This PR provides an ability to use Connect deployed in the other namespace than the operator. Therefore, it also gives the ability to use a single Connect instance with multiple operators.
Instructions below demonstrate how to set up a single Connect instance in the default namespace and 2 operator instances, one in test1 namespace and the second in test2 namespace. Each of the operators watches for its own namespace (aka operator1 watches for namespace test1 and operator2 watches for namespace test2). Also, each operator uses a different Connect token saved in the Secret (onepassword-token1 and onepassword-token2).
Note: you need to override clusterRole, applicationName, serviceAccount to be unique in order to be able to deploy other Operator instances. Also, pay attention to using the propper operator.token.name=onepassword-token1 and properly specify the namespace you want the Operator to watch for operator.watchNamespace={test1}. If no operator.watchNamespace is specified it watches for ALL namespaces. In order for the Operator to use Connect deployed in the default namespace override Connect host by setting connect.host=onepassword-connect.default.svc.cluster.local.
Note: you need to override clusterRole, applicationName, serviceAccount to be unique in order to be able to deploy other Operator instances. Also, pay attention to using the propper operator.token.name=onepassword-token2 and properly specify the namespace you want the Operator to watch for operator.watchNamespace={test2}. If no operator.watchNamespace is specified it watches for ALL namespaces. In order for the Operator to use Connect deployed in the default namespace override Connect host by setting connect.host=onepassword-connect.default.svc.cluster.local.
Create OnepasswordItems
Use the snippet below to create OnepasswordItems (replace itemPath with valid one)
Resolves #148
This PR provides an ability to use Connect deployed in the other namespace than the operator. Therefore, it also gives the ability to use a single Connect instance with multiple operators.
Instructions below demonstrate how to set up a single Connect instance in the
default
namespace and 2 operator instances, one intest1
namespace and the second intest2
namespace. Each of the operators watches for its own namespace (akaoperator1
watches for namespacetest1
andoperator2
watches for namespacetest2
). Also, each operator uses a different Connect token saved in the Secret (onepassword-token1
andonepassword-token2
).Deploy Connect to the
default
namespacehelm install connect 1password/connect --set-file connect.credentials=1password-credentials.json -n default
Prepare namespace
test1
and deploy Operatortest1
namesapcekubectl create namespace test1
kubectl create secret generic onepassword-token1 --from-literal=token="<YOUR_CONNECT_TOKEN>" -n test1
Note: you need to override
clusterRole
,applicationName
,serviceAccount
to be unique in order to be able to deploy other Operator instances. Also, pay attention to using the propperoperator.token.name=onepassword-token1
and properly specify the namespace you want the Operator to watch foroperator.watchNamespace={test1}
. If nooperator.watchNamespace
is specified it watches for ALL namespaces. In order for the Operator to use Connect deployed in thedefault
namespace override Connect host by settingconnect.host=onepassword-connect.default.svc.cluster.local
.Prepare namespace
test2
and deploy Operatortest1
namesapcekubectl create namespace test2
kubectl create secret generic onepassword-token2 --from-literal=token="<YOUR_CONNECT_TOKEN>" -n test2
Note: you need to override
clusterRole
,applicationName
,serviceAccount
to be unique in order to be able to deploy other Operator instances. Also, pay attention to using the propperoperator.token.name=onepassword-token2
and properly specify the namespace you want the Operator to watch foroperator.watchNamespace={test2}
. If nooperator.watchNamespace
is specified it watches for ALL namespaces. In order for the Operator to use Connect deployed in thedefault
namespace override Connect host by settingconnect.host=onepassword-connect.default.svc.cluster.local
.Create OnepasswordItems
itemPath
with valid one)test1
namespacekubectl apply -f test-cred.yaml -n test1
test-cred
Secret is createdkubectl get secret test-creds -n test1
test2
namespacekubectl apply -f test-cred.yaml -n test2
test-cred
Secret is createdkubectl get secret test-creds -n test2
Note: the same scenario will work if deploy all the Operators in the single namespace aka
operators