Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve Documentation for those not familiar with 1password Connect #150

Open
dejanzelic opened this issue Jan 20, 2023 · 2 comments
Open

Improve Documentation for those not familiar with 1password Connect #150

dejanzelic opened this issue Jan 20, 2023 · 2 comments

Comments

@dejanzelic
Copy link

Summary

I had a difficult time getting the operator set up in Kubernetes. A lot of it stemmed from my lack knowledge of 1password connect. This repo was my first time hearing about 1password's connect server. So when the documentation was pointing me to different repo for a different project (the connect helmchart) I was confused.

The credentials situation was also confusing to me since connect needs the json file, but the operator needs a token. However, it wasn't clear how to get the token nor if the token was different then the connect credentials. The current Readme.md also has the wrong op command to get the token:

op create connect token <server> op-k8s-operator --vault <vault>

This command gives me the following error:

❯ op create
[ERROR] 2023/01/19 18:14:51 unknown command "create" for "op"

Finally, I wanted to use kustomize to download the helmchart and I didn't want the credentials json file in git. So I had to read the helm template to understand that as long as I set op-credenitlas to the base64 contents of the credentials json, I won't need to include the credentials in git.

Use cases

Better documentation would significantly improve user experience.

Proposed solution

I would suggest working with someone who does not have experience with 1password connect set up the operator and share the questions and issues that they had.

Is there a workaround to accomplish this today?

These are the steps I took to get it working in my environment:

  1. Create the server in onepassword
op connect server create --vaults k8s-home k8s-home
  1. Add the 1password-credentials.json as a secret
kubectl create secret generic op-credentials --from-literal=1password-credentials.json=$(cat 1password-credentials.json | base64)

  1. Create a token in the 1password web ui under the integrations.

  2. Add the token created in step 2 to kubectl
    (if you add a space before you run the command it won't save in your git history)

 kubectl create secret generic onepassword-token --from-literal=token=<TOKEN>
  1. Apply the kustomize config kustomize build ./ --enable-helm | kubectl apply -f -
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

helmCharts:
- name: connect
  includeCRDs: true
  valuesInline:
    operator:
      create: True
  releaseName: connect
  version: 1.10.0
  repo: https://1password.github.io/connect-helm-charts
@edif2008
Copy link
Member

Hey there.

Thank you so much for the feedback regarding the documentation on this repo.
It is a bit unfortunate that some of the documentation seems to be out of sync and not smooth enough to make the setup process easy.

I've raised this with my team and we will work on making an improvement on them.
When we will make a PR with the enhanced documentation, would you like to review it as well and let us know if we're going in the right direction?

Thanks 😄

@dejanzelic
Copy link
Author

Sure! Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dejanzelic @edif2008