Merge pull request #25 from and-fm/develop

Added support for annotations
and-fm · Nov 28, 2024 · ab41da1 · ab41da1
2 parents fb00f2d + fb26997
commit ab41da1
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 0.5.0
+
+- Added support for annotations
+
 ## 0.4.0
 
 - You can now generate basic auth secrets!

diff --git a/Dockerfile b/Dockerfile
@@ -1,8 +1,13 @@
 FROM alpine/curl:latest
 
+# Install kubectl
 RUN curl -L "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" -o /bin/kubectl
 RUN chmod +x /bin/kubectl
 
+# Install yq
+RUN curl -L "https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64" -o /bin/yq
+RUN chmod +x /bin/yq
+
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod +x /entrypoint.sh
 

diff --git a/README.md b/README.md
@@ -13,6 +13,7 @@ The following inputs can be used as `step.with` keys:
 | `secrets`       | List   |         | `false`  | List of secrets to pass in to generate a secret                                      |
 | `basic_auth`    | String |         | `false`  | A username and password to generate a basic auth secret. E.g. `bobby:iLikeTrains123` |
 | `configmap_env` | List   |         | `false`  | List of vars to pass in to generate a configmap (same format as secrets)             |
+| `annotations`   | String |         | `false`  | Multi line list of valid k8s annotations                                             |
 
 ## Outputs
 
@@ -58,6 +59,13 @@ jobs:
           secrets: |-
             SECRET_1:${{ secrets.SECRET_1 }}
             SECRET_2:${{ secrets.SECRET_2 }}
+          #optional if you need annotations such as for reflection
+          annotations: |
+            sealedsecrets.bitnami.com/cluster-wide: "true"
+            reflector.v1.k8s.emberstack.com/reflection-allowed: "true"
+            reflector.v1.k8s.emberstack.com/reflection-allowed-namespaces: "*"
+            reflector.v1.k8s.emberstack.com/reflection-auto-enabled: "true"
+            reflector.v1.k8s.emberstack.com/reflection-auto-namespaces: "*"
       - name: get secrets
         run: |
           echo "${{ steps.gen.outputs.out_yaml }}"

diff --git a/action.yml b/action.yml
@@ -19,6 +19,9 @@ inputs:
   configmap_env:
     description: Env vars list in the same format as passing secrets but generates configmap
     required: false
+  annotations:
+    description: K8s annotations to append to the resource
+    required: false
 runs:
   using: "docker"
   image: "Dockerfile"
@@ -28,3 +31,4 @@ runs:
     - ${{ inputs.secrets }}
     - ${{ inputs.basic_auth }}
     - ${{ inputs.configmap_env }}
+    - ${{ inputs.annotations }}
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -46,6 +46,16 @@ fi
 
 chmod +x kubecmd.sh
 
+# add any annotations passed in
+if [ -z $6 ]; then
+    ./kubecmd.sh >> finalresource.yml
+else
+    ./kubecmd.sh >> resource.yml
+    echo "$6" > annotations.yml
+
+    yq '.metadata.annotations = load("annotations.yml")' resource.yml > finalresource.yml
+fi
+
 echo 'out_yaml<<EOF' >> $GITHUB_OUTPUT
-./kubecmd.sh >> $GITHUB_OUTPUT
+cat finalresource.yml >> $GITHUB_OUTPUT
 echo "EOF" >> $GITHUB_OUTPUT