diff --git a/README.md b/README.md index 09aa3ee..42333d3 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,9 @@ The responsibility of this webhook is to patch all newly created/updated namespaces so that they contain predefined empty secret with given annotation. -This repo produces one helm chart available via helm repository https://ysoftdevs.github.io/imagepullsecret-injector. There are also 2 docker images: -- `ghcr.io/ysoftdevs/imagepullsecret-injector/imagepullsecret-injector` - the image containing the webhook itself -- `ghcr.io/ysoftdevs/imagepullsecret-injector/webhook-cert-generator` - helper image responsible for (re)generating the certificates +This repo produces one helm chart available via helm repository https://ysoftdevs.github.io/secret-duplicator. There are also 2 docker images: +- `ghcr.io/ysoftdevs/secret-duplicator/secret-duplicator` - the image containing the webhook itself +- `ghcr.io/ysoftdevs/secret-duplicator/webhook-cert-generator` - helper image responsible for (re)generating the certificates ## Helm description The helm chart consists of 2 parts: the certificate generator and the webhook configuration itself. @@ -26,9 +26,9 @@ Of note is also a fact that the chart runs a lookup to the connected cluster to ## Running locally 1. Create the prerequisite resources: ```bash - kubectl create ns secret-replicator + kubectl create ns secret-duplicator - kubectl create secret -n secret-replicator \ + kubectl create secret -n secret-duplicator \ generic acr-dockerconfigjson-source \ --type=kubernetes.io/dockerconfigjson \ --from-literal=.dockerconfigjson='' @@ -37,17 +37,17 @@ Of note is also a fact that the chart runs a lookup to the connected cluster to 1. Build the images and run the chart ``` bash make build-image - helm upgrade -i secret-replicator \ - -n secret-replicator \ - charts/secret-replicator + helm upgrade -i secret-duplicator \ + -n secret-duplicator \ + charts/secret-duplicator ``` Alternatively, you can use the pre-built, publicly available helm chart and docker images: ```bash - helm repo add secret-replicator https://ysoftdevs.github.io/secret-replicator + helm repo add secret-duplicator https://ysoftdevs.github.io/secret-duplicator helm repo update - helm upgrade -i secret-replicator \ - -n secret-replicator \ - secret-replicator/secret-replicator + helm upgrade -i secret-duplicator \ + -n secret-duplicator \ + secret-duplicator/secret-duplicator ``` 1. To test whether everything works, you can run diff --git a/build/Dockerfile b/build/Dockerfile index 29a788f..39d8c8c 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,10 +1,10 @@ FROM golang:1.15 AS builder -WORKDIR /go/src/github.com/ysoftdevs/imagepullsecret-injector +WORKDIR /go/src/github.com/ysoftdevs/secret-duplicator COPY . . RUN make build FROM alpine:3.13.4 as base -COPY --from=builder /go/src/github.com/ysoftdevs/imagepullsecret-injector/build/_output/bin/imagepullsecret-injector /usr/local/bin/imagepullsecret-injector +COPY --from=builder /go/src/github.com/ysoftdevs/secret-duplicator/build/_output/bin/secret-duplicator /usr/local/bin/secret-duplicator -ENTRYPOINT ["imagepullsecret-injector"] \ No newline at end of file +ENTRYPOINT ["secret-duplicator"] \ No newline at end of file diff --git a/cmd/webhook.go b/cmd/webhook.go index 1568cc0..5bb173d 100644 --- a/cmd/webhook.go +++ b/cmd/webhook.go @@ -77,11 +77,11 @@ func NewWebhookServer(parameters *WhSvrParameters, server *http.Server) (*Webhoo // DefaultParametersObject returns a parameters object with the default values func DefaultParametersObject() WhSvrParameters { return WhSvrParameters{ - port: 8443, - certFile: "/etc/webhook/certs/cert.pem", - keyFile: "/etc/webhook/certs/key.pem", - excludeNamespaces: strings.Join(defaultIgnoredNamespaces, ","), - targetSecretName: "dashboard-terminal-kube-apiserver-tls", + port: 8443, + certFile: "/etc/webhook/certs/cert.pem", + keyFile: "/etc/webhook/certs/key.pem", + excludeNamespaces: strings.Join(defaultIgnoredNamespaces, ","), + targetSecretName: "dashboard-terminal-kube-apiserver-tls", targetSecretAnnotation: "reflector.v1.k8s.emberstack.com/reflects=cert-manager/default-cert", } } @@ -214,7 +214,7 @@ func (whsvr *WebhookServer) mutateNamespace(ar *v1beta1.AdmissionReview) *v1beta if item.Name == whsvr.config.targetSecretName { annotationToCheck := strings.Split(whsvr.config.targetSecretAnnotation, "=") if val, ok := item.Annotations[annotationToCheck[0]]; ok { - glog.Infof("Namespace is already in the correct state and contains secret %s with value %s=%s, skipping", whsvr.config.targetSecretName, annotationToCheck ,val) + glog.Infof("Namespace is already in the correct state and contains secret %s with value %s=%s, skipping", whsvr.config.targetSecretName, annotationToCheck, val) return &v1beta1.AdmissionResponse{ Allowed: true, } @@ -234,8 +234,8 @@ func (whsvr *WebhookServer) mutateNamespace(ar *v1beta1.AdmissionReview) *v1beta } return &v1beta1.AdmissionResponse{ - Allowed: true, - Patch: nil, + Allowed: true, + Patch: nil, PatchType: nil, } }