.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,33 @@
+---
+name: Bug report
+about: Report bugs and errors found while using any of the Helm charts.
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+### Your environment
+
+<!-- Version of the Helm Chart when the error occurred -->
+Chart Version:
+
+<!-- Version of the Helm you are using -->
+Helm Version:
+
+<!-- What version of Kubernetes are you deploying the chart to? -->
+Kubernetes Version:
+
+## What happened?
+<!-- Describe the bug or error -->
+
+## What did you expect to happen?
+<!-- Describe what should have happened -->
+
+## Steps to reproduce
+1. <!-- Describe Steps to reproduce the issue -->
+
+
+## Notes & Logs
+<!-- Paste any logs here that may help with debugging.
+Remember to remove any sensitive information before sharing! -->

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,9 @@
+# docs: https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository#configuring-the-template-chooser
+blank_issues_enabled: true
+contact_links:
+  - name: 1Password Community
+    url: https://1password.community/categories/secrets-automation
+    about: Please ask general Secrets Automation questions here.
+  - name: 1Password Security Bug Bounty
+    url: https://bugcrowd.com/agilebits
+    about: Please report security vulnerabilities here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,33 @@
+---
+name: Feature request
+about: Suggest an idea for any of the Helm charts
+title: ''
+labels: feature-request
+assignees: ''
+
+---
+
+### Summary
+<!-- Briefly describe the feature in one or two sentences. You can include more details later. -->
+
+### Use cases
+<!-- Describe the use cases that make this feature useful to others.
+The description should help the reader understand why the feature is necessary.
+The better we understand your use case, the better we can help create an appropriate solution. -->
+
+
+### Proposed solution
+<!-- If you already have an idea for how the feature should work, use this space to describe it.
+We'll work with you to find a workable approach, and any implementation details are appreciated.
+-->
+
+### Is there a workaround to accomplish this today?
+<!-- If there's a way to accomplish this feature request without changes to the codebase, we'd like to hear it.
+-->
+
+### References & Prior Work
+<!-- If a similar feature was implemented in another project or tool, add a link so we can better understand your request.
+Links to relevant documentation or RFCs are also appreciated. -->
+
+* <!-- Reference 1 -->
+* <!-- Reference 2, etc -->

.github/workflows/lint.yml

@@ -0,0 +1,28 @@
+name: Lint charts
+on: [push, pull_request]
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.4.1
+
+      # Set up Python for ct lint, which needs Python for Yamale and yamllint
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.7
+
+      - name: Set up ct CLI
+        uses: helm/chart-testing-action@v2.0.1
+        with:
+          version: v3.3.0
+
+      - name: Lint chart
+        run: ct lint --config ct.yaml

.github/workflows/pr-check-signed-commits.yml

@@ -0,0 +1,13 @@
+name: Check signed commits in PR 
+on: pull_request_target
+
+jobs:
+  build:
+    name: Check signed commits in PR 
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check signed commits in PR
+        uses: 1Password/check-signed-commits-action@v1

.github/workflows/release.yml

@@ -0,0 +1,35 @@
+name: Release charts if needed
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Configure Git
+        run: |
+          # Authenticate as the GitHub Actions bot https://api.github.com/users/github-actions%5Bbot%5D
+          git config user.name "GitHub Actions"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+
+      - name: Install Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.4.1
+
+      - name: Run chart-releaser
+        # Fork of helm/chart-releaser-action to avoid unwanted release attempts.
+        # Upstream PR: https://github.com/helm/chart-releaser-action/pull/80
+        uses: florisvdg/chart-releaser-action@v1.3.0
+        with:
+          charts_dir: charts
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/test.yml

@@ -0,0 +1,80 @@
+name: Run acceptance tests
+on:
+  push:
+
+  # Workflow dispatch listener to enable on-demand acceptance test runs on external PRs.
+  # How to use this:
+  # * Do a sanity check on the submitted PR
+  # * Copy the most recent commit hash of the PR branch
+  # * Go to 'Actions' -> 'Run acceptance tests' -> 'Run workflow'
+  # * Fill in the following:
+  #   * `checkout-repo`: `<PR author>/connect-helm-charts`
+  #   * `checkout-ref`: <copied commit hash>
+  #   * `branch`: `acceptance-tests-on-forks`
+  workflow_dispatch:
+    inputs:
+      checkout-repo:
+        required: false
+      checkout-ref:
+        required: false
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+          repository: ${{ github.event.inputs.checkout-repo }}
+          ref: ${{ github.event.inputs.checkout-ref }}
+
+      - name: Set up Helm
+        uses: azure/setup-helm@v1
+        with:
+          version: v3.4.1
+
+      - name: Set up ct CLI
+        uses: helm/chart-testing-action@v2.1.0
+        with:
+          version: v3.4.0
+
+      - name: Check if chart has changed
+        id: list-changed
+        run: |
+          changed=$(ct list-changed --config ct.yaml)
+          if [[ -n "$changed" ]]; then
+            echo "::set-output name=changed::true"
+          fi
+
+      - name: Install yq
+        run: sudo snap install yq
+        if: steps.list-changed.outputs.changed == 'true'
+
+      - name: Add fixtures to YAML test cases
+        env:
+          OP_CONNECT_CREDENTIALS: ${{ secrets.OP_CONNECT_CREDENTIALS }}
+          OP_CONNECT_TOKEN: ${{ secrets.OP_CONNECT_TOKEN }}
+        run: |
+          cat > fixtures.yaml << EOF
+          acceptanceTests:
+            enabled: true
+            fixtures:
+              vaultId: v5pz6venw4roosmkzdq2nhpv6u
+              itemId: hrgkzhrlvscomepxlgafb2m3ca
+              secretValue: RGVhciBzZWN1cml0eSByZXNlYXJjaGVyLCB0aGlzIGlzIGp1c3QgYSBkdW1teSBzZWNyZXQuIFBsZWFzZSBkb24ndCByZXBvcnQgaXQu
+          EOF
+
+          for values_file in charts/connect/ci/*.yaml; do
+            # Add secrets
+            yq eval '.connect.credentials = strenv(OP_CONNECT_CREDENTIALS) | .operator.token.value = strenv(OP_CONNECT_TOKEN)' -i $values_file
+
+            # Add acceptance test fixtures
+            yq eval-all --inplace 'select(fileIndex == 0) * select(fileIndex == 1)' $values_file fixtures.yaml
+          done
+
+      - name: Spin up local Kubernetes cluster
+        uses: helm/kind-action@v1.2.0
+
+      - name: Deploy and run acceptance tests
+        run: ct install --config ct.yaml

CONTRIBUTING.md

@@ -0,0 +1,59 @@
+# Contributing
+
+Thank you for your interest in contributing to the 1Password `connect-helm-chart` project 👋! We sincerely appreciate the time and effort you put into improving our Helm Charts. Before you start, please take a moment to read through this guide to understand our contribution process.
+
+## Getting Started
+
+To start contributing, get the latest [Helm release](https://github.com/helm/helm#install).
+
+## Testing
+
+NOTE: This only applies to changes made in `./charts/connect`.
+
+Run the following command to test changes made to the Connect Helm chart:
+
+```
+helm test connect
+```
+
+## Debugging
+
+- Running `helm lint` in the applicable subdirectory will verify that your chart follows best practices.
+
+- To run `helm template --debug`:
+
+  1. navigate to the root of the repository
+  2. `cd..`
+  3. `helm template connect-helm-charts/charts/secrets-injector --debug` for **secrets-injector** OR `helm template connect-helm-charts/charts/connect --debug` for **connect**.
+
+For more debugging templates, feel free to consult the [docs](https://helm.sh/docs/chart_template_guide/debugging/).
+
+## Documentation Updates
+
+If adding a new configuration, update documentation for the tables in the [Connect README](./charts/connect/README.md) or in the [Secrets Injector README](./charts/secrets-injector/README.md)
+
+## Sign your commits
+
+To get your PR merged, we require you to sign your commits.
+
+### Sign commits with 1Password
+
+You can also sign commits using 1Password, which lets you sign commits with biometrics without the signing key leaving the local 1Password process.
+
+Learn how to use [1Password to sign your commits](https://developer.1password.com/docs/ssh/git-commit-signing/).
+
+### Sign commits with ssh-agent
+
+Follow the steps below to set up commit signing with `ssh-agent`:
+
+1. [Generate an SSH key and add it to ssh-agent](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent)
+2. [Add the SSH key to your GitHub account](https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account)
+3. [Configure git to use your SSH key for commits signing](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-ssh-key)
+
+### Sign commits with gpg
+
+Follow the steps below to set up commit signing with `gpg`:
+
+1. [Generate a GPG key](https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key)
+2. [Add the GPG key to your GitHub account](https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-gpg-key-to-your-github-account)
+3. [Configure git to use your GPG key for commits signing](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key#telling-git-about-your-gpg-key)