diff --git a/.github/workflows/release-docker.yaml b/.github/workflows/release-docker.yaml index a582719..39d96c4 100644 --- a/.github/workflows/release-docker.yaml +++ b/.github/workflows/release-docker.yaml @@ -13,7 +13,7 @@ jobs: - name: Checkout uses: actions/checkout@v1 with: - ref: main + ref: ${{ github.ref }} - name: Configure Git run: | @@ -23,8 +23,8 @@ jobs: - name: Build and push docker images (make image) run: make image env: - DOCKER_USER: '${{ secrets.DOCKER_USER }}' - DOCKER_TOKEN: '${{ secrets.DOCKER_TOKEN }}' + DOCKER_USER: ${GITHUB_ACTOR} + DOCKER_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Logout from dockerhub (make docker-logout) run: make docker-logout \ No newline at end of file diff --git a/Makefile b/Makefile index 8231acd..070d798 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,8 @@ # Image URL to use all building/pushing image targets; # Use your own docker registry and image name for dev/test by overridding the # IMAGE_REPO, IMAGE_NAME and IMAGE_TAG environment variable. -IMAGE_REPO ?= marshallmarshall +REPOSITORY_BASE ?= ghcr.io +IMAGE_REPO ?= $(REPOSITORY_BASE)/ysoftdevs/imagepullsecret-injector IMAGE_NAME ?= imagepullsecret-injector GENERATOR_IMAGE_NAME ?= webhook-cert-generator @@ -81,7 +82,7 @@ build-linux: image: docker-login build-image push-image docker-login: - @echo ${DOCKER_TOKEN} | docker login -u ${DOCKER_USER} --password-stdin + @echo "$(DOCKER_TOKEN)" | docker login -u "$(DOCKER_USER)" --password-stdin "$(REPOSITORY_BASE)" docker-logout: @docker logout diff --git a/README.md b/README.md index 65a53bc..572fdfc 100644 --- a/README.md +++ b/README.md @@ -3,10 +3,8 @@ The responsibility of this webhook is to patch all newly created/updated service account and make sure they all contained proper imagepullsecret configuration. This repo produces one helm chart available via helm repository https://ysoftdevs.github.io/imagepullsecret-injector. There are also 2 docker images: -- `marshallmarshall/imagepullsecret-injector` - the image containing the webhook itself -- `marshallmarshall/webhook-cert-generator` - helper image responsible for (re)generating the certificates - - +- `ghcr.io/ysoftdevs/imagepullsecret-injector/imagepullsecret-injector` - the image containing the webhook itself +- `ghcr.io/ysoftdevs/imagepullsecret-injector/webhook-cert-generator` - helper image responsible for (re)generating the certificates ## Helm description The helm chart consists of 2 parts: the certificate generator and the webhook configuration itself. @@ -59,3 +57,6 @@ Of note is also a fact that the chart runs a lookup to the connected cluster to kubectl get sa -n yolo default -ojsonpath='{.imagePullSecrets}' ``` The `get` command should display _some_ non-empty result. + +## Releasing locally +To authenticate to the docker registry to push the images manually, you will need your own Github Personal Access Token. For more information follow this guide https://docs.github.com/en/packages/guides/migrating-to-github-container-registry-for-docker-images#authenticating-with-the-container-registry \ No newline at end of file diff --git a/helm/imagepullsecret-injector/Chart.yaml b/helm/imagepullsecret-injector/Chart.yaml index 06d16b6..cad3f45 100644 --- a/helm/imagepullsecret-injector/Chart.yaml +++ b/helm/imagepullsecret-injector/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.15 +version: 0.0.16 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/imagepullsecret-injector/values.yaml b/helm/imagepullsecret-injector/values.yaml index a633548..305e35e 100644 --- a/helm/imagepullsecret-injector/values.yaml +++ b/helm/imagepullsecret-injector/values.yaml @@ -1,12 +1,12 @@ image: - registry: marshallmarshall + registry: ghcr.io/ysoftdevs/imagepullsecret-injector repository: imagepullsecret-injector pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. tag: "" certificateGeneratorImage: - registry: marshallmarshall + registry: ghcr.io/ysoftdevs/imagepullsecret-injector repository: webhook-cert-generator tag: ""