__link" for="__nav_6_2">
|
|
|
+ External Resources
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ </label>
|
|
|
+
|
|
|
+ <nav class="md-nav" aria-label="External Resources" data-md-level="2">
|
|
|
+ <label class="md-nav__title" for="__nav_6_2">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ External Resources
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-scrollfix>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../eso-talks/" class="md-nav__link">
|
|
|
+ Talks
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../eso-demos/" class="md-nav__link">
|
|
|
+ Demos
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="../../eso-blogs/" class="md-nav__link">
|
|
|
+ Blogs
|
|
|
+ </a>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+ </nav>
|
|
|
+ </li>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ </ul>
|
|
|
+</nav>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
|
|
|
+ <div class="md-sidebar__scrollwrap">
|
|
|
+ <div class="md-sidebar__inner">
|
|
|
+
|
|
|
+
|
|
|
+<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <label class="md-nav__title" for="__toc">
|
|
|
+ <span class="md-nav__icon md-icon"></span>
|
|
|
+ Table of contents
|
|
|
+ </label>
|
|
|
+ <ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#how-is-it-working" class="md-nav__link">
|
|
|
+ How is it working ?
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#requirements" class="md-nav__link">
|
|
|
+ Requirements
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#deploy-bitwarden-credentials" class="md-nav__link">
|
|
|
+ Deploy Bitwarden Credentials
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#deploy-bitwarden-cli-container" class="md-nav__link">
|
|
|
+ Deploy Bitwarden CLI container
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#deploy-clustersecretstore-or-secretstore" class="md-nav__link">
|
|
|
+ Deploy ClusterSecretStore (Or SecretStore)
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ <li class="md-nav__item">
|
|
|
+ <a href="#how-to-use-it" class="md-nav__link">
|
|
|
+ How to use it ?
|
|
|
+ </a>
|
|
|
+
|
|
|
+</li>
|
|
|
+
|
|
|
+ </ul>
|
|
|
+
|
|
|
+</nav>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+
|
|
|
+
|
|
|
+ <div class="md-content" data-md-component="content">
|
|
|
+ <article class="md-content__inner md-typeset">
|
|
|
+
|
|
|
+
|
|
|
+<a href="https://github.com/external-secrets/external-secrets/edit/main/docs/examples/bitwarden.md" title="Edit this page" class="md-content__button md-icon">
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20.71 7.04c.39-.39.39-1.04 0-1.41l-2.34-2.34c-.37-.39-1.02-.39-1.41 0l-1.84 1.83 3.75 3.75M3 17.25V21h3.75L17.81 9.93l-3.75-3.75L3 17.25z"/></svg>
|
|
|
+</a>
|
|
|
+
|
|
|
+
|
|
|
+<h1 id="bitwarden-support-using-webhook-provider">Bitwarden support using webhook provider</h1>
|
|
|
+<p>Bitwarden is an integrated open source password management solution for individuals, teams, and business organizations.</p>
|
|
|
+<h2 id="how-is-it-working">How is it working ?</h2>
|
|
|
+<p>To make external-secret compatible with BitWarden, we need:</p>
|
|
|
+<ul>
|
|
|
+<li>External-Secret >= 0.8.0</li>
|
|
|
+<li>To use the Webhook Provider</li>
|
|
|
+<li>2 (Cluster)SecretStores</li>
|
|
|
+<li>BitWarden CLI image running <code>bw serve</code></li>
|
|
|
+</ul>
|
|
|
+<p>When you create a new external-secret object,
|
|
|
+External-Secret Webhook provider will do a query to the Bitwarden CLI pod,
|
|
|
+which is synced with the BitWarden server.</p>
|
|
|
+<h2 id="requirements">Requirements</h2>
|
|
|
+<ul>
|
|
|
+<li>Bitwarden account (it works also with VaultWarden)</li>
|
|
|
+<li>A Kubernetes secret which contains your BitWarden Credentials</li>
|
|
|
+<li>You need a Docker image with BitWarden CLI installed.
|
|
|
+ You could use <code>registry.gitlab.com/ttblt-oss/docker-bw:2023.1.0</code> or build your own.</li>
|
|
|
+</ul>
|
|
|
+<p>Here an example of Dockerfile use to build this image:
|
|
|
+<div class="highlight"><pre><span></span><code><span class="k">FROM</span><span class="w"> </span><span class="s">debian:sid</span>
|
|
|
+
|
|
|
+<span class="k">ENV</span><span class="w"> </span><span class="nv">BW_CLI_VERSION</span><span class="o">=</span><span class="m">2023</span>.1.0
|
|
|
+
|
|
|
+<span class="k">RUN</span><span class="w"> </span>apt update <span class="o">&&</span> <span class="se">\</span>
|
|
|
+ apt install -y wget unzip <span class="o">&&</span> <span class="se">\</span>
|
|
|
+ wget https://github.com/bitwarden/clients/releases/download/cli-v<span class="si">${</span><span class="nv">BW_CLI_VERSION</span><span class="si">}</span>/bw-linux-<span class="si">${</span><span class="nv">BW_CLI_VERSION</span><span class="si">}</span>.zip <span class="o">&&</span> <span class="se">\</span>
|
|
|
+ unzip bw-linux-<span class="si">${</span><span class="nv">BW_CLI_VERSION</span><span class="si">}</span>.zip <span class="o">&&</span> <span class="se">\</span>
|
|
|
+ chmod +x bw <span class="o">&&</span> <span class="se">\</span>
|
|
|
+ mv bw /usr/local/bin/bw <span class="o">&&</span> <span class="se">\</span>
|
|
|
+ rm -rfv *.zip
|
|
|
+
|
|
|
+<span class="k">COPY</span><span class="w"> </span>entrypoint.sh /
|
|
|
+
|
|
|
+<span class="k">CMD</span><span class="w"> </span><span class="p">[</span><span class="s2">"/entrypoint.sh"</span><span class="p">]</span>
|
|
|
+</code></pre></div></p>
|
|
|
+<p>And the content of <code>entrypoint.sh</code>
|
|
|
+<div class="highlight"><pre><span></span><code><span class="ch">#!/bin/bash</span>
|
|
|
+
|
|
|
+<span class="nb">set</span> -e
|
|
|
+
|
|
|
+bw config server <span class="si">${</span><span class="nv">BW_HOST</span><span class="si">}</span>
|
|
|
+
|
|
|
+<span class="nb">export</span> <span class="nv">BW_SESSION</span><span class="o">=</span><span class="k">$(</span>bw login <span class="si">${</span><span class="nv">BW_USER</span><span class="si">}</span> --passwordenv BW_PASSWORD --raw<span class="k">)</span>
|
|
|
+
|
|
|
+bw unlock --check
|
|
|
+
|
|
|
+<span class="nb">echo</span> <span class="s1">'Running `bw server` on port 8087'</span>
|
|
|
+bw serve --hostname <span class="m">0</span>.0.0.0 <span class="c1">#--disable-origin-protection</span>
|
|
|
+</code></pre></div></p>
|
|
|
+<h2 id="deploy-bitwarden-credentials">Deploy Bitwarden Credentials</h2>
|
|
|
+<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v1</span><span class="w"></span>
|
|
|
+<span class="nt">data</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">BW_HOST</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">BW_USERNAME</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">BW_PASSWORD</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">....</span><span class="w"></span>
|
|
|
+<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Secret</span><span class="w"></span>
|
|
|
+<span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden</span><span class="w"></span>
|
|
|
+<span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Opaque</span><span class="w"></span>
|
|
|
+</code></pre></div>
|
|
|
+<h2 id="deploy-bitwarden-cli-container">Deploy Bitwarden CLI container</h2>
|
|
|
+<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">apps/v1</span><span class="w"></span>
|
|
|
+<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Deployment</span><span class="w"></span>
|
|
|
+<span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">labels</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/instance</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="nt">spec</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">replicas</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">1</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">strategy</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Recreate</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">selector</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">matchLabels</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/instance</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">template</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">labels</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/instance</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">spec</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">containers</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">YOUR_BITWARDEN_CLI_IMAGE</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">imagePullPolicy</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">IfNotPresent</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">env</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">BW_HOST</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">valueFrom</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">secretKeyRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">BW_HOST</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">BW_USER</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">valueFrom</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">secretKeyRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">BW_USERNAME</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">BW_PASSWORD</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">valueFrom</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">secretKeyRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">BW_PASSWORD</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">ports</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">containerPort</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">8087</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">protocol</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TCP</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">livenessProbe</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">exec</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">command</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">wget</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">-q</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http://127.0.0.1:8087/sync</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">--post-data=''</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">initialDelaySeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">20</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">failureThreshold</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">3</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">timeoutSeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">1</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">periodSeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">120</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">readinessProbe</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">tcpSocket</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">port</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">8087</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">initialDelaySeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">20</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">failureThreshold</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">3</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">timeoutSeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">1</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">periodSeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">startupProbe</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">tcpSocket</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">port</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">8087</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">initialDelaySeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">failureThreshold</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">30</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">timeoutSeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">1</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">periodSeconds</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">5</span><span class="w"></span>
|
|
|
+<span class="nn">---</span><span class="w"></span>
|
|
|
+<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">v1</span><span class="w"></span>
|
|
|
+<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Service</span><span class="w"></span>
|
|
|
+<span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">labels</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/instance</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">annotations</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="nt">spec</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterIP</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">ports</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">port</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">8087</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">targetPort</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">protocol</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">TCP</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">http</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">selector</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/instance</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="nn">---</span><span class="w"></span>
|
|
|
+<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">NetworkPolicy</span><span class="w"></span>
|
|
|
+<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">networking.k8s.io/v1</span><span class="w"></span>
|
|
|
+<span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secret-2-bw-cli</span><span class="w"></span>
|
|
|
+<span class="nt">spec</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">podSelector</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">matchLabels</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/instance</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-cli</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">ingress</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">from</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">podSelector</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">matchLabels</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/instance</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">app.kubernetes.io/name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets</span><span class="w"></span>
|
|
|
+</code></pre></div>
|
|
|
+<blockquote>
|
|
|
+<p>NOTE: Deploying a network policy is recommended since, there is no authentication to query the BitWarden CLI, which means that your secrets are exposed.</p>
|
|
|
+<p>NOTE: In this example the Liveness probe is quering /sync to ensure that the BitWarden CLI is able to connect to the server and also to sync secrets. (The secret sync is only every 2 minutes in this example)</p>
|
|
|
+</blockquote>
|
|
|
+<h2 id="deploy-clustersecretstore-or-secretstore">Deploy ClusterSecretStore (Or SecretStore)</h2>
|
|
|
+<p>Here the two ClusterSecretStore to deploy</p>
|
|
|
+<div class="highlight"><pre><span></span><code><span class="nn">---</span><span class="w"></span>
|
|
|
+<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span><span class="w"></span>
|
|
|
+<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterSecretStore</span><span class="w"></span>
|
|
|
+<span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-login</span><span class="w"></span>
|
|
|
+<span class="nt">spec</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">provider</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">webhook</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="s">"http://bitwarden-cli:8087/object/item/{{</span><span class="nv"> </span><span class="s">.remoteRef.key</span><span class="nv"> </span><span class="s">}}"</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">headers</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">Content-Type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">application/json</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">result</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">jsonPath</span><span class="p">:</span><span class="w"> </span><span class="s">"$.data.login.{{</span><span class="nv"> </span><span class="s">.remoteRef.property</span><span class="nv"> </span><span class="s">}}"</span><span class="w"></span>
|
|
|
+<span class="nn">---</span><span class="w"></span>
|
|
|
+<span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span><span class="w"></span>
|
|
|
+<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterSecretStore</span><span class="w"></span>
|
|
|
+<span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-fields</span><span class="w"></span>
|
|
|
+<span class="nt">spec</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">provider</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">webhook</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">url</span><span class="p">:</span><span class="w"> </span><span class="s">"http://bitwarden-cli:8087/object/item/{{</span><span class="nv"> </span><span class="s">.remoteRef.key</span><span class="nv"> </span><span class="s">}}"</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">result</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">jsonPath</span><span class="p">:</span><span class="w"> </span><span class="s">"$.data.fields[?@.name==\"{{</span><span class="nv"> </span><span class="s">.remoteRef.property</span><span class="nv"> </span><span class="s">}}\"].value"</span><span class="w"></span>
|
|
|
+</code></pre></div>
|
|
|
+<h2 id="how-to-use-it">How to use it ?</h2>
|
|
|
+<ul>
|
|
|
+<li>If you need the <code>username</code> or the <code>password</code> of a secret, you have to use <code>bitwarden-login</code></li>
|
|
|
+<li>If you need a custom field of a secret, you have to use <code>bitwarden-fields</code></li>
|
|
|
+<li>The <code>key</code> is the ID of a secret, which can be find in the URL with the <code>itemId</code> value:
|
|
|
+ <code>https://myvault.com/#/vault?itemId=........-....-....-....-............</code></li>
|
|
|
+<li>The <code>property</code> is the name of the field:</li>
|
|
|
+<li><code>username</code> for the username of a secret (<code>bitwarden-login</code> SecretStore)</li>
|
|
|
+<li><code>password</code> for the password of a secret (<code>bitwarden-login</code> SecretStore)</li>
|
|
|
+<li><code>name_of_the_custom_field</code> for any custom field (<code>bitwarden-fields</code> SecretStore)</li>
|
|
|
+</ul>
|
|
|
+<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span><span class="w"></span>
|
|
|
+<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ExternalSecret</span><span class="w"></span>
|
|
|
+<span class="nt">metadata</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-db-secrets</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">namespace</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">default</span><span class="w"></span>
|
|
|
+<span class="nt">spec</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">target</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">my-db-secrets</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">deletionPolicy</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Delete</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">template</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">type</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">Opaque</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">data</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">username</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">|-</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="no">{{ .username }}</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">password</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">|-</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="no">{{ .password }}</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">postgres-password</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">|-</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="no">{{ .postgres_password }}</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">postgres-replication-password</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">|-</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="no">{{ .postgres_replication_password }}</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">db_url</span><span class="p">:</span><span class="w"> </span><span class="p p-Indicator">|-</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="no">postgresql://{{ .username }}:{{ .password }}@my-postgresql:5432/mydb</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">data</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">secretKey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">username</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">sourceRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">storeRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-login</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterSecretStore</span><span class="w"> </span><span class="c1"># or SecretStore</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">remoteRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">aaaabbbb-cccc-dddd-eeee-000011112222</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">property</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">username</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">secretKey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">password</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">sourceRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">storeRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-login</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterSecretStore</span><span class="w"> </span><span class="c1"># or SecretStore</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">remoteRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">aaaabbbb-cccc-dddd-eeee-000011112222</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">property</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">password</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">secretKey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">postgres_password</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">sourceRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">storeRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-fields</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterSecretStore</span><span class="w"> </span><span class="c1"># or SecretStore</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">remoteRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">aaaabbbb-cccc-dddd-eeee-000011112222</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">property</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">admin-password</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">secretKey</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">postgres_replication_password</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">sourceRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">storeRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bitwarden-fields</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ClusterSecretStore</span><span class="w"> </span><span class="c1"># or SecretStore</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">remoteRef</span><span class="p">:</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">aaaabbbb-cccc-dddd-eeee-000011112222</span><span class="w"></span>
|
|
|
+<span class="w"> </span><span class="nt">property</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">postgres-replication-password</span><span class="w"></span>
|
|
|
+</code></pre></div>
|
|
|
+
|
|
|
+
|
|
|
+ </article>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+
|
|
|
+ </main>
|
|
|
+
|
|
|
+ <footer class="md-footer">
|
|
|
+
|
|
|
+ <nav class="md-footer__inner md-grid" aria-label="Footer">
|
|
|
+
|
|
|
+
|
|
|
+ <a href="../jenkins-kubernetes-credentials/" class="md-footer__link md-footer__link--prev" aria-label="Previous: Jenkins" rel="prev">
|
|
|
+ <div class="md-footer__button md-icon">
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"/></svg>
|
|
|
+ </div>
|
|
|
+ <div class="md-footer__title">
|
|
|
+ <div class="md-ellipsis">
|
|
|
+ <span class="md-footer__direction">
|
|
|
+ Previous
|
|
|
+ </span>
|
|
|
+ Jenkins
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ </a>
|
|
|
+
|
|
|
+
|
|
|
+
|
|
|
+ <a href="../../contributing/devguide/" class="md-footer__link md-footer__link--next" aria-label="Next: Developer guide" rel="next">
|
|
|
+ <div class="md-footer__title">
|
|
|
+ <div class="md-ellipsis">
|
|
|
+ <span class="md-footer__direction">
|
|
|
+ Next
|
|
|
+ </span>
|
|
|
+ Developer guide
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ <div class="md-footer__button md-icon">
|
|
|
+ <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M4 11v2h12l-5.5 5.5 1.42 1.42L19.84 12l-7.92-7.92L10.5 5.5 16 11H4z"/></svg>
|
|
|
+ </div>
|
|
|
+ </a>
|
|
|
+
|
|
|
+ </nav>
|
|
|
+
|
|
|
+ <div class="md-footer-meta md-typeset">
|
|
|
+ <div class="md-footer-meta__inner md-grid">
|
|
|
+ <div class="md-copyright">
|
|
|
+
|
|
|
+ <div class="md-copyright__highlight">
|
|
|
+ © 2023 The external-secrets Authors.<br/>
|
|
|
+© 2023 The Linux Foundation. All rights reserved.<br/><br/>
|
|
|
+The Linux Foundation has registered trademarks and uses trademarks.<br/>
|
|
|
+For a list of trademarks of The Linux Foundation, please see our <a href="https://www.linuxfoundation.org/trademark-usage/">Trademark Usage page</a>.
|
|
|
+
|
|
|
+ </div>
|
|
|
+
|
|
|
+
|
|
|
+ Made with
|
|
|
+ <a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
|
|
|
+ Material for MkDocs
|
|
|
+ </a>
|
|
|
+
|
|
|
+</div>
|
|
|
+
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+</footer>
|
|
|
+
|
|
|
+ </div>
|
|
|
+ <div class="md-dialog" data-md-component="dialog">
|
|
|
+ <div class="md-dialog__inner md-typeset"></div>
|
|
|
+ </div>
|
|
|
+ <script id="__config" type="application/json">{"base": "../..", "features": ["navigation.tabs", "navigation.indexes", "navigation.expand"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../../assets/javascripts/workers/search.092fa1f6.min.js", "version": {"provider": "mike"}}</script>
|
|
|
+
|
|
|
+
|
|
|
+ <script src="../../assets/javascripts/bundle.e3b2bf44.min.js"></script>
|
|
|
+
|
|
|
+
|
|
|
+ </body>
|
|
|
+</html>
|
moolen