Skip to content
/ opkustomize Public

🛠️ opkustomize - Manage Kubernetes environments with Kustomize build and 1Password.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

alexbaeza/opkustomize

BranchesTags

Repository files navigation

OpKustomize

OpKustomize is a Bash script that facilitates the injection of secrets and environment variable substitution using 1Password CLI (op) and envsubst respectively. It is a wrapper around kustomize build and it is designed to be used in conjunction with Kustomize for Kubernetes configuration management.

Commits Issues Releases

Requirements

  • 1Password CLI (op) installed and configured.
  • envsubst utility (usually available in most Linux distributions).
  • kustomize tool.
  • OP_SERVICE_ACCOUNT_TOKEN environment variable set with the token for 1Password service account.
  • .env file defining the secrets and environment variables to be injected.

Installation

To install OpKustomize, follow these steps:

curl -LO "https://github.com/alexbaeza/opkustomize/raw/main/opkustomize.sh"
chmod +x opkustomize.sh
sudo mv opkustomize.sh /usr/local/bin/opkustomize

Usage

To use OpKustomize, follow these steps:

  1. Set the OP_SERVICE_ACCOUNT_TOKEN environment variable with your 1Password service account token:
export OP_SERVICE_ACCOUNT_TOKEN=<YOUR_TOKEN>

  1. Define a .env file with the necessary secrets and environment variables:

    Example:

# .env file example
MY_VARIABLE="op://<reference>"

Replace <reference> with the reference to the 1Password secret, e.g., my-secret-vault/my-secret-key/credential.

  1. Run the OpKustomize script with the following syntax:
opkustomize <env_file> <target_folder> [other_flags...]
  • <env_file>: The name of the .env file containing secrets and environment variables to be injected.
  • <target_folder>: The target folder where the Kubernetes configuration files reside.
  • [other_flags...]: Additional flags/options to be passed to the kustomize build command.

Run Example

opkustomize cluster-credentials.dev.env ./k8s/apps/overlays/production/

Example with helm support:

opkustomize cluster-credentials.dev.env ./k8s/apps/overlays/production/ --enable-helm

Notes

  • OpKustomize uses op to inject secrets into the Kubernetes configuration files.
  • Environment variables in the configuration files are substituted using envsubst.
  • The temporary directory used for processing is cleaned up automatically after script execution.

License

This project is licensed under the MIT License. See the LICENSE file for details.

About

🛠️ opkustomize - Manage Kubernetes environments with Kustomize build and 1Password.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 3

v1.3.0 Latest
Apr 14, 2024
+ 2 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages