jhb2345
/
server


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113
							apiVersion: apps/v1
kind: Deployment
metadata:
  name: bitwarden-cli
  namespace: external-secrets
  labels:
    app.kubernetes.io/instance: bitwarden-cli
    app.kubernetes.io/name: bitwarden-cli
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app.kubernetes.io/name: bitwarden-cli
      app.kubernetes.io/instance: bitwarden-cli
  template:
    metadata:
      labels:
        app.kubernetes.io/name: bitwarden-cli
        app.kubernetes.io/instance: bitwarden-cli
    spec:
      containers:
        - name: bitwarden-cli
          image: ghcr.io/charlesthomas/bitwarden-cli:2026.1.0
          imagePullPolicy: IfNotPresent
          env:
            - name: BW_USER
              valueFrom:
                secretKeyRef:
                  name: bitwarden-cli
                  key: BW_USERNAME
            - name: BW_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: bitwarden-cli
                  key: BW_PASSWORD
            - name: BW_CLIENTSECRET
              valueFrom:
                secretKeyRef:
                  name: bitwarden-cli
                  key: BW_CLIENTSECRET
            - name: BW_CLIENTID
              valueFrom:
                secretKeyRef:
                  name: bitwarden-cli
                  key: BW_CLIENTID
          ports:
            - name: http
              containerPort: 8087
              protocol: TCP
          livenessProbe:
            exec:
              command:
                - wget
                - -q
                - http://127.0.0.1:8087/sync?force=true
                - --post-data=''
            initialDelaySeconds: 20
            failureThreshold: 3
            timeoutSeconds: 10
            periodSeconds: 120
          readinessProbe:
            tcpSocket:
              port: 8087
            initialDelaySeconds: 20
            failureThreshold: 3
            timeoutSeconds: 1
            periodSeconds: 10
          startupProbe:
            tcpSocket:
              port: 8087
            initialDelaySeconds: 10
            failureThreshold: 30
            timeoutSeconds: 1
            periodSeconds: 5
---
apiVersion: v1
kind: Service
metadata:
  name: bitwarden-cli
  namespace: external-secrets
  labels:
    app.kubernetes.io/instance: bitwarden-cli
    app.kubernetes.io/name: bitwarden-cli
  annotations:
spec:
  type: ClusterIP
  ports:
  - port: 8087
    targetPort: http
    protocol: TCP
    name: http
  selector:
    app.kubernetes.io/name: bitwarden-cli
    app.kubernetes.io/instance: bitwarden-cli
---
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
  namespace: external-secrets
  name: external-secret-2-bw-cli
spec:
  podSelector:
    matchLabels:
      app.kubernetes.io/instance: bitwarden-cli
      app.kubernetes.io/name: bitwarden-cli
  ingress:
  - from:
      - podSelector:
          matchLabels:
            app.kubernetes.io/instance: external-secrets
            app.kubernetes.io/name: external-secrets