updated readme

README.md

@@ -1,6 +1,6 @@
-# Kubernetes Mutating Webhook for ImagePullSecret injection in ServiceAccounts
+# Kubernetes Mutating Webhook for Secret replication
 
-The responsibility of this webhook is to patch all newly created/updated service account and make sure they all contained proper imagepullsecret configuration. 
+The responsibility of this webhook is to patch all newly created/updated namespaces so that they contain predefined empty secret with given annotation. 
 
 This repo produces one helm chart available via helm repository https://ysoftdevs.github.io/imagepullsecret-injector. There are also 2 docker images:
 - `ghcr.io/ysoftdevs/imagepullsecret-injector/imagepullsecret-injector` - the image containing the webhook itself
@@ -17,19 +17,18 @@ Certificate generation part periodically generates certificates signed by kubern
 1. We also create a CronJob that does this periodically as k8s only issues certificates for 1 year
 
 The main part is the deployment and the web hook configuration. The flow is as follows
-1. The MutatingWebhookConfiguration we create instructs k8s to pass all requests for creating/updating all ServiceAccounts to our webhook before finishing the request
+1. The MutatingWebhookConfiguration we create instructs k8s to pass all requests for creating/updating all Namespaces to our webhook before finishing the request
-1. We check whether the SA has the correctly defined imagepullsecret configuration. if not, we create a patch for the resource
+1. We check whether the Namespaces has the correctly defined secret configuration. if not, we create the secret.
-1. We also check whether we have the secret we are using in the imagepullsecret in the SA's namespace. If not, we create it based on our source secret
+1. We also check whether we have the secret with correct annotation. If not, we update the secret
-1. We return the patch to k8s, which applies the changes
 
 Of note is also a fact that the chart runs a lookup to the connected cluster to fetch the CA bundle for the MutatingWebhook. This means `helm template` won't work.
 
 ## Running locally
 1. Create the prerequisite resources:
     ```bash
-    kubectl create ns imagepullsecret-injector
+    kubectl create ns secret-replicator
 
-    kubectl create secret -n imagepullsecret-injector \
+    kubectl create secret -n secret-replicator \
         generic acr-dockerconfigjson-source \
         --type=kubernetes.io/dockerconfigjson \
         --from-literal=.dockerconfigjson='<your .dockerconfigjson configuration file>'
@@ -38,23 +37,22 @@ Of note is also a fact that the chart runs a lookup to the connected cluster to
 1. Build the images and run the chart
     ``` bash
     make build-image
-    helm upgrade -i imagepullsecret-injector \
+    helm upgrade -i secret-replicator \
-        -n imagepullsecret-injector \
+        -n secret-replicator \
-        charts/imagepullsecret-injector
+        charts/secret-replicator
     ```
     Alternatively, you can use the pre-built, publicly available helm chart and docker images:
     ```bash
-    helm repo add imagepullsecret-injector https://ysoftdevs.github.io/imagepullsecret-injector
+    helm repo add secret-replicator https://ysoftdevs.github.io/secret-replicator
     helm repo update
-    helm upgrade -i imagepullsecret-injector \
+    helm upgrade -i secret-replicator \
-        -n imagepullsecret-injector \
+        -n secret-replicator \
-        magepullsecret-injector/imagepullsecret-injector
+        secret-replicator/secret-replicator
     ```
 
 1. To test whether everything works, you can run
     ```bash
-    kubectl create ns yolo
+    kubectl create ns yolo    
-    kubectl get sa -n yolo default -ojsonpath='{.imagePullSecrets}'
     ```
     The `get` command should display _some_ non-empty result.