Update Makefile to allow containerd builds

Makefile

@@ -67,6 +67,10 @@ test:
 # build section
 ############################################################
 
+vendor:
+	@echo "Vendoring..."
+	@go mod vendor
+
 build:
 	@echo "Building the $(IMAGE_NAME) binary..."
 	@CGO_ENABLED=0 go build -o build/_output/bin/$(IMAGE_NAME) ./cmd/
@@ -76,10 +80,39 @@ build-linux:
 	@GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o build/_output/linux/bin/$(IMAGE_NAME) ./cmd/
 
 ############################################################
-# image section
+# Containerd image section
 ############################################################
 
-image: docker-login build-image push-image
+containerd-image: containerd-login containerd-image containerd-image
+
+containerd-login:
+	@echo "$(DOCKER_TOKEN)" | nerdctl login -u "$(DOCKER_USER)" --password-stdin "$(REPOSITORY_BASE)"
+
+containerd-logout:
+	@docker logout
+
+containerd-build:
+	@echo "Building the docker image: $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG)..."
+	@nerdctl build -t $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) -f build/Dockerfile .
+	@echo "Building the docker image: $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):$(IMAGE_TAG)..."
+	@nerdctl build -t $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):$(IMAGE_TAG) -f build/Dockerfile.cert-generator .
+
+containerd-push: containerd-build-image
+	@echo "Pushing the docker image for $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) and $(IMAGE_REPO)/$(IMAGE_NAME):latest..."
+	@nerdctl tag $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) $(IMAGE_REPO)/$(IMAGE_NAME):latest
+	@nerdctl push $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG)
+	@nerdctl push $(IMAGE_REPO)/$(IMAGE_NAME):latest
+	@echo "Pushing the docker image for $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):$(IMAGE_TAG) and $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):latest..."
+	@nerdctl tag $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):$(IMAGE_TAG) $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):latest
+	@nerdctl push $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):$(IMAGE_TAG)
+	@nerdctl push $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):latest
+
+
+############################################################
+# Docker image section
+############################################################
+
+docker-image: docker-login docker-build docker-push
 
 docker-login:
 	@echo "$(DOCKER_TOKEN)" | docker login -u "$(DOCKER_USER)" --password-stdin "$(REPOSITORY_BASE)"
@@ -87,13 +120,13 @@ docker-login:
 docker-logout:
 	@docker logout
 
-build-image:
+docker-build:
 	@echo "Building the docker image: $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG)..."
 	@docker build -t $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) -f build/Dockerfile .
 	@echo "Building the docker image: $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):$(IMAGE_TAG)..."
 	@docker build -t $(IMAGE_REPO)/$(GENERATOR_IMAGE_NAME):$(IMAGE_TAG) -f build/Dockerfile.cert-generator .
 
-push-image: build-image
+docker-push: docker-build
 	@echo "Pushing the docker image for $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) and $(IMAGE_REPO)/$(IMAGE_NAME):latest..."
 	@docker tag $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG) $(IMAGE_REPO)/$(IMAGE_NAME):latest
 	@docker push $(IMAGE_REPO)/$(IMAGE_NAME):$(IMAGE_TAG)
@@ -110,4 +143,4 @@ push-image: build-image
 clean:
 	@rm -rf build/_output
 
-.PHONY: all fmt lint check test build image clean
+.PHONY: all fmt lint check test build docker-image containerd-image clean

VERSION

@@ -1 +1 @@
-0.0.14
+0.0.15

build/Dockerfile

@@ -2,7 +2,7 @@ FROM golang:1.17.10 AS builder
 
 WORKDIR /go/src/github.com/ysoftdevs/imagepullsecret-injector
 COPY . .
-RUN make build
+RUN make vendor build
 
 FROM alpine:3.15.4 as base
 COPY --from=builder /go/src/github.com/ysoftdevs/imagepullsecret-injector/build/_output/bin/imagepullsecret-injector /usr/local/bin/imagepullsecret-injector

charts/imagepullsecret-injector/Chart.yaml

@@ -15,9 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.0.25
+version: 0.0.26
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 0.0.14
+appVersion: 0.0.25

cmd/webhook.go

@@ -236,11 +236,24 @@ func (whsvr *WebhookServer) mutateServiceAccount(ar *v1beta1.AdmissionReview) *v
 		}
 	}
 
-	// Check whether we already have the imagePullSecretName present
+	// Make sure the secrets are present
+	if err := whsvr.ensureSecrets(ar); err != nil {
+		whsvr.logger.Errorf("Could not ensure existence of the imagePullSecret")
+		if !whsvr.config.ignoreSecretCreationError {
+			whsvr.logger.Errorf("Failing the mutation process")
+			return &v1beta1.AdmissionResponse{
+				Result: &metav1.Status{
+					Message: err.Error(),
+				},
+			}
+		}
+		whsvr.logger.Infof("ignoreSecretCreationError is true, ignoring")
+	}
+
 	if sa.ImagePullSecrets != nil {
-		whsvr.logger.Infof("ServiceAccount is already in the correct state, skipping")
 		for _, lor := range sa.ImagePullSecrets {
 			if whsvr.config.targetImagePullSecretName == lor.Name {
+				whsvr.logger.Infof("ServiceAccount is already in the correct state, skipping the patch")
 				return &v1beta1.AdmissionResponse{
 					Allowed: true,
 				}
@@ -262,19 +275,6 @@ func (whsvr *WebhookServer) mutateServiceAccount(ar *v1beta1.AdmissionReview) *v
 		}
 	}
 
-	if err := whsvr.ensureSecrets(ar); err != nil {
-		whsvr.logger.Errorf("Could not ensure existence of the imagePullSecret")
-		if !whsvr.config.ignoreSecretCreationError {
-			whsvr.logger.Errorf("Failing the mutation process")
-			return &v1beta1.AdmissionResponse{
-				Result: &metav1.Status{
-					Message: err.Error(),
-				},
-			}
-		}
-		whsvr.logger.Infof("ignoreSecretCreationError is true, ignoring")
-	}
-
 	return &v1beta1.AdmissionResponse{
 		Allowed: true,
 		Patch:   patchBytes,