add APP_ID to default credentials secret and allow it to be passed in…

… as plain text in the values.yaml; fix ci ci: add the app ID to the default tests for ci also update docs via helm-docs
small-hack · Dec 2, 2023 · d42ea6d · d42ea6d
1 parent d701c99
commit d42ea6d
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 1 deletion.
diff --git a/.github/workflows/ci-helm-lint-test.yml b/.github/workflows/ci-helm-lint-test.yml
@@ -55,6 +55,7 @@ jobs:
         run: |
           ct install --target-branch ${{ github.event.repository.default_branch }} \
             --helm-extra-set-args="--set=bitwarden_eso_provider.create_cluster_secret_store=false \
+            --set=bitwarden_eso_provider.auth.appID=${{ secrets.BOT_APP_ID }} \
             --set=bitwarden_eso_provider.auth.password=${{ secrets.BOT_PASSWORD }} \
             --set=bitwarden_eso_provider.auth.clientID=${{ secrets.BOT_CLIENT_ID }} \
-            --set=bitwarden_eso_provider.auth.clientSecret=${{ secrets.BOT_CLIENT_SECRET }}"
+            --set=bitwarden_eso_provider.auth.clientSecret=${{ secrets.BOT_CLIENT_SECRET }}"
diff --git a/charts/bitwarden-eso-provider/README.md b/charts/bitwarden-eso-provider/README.md
@@ -20,6 +20,7 @@ Helm chart to use Bitwarden as a Provider for External Secrets Operator
 | autoscaling.maxReplicas | int | `100` | max number of pods to spin up |
 | autoscaling.minReplicas | int | `1` | minimum number of pods to keep |
 | autoscaling.targetCPUUtilizationPercentage | int | `80` |  |
+| bitwarden_eso_provider.auth.appID | string | `""` | optional bitwarden app ID to identify your pod to the Bitwarden server so that you don't receieve infinite email notifications every login |
 | bitwarden_eso_provider.auth.clientID | string | `""` | bitwarden client ID to use to grabs secrets in the pod, ignored if existingSecret is set |
 | bitwarden_eso_provider.auth.clientSecret | string | `""` | bitwarden client Secret to use to grabs secrets in the pod, ignored if existingSecret is set |
 | bitwarden_eso_provider.auth.existingSecret | string | `""` | use an existing secret for bitwarden credentials, ignores above credentials if this is set |

diff --git a/charts/bitwarden-eso-provider/templates/credentials.yaml b/charts/bitwarden-eso-provider/templates/credentials.yaml
@@ -10,4 +10,5 @@ data:
   BW_PASSWORD: {{ .Values.bitwarden_eso_provider.auth.password | b64enc | quote}}
   BW_CLIENTID: {{ .Values.bitwarden_eso_provider.auth.clientID | b64enc | quote}}
   BW_CLIENTSECRET: {{ .Values.bitwarden_eso_provider.auth.clientSecret | b64enc | quote}}
+  BW_APPID: {{ .Values.bitwarden_eso_provider.auth.appID | b64enc | quote }}
 {{- end }}
diff --git a/charts/bitwarden-eso-provider/values.yaml b/charts/bitwarden-eso-provider/values.yaml
@@ -29,6 +29,8 @@ bitwarden_eso_provider:
     clientSecret: ""
     # -- bitwarden client ID to use to grabs secrets in the pod, ignored if existingSecret is set
     clientID: ""
+    # -- optional bitwarden app ID to identify your pod to the Bitwarden server so that you don't receieve infinite email notifications every login
+    appID: ""
     # -- bitwarden hostname to use to grab secrets in the pod, ignored if existingSecret is set
     host: "https://bitwarden.com"
     # -- use an existing secret for bitwarden credentials, ignores above credentials if this is set