Bump version to v0.3.1

Formatting
Use named port in service
2023-10-17 10:12:03 -04:00 · 2023-10-17 10:11:19 -04:00 · 2023-10-17 10:08:37 -04:00 · 2023-10-17 10:08:21 -04:00 · 2023-10-17 09:59:21 -04:00 · 2023-10-16 16:59:42 -04:00
18 changed files with 425 additions and 1615 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -1,172 +0,0 @@
 name: CI
 on:
  push:
    tags:
      - 'v*.*.*'
      - '!v0.1.*'
 jobs:
  base:
    runs-on: ubuntu-latest
    outputs:
      go_version: ${{ steps.get_versions.outputs.go_version }}
      build_version: ${{ steps.get_versions.outputs.build_version }}
      chart_version: ${{ steps.get_versions.outputs.chart_version }}
      go_updated: ${{ steps.file_updates.outputs.go }}
      yaml_updated: ${{ steps.file_updates.outputs.yaml }}
    steps:
      - name: Check out repo
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
      - name: Get versions
        id: get_versions
        run: |
          echo ::set-output name=go_version::$(go mod edit -json | grep -Po '"Go":\s+"([0-9.]+)"' | sed -E 's/.+"([0-9.]+)"/\1/')
          echo ::set-output name=build_version::${GITHUB_REF#refs/tags/v}
          echo ::set-output name=chart_version::${GITHUB_REF#refs/tags/}
      - name: Get last release
        id: last_release
        shell: bash
        run: |
          tag=$(gh release list | sed -n '1 p' | awk '{print $(NF -1);}')
          sha=$(git show-ref --tags | grep $tag | awk '{print $1;}')
          echo ::set-output name=sha::$sha
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Check updated files
        id: file_updates
        uses: dorny/paths-filter@v2
        with:
          base: ${{ steps.last_release.outputs.sha }}
          filters: |
            go:
              - '*.go'
              - 'go.*'
            yaml:
              - 'deploy/cert-manager-webhook-gandi/*.yaml'
              - 'deploy/cert-manager-webhook-gandi/templates/*.yaml'
  build:
    needs: base
    if: ${{ needs.base.outputs.go_updated == 'true' }}
    runs-on: ubuntu-latest
    outputs:
      tag_commit: ${{ steps.update_image.outputs.commit }}
    steps:
      - name: Check out repo
        uses: actions/checkout@v2
      - name: Login to Docker Hub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Set up Docker buildx
        uses: docker/setup-buildx-action@v1
      - name: Cache Docker layers
        uses: actions/cache@v2
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-buildx-
      - name: Build and push
        uses: docker/build-push-action@v2
        with:
          context: ./
          file: ./Dockerfile
          platforms: linux/amd64
          target: image
          push: true
          build-args: GO_VERSION=${{ needs.base.outputs.go_version }}
          tags: bwolf/cert-manager-webhook-gandi:latest,bwolf/cert-manager-webhook-gandi:${{ needs.base.outputs.build_version }}
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
      # Temp fix
      # https://github.com/docker/build-push-action/issues/252
      # https://github.com/moby/buildkit/issues/1896
      - name: Move cache
        run: |
          rm -rf /tmp/.buildx-cache
          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
      - name: Update Helm image tag
        id: update_image
        uses: fjogeleit/yaml-update-action@master
        with:
          valueFile: 'deploy/cert-manager-webhook-gandi/values.yaml'
          propertyPath: 'image.tag'
          value: ${{ needs.base.outputs.build_version }}
          message: 'Update image tag to ${{ needs.base.outputs.build_version }}'
          token: ${{ secrets.GITHUB_TOKEN }}
  release:
    needs:
      - base
      - build
    if: |
      always() && needs.base.result == 'success' &&
      ((needs.build.result == 'success' && needs.build.outputs.tag_commit != '' ) || (needs.build.result == 'skipped' && needs.base.outputs.yaml_updated == 'true'))
    runs-on: ubuntu-latest
    steps:
      - name: Retrieve commit ref
        id: commit_ref
        run: |
          if [[ '${{ needs.build.outputs.tag_commit }}' = '' ]]; then
            sha=${{ github.sha }}
          else
            sha=${{ needs.build.outputs.tag_commit }}
          fi
          echo ::set-output name=sha::$sha
      - name: Check out repo
        uses: actions/checkout@v2
        with:
          fetch-depth: 0
          ref: ${{ steps.commit_ref.outputs.sha }}
      - name: Configure Git
        run: |
          git config user.name github-actions
          git config user.email github-actions@github.com
      - name: Update Helm chart version
        uses: fjogeleit/yaml-update-action@master
        with:
          valueFile: 'deploy/cert-manager-webhook-gandi/Chart.yaml'
          propertyPath: 'version'
          value: ${{ needs.base.outputs.chart_version }}
          message: 'Update chart version to ${{ needs.base.outputs.chart_version }}'
          token: ${{ secrets.GITHUB_TOKEN }}
          updateFile: true
      - name: Install Helm
        uses: azure/setup-helm@v1
        with:
          version: v3.4.0
      - name: Run chart-releaser
        uses: helm/chart-releaser-action@v1.2.1
        with:
          charts_dir: deploy
        env:
          CR_RELEASE_NAME_TEMPLATE: '{{ .Version }}'
          CR_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -0,0 +1,75 @@
 ---
 name: Release workflow
 on:
  push:
    tags:
      - v[0-9]+.[0-9]+.[0-9]+
 jobs:
  chart:
    name: Publish Helm chart
    runs-on: ubuntu-22.04
    timeout-minutes: 10
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      - name: Install docker
        uses: actions/docker-install@v1
      - name: Install helm
        uses: actions/helm-install@v1
      - name: Login to registry
        uses: actions/docker-login@v2
        with:
          registry: git.mug.lv
          username: ${{ github.repository_owner }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Build & publish Helm chart
        run: |
          helm package ./deploy/cert-manager-webhook-gandi
          helm push \
            cert-manager-webhook-gandi-*.tgz \
            oci://git.mug.lv/galen
  image:
    name: Publish Docker image
    runs-on: ubuntu-22.04
    timeout-minutes: 10
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      - name: Get versions
        id: version
        run: |
          chart="$(awk '/^version: /{ print $2 }' deploy/cert-manager-webhook-gandi/Chart.yaml)"
          chart="${chart//v/}"
          go="$(awk '/^go /{ print $2 }' go.mod)"
          cat <<EOF >>"$GITHUB_OUTPUT"
          chart=$chart
          go=$go
          EOF
      - name: Install docker
        uses: actions/docker-install@v1
      - name: Login to registry
        uses: actions/docker-login@v2
        with:
          registry: git.mug.lv
          username: ${{ github.repository_owner }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Setup buildx
        uses: actions/docker-setup-buildx@v2
      - name: Build image
        uses: actions/docker-build-push@v4
        with:
          push: true
          tags: git.mug.lv/${{ github.repository }}-server:${{ steps.version.outputs.chart }}
          build-args: GO_VERSION=${{ steps.version.outputs.go }}
--- a/.gitignore
+++ b/.gitignore
@@ -16,9 +16,8 @@
 # Ignore the built binary
 cert-manager-webhook-gandi
-
+# But not the Helm chart
-# Ignore the Helm chart
+!deploy/cert-manager-webhook-gandi
 /charts/
 # JetBrains
 .idea
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,7 +0,0 @@
 # CHANGELOG
 | Date | Version | Description |
 | ------ | ------ | ------ |
 | 2021-10-11 | v0.2.0 | add chart-releaser GitHub action |
 | 2021-10-06 | v0.2.0 | update cert-manager to 1.5.4<br>update k8s API version to 0.22.2<br>migrate to new LiveDNS API (https://api.gandi.net)<br>add Helm repo with GitHub pages<br>simplify Dockerfile & switch to Buildx<br>update make test target (remove shell script)<br>update README.md with changes made<br>update GitHub workflow with Buildx<br>add k8s APF support (k8s >= 1.20) |
 | 2020-02-26 | v0.1.1 | switch to Docker Hub |
 | 2020-02-26 | v0.1.0 | initial release |
--- a/10
+++ b/10
@@ -9,9 +9,6 @@ endif
 GO_VERSION ?= $(shell go mod edit -json | grep -${GREP_PREGEX_FLAG}o '"Go":\s+"([0-9.]+)"' | sed -E 's/.+"([0-9.]+)"/\1/')
 IMAGE_NAME := bwolf/cert-manager-webhook-gandi
 IMAGE_TAG := 0.2.0
 OUT := $(shell pwd)/_out
 KUBEBUILDER_VERSION=2.3.2
@@ -37,13 +34,6 @@ clean: clean-kubebuilder
 clean-kubebuilder:
 	rm -Rf _test/kubebuilder
 build:
 	docker buildx build --target=image --platform=linux/amd64 --output=type=docker,name=${IMAGE_NAME}:${IMAGE_TAG} --tag=${IMAGE_NAME}:latest --build-arg=GO_VERSION=${GO_VERSION} .
 package:
 	helm package deploy/cert-manager-webhook-gandi -d charts/
 	helm repo index charts/ --url https://bwolf.github.io/cert-manager-webhook-gandi
 .PHONY: rendered-manifest.yaml
 rendered-manifest.yaml:
 	helm template \
--- a/README.md
+++ b/README.md
@@ -1,4 +1,9 @@
 # ACME webhook for Gandi (cert-manager-webhook-gandi)
 Forked from [bwolf/cert-manager-webhook-gandi](https://github.com/bwolf/cert-manager-webhook-gandi), with additional patches applied from pull requests.
 ---
 `cert-manager-webhook-gandi` is an ACME webhook for [cert-manager]. It provides an ACME (read: Let's Encrypt) webhook for [cert-manager], which allows to use a `DNS-01` challenge with [Gandi]. This allows to provide Let's Encrypt certificates to [Kubernetes] for service protocols other than HTTP and furthermore to request wildcard certificates. Internally it uses the [Gandi LiveDNS API] to communicate with Gandi.
 Quoting the [ACME DNS-01 challenge]:
@@ -94,7 +99,7 @@ This webhook has been tested with [cert-manager] v1.5.4 and Kubernetes v1.22.2 o
   To deploy using the Helm repository (for example using the `v0.2.0` version):
        helm install cert-manager-webhook-gandi \
-            --repo https://bwolf.github.io/cert-manager-webhook-gandi
+            --repo https://bwolf.github.io/cert-manager-webhook-gandi \
            --version v0.2.0 \
            --namespace cert-manager \
            --set features.apiPriorityAndFairness=true \
--- a/deploy/cert-manager-webhook-gandi/Chart.yaml
+++ b/deploy/cert-manager-webhook-gandi/Chart.yaml
@@ -1,4 +1,4 @@
 apiVersion: v2
 description: A Helm chart for cert-manager-webhook-gandi
 name: cert-manager-webhook-gandi
-version: v0.1.1
+version: v0.3.1
--- a/deploy/cert-manager-webhook-gandi/templates/_helpers.tpl
+++ b/deploy/cert-manager-webhook-gandi/templates/_helpers.tpl
@@ -31,6 +31,26 @@ Create chart name and version as used by the chart label.
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 {{/*
 Common labels
 */}}
 {{- define "cert-manager-webhook-gandi.labels" -}}
 helm.sh/chart: {{ include "cert-manager-webhook-gandi.chart" . }}
 {{ include "cert-manager-webhook-gandi.selectorLabels" . }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
 {{- end }}
 app.kubernetes.io/managed-by: {{ .Release.Service }}
 {{- end }}
 {{/*
 Selector labels
 */}}
 {{- define "cert-manager-webhook-gandi.selectorLabels" -}}
 app.kubernetes.io/name: {{ include "cert-manager-webhook-gandi.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 {{- define "cert-manager-webhook-gandi.selfSignedIssuer" -}}
 {{ printf "%s-selfsign" (include "cert-manager-webhook-gandi.fullname" .) }}
 {{- end -}}
--- a/deploy/cert-manager-webhook-gandi/templates/apiservice.yaml
+++ b/deploy/cert-manager-webhook-gandi/templates/apiservice.yaml
@@ -3,10 +3,7 @@ kind: APIService
 metadata:
  name: v1alpha1.{{ .Values.groupName }}
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
  annotations:
    cert-manager.io/inject-ca-from: "{{ .Values.certManager.namespace }}/{{ include "cert-manager-webhook-gandi.servingCertificate" . }}"
 spec:
--- a/deploy/cert-manager-webhook-gandi/templates/deployment.yaml
+++ b/deploy/cert-manager-webhook-gandi/templates/deployment.yaml
@@ -4,28 +4,24 @@ metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}
  namespace: {{ .Values.certManager.namespace | quote }}
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  replicas: {{ .Values.replicaCount }}
  selector:
    matchLabels:
-      app: {{ include "cert-manager-webhook-gandi.name" . }}
+      {{- include "cert-manager-webhook-gandi.selectorLabels" . | nindent 6 }}
      release: {{ .Release.Name }}
  template:
    metadata:
      labels:
-        app: {{ include "cert-manager-webhook-gandi.name" . }}
+        {{- include "cert-manager-webhook-gandi.selectorLabels" . | nindent 8 }}
        release: {{ .Release.Name }}
    spec:
      serviceAccountName: {{ include "cert-manager-webhook-gandi.fullname" . }}
      containers:
        - name: {{ .Chart.Name }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          image: {{ .Values.image.repository }}:{{ default .Values.image.tag (trimPrefix "v" .Chart.Version) }}
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          args:
            - --secure-port={{ .Values.containerport }}
            - --tls-cert-file=/tls/tls.crt
            - --tls-private-key-file=/tls/tls.key
 {{- if .Values.logLevel }}
@@ -36,7 +32,7 @@ spec:
              value: {{ .Values.groupName | quote }}
          ports:
            - name: https
-              containerPort: 443
+              containerPort: {{ .Values.containerport }}
              protocol: TCP
          livenessProbe:
            httpGet:
@@ -53,20 +49,20 @@ spec:
              mountPath: /tls
              readOnly: true
          resources:
-{{ toYaml .Values.resources | indent 12 }}
+            {{- toYaml .Values.resources | nindent 12 }}
      volumes:
        - name: certs
          secret:
            secretName: {{ include "cert-manager-webhook-gandi.servingCertificate" . }}
    {{- with .Values.nodeSelector }}
      nodeSelector:
-{{ toYaml . | indent 8 }}
+        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.affinity }}
      affinity:
-{{ toYaml . | indent 8 }}
+        {{- toYaml . | nindent 8 }}
    {{- end }}
    {{- with .Values.tolerations }}
      tolerations:
-{{ toYaml . | indent 8 }}
+        {{- toYaml . | nindent 8 }}
    {{- end }}
--- a/deploy/cert-manager-webhook-gandi/templates/pki.yaml
+++ b/deploy/cert-manager-webhook-gandi/templates/pki.yaml
@@ -7,10 +7,7 @@ metadata:
  name: {{ include "cert-manager-webhook-gandi.selfSignedIssuer" . }}
  namespace: {{ .Values.certManager.namespace | quote }}
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  selfSigned: {}
 ---
@@ -21,10 +18,7 @@ metadata:
  name: {{ include "cert-manager-webhook-gandi.rootCACertificate" . }}
  namespace: {{ .Values.certManager.namespace | quote }}
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  secretName: {{ include "cert-manager-webhook-gandi.rootCACertificate" . }}
  duration: 43800h # 5y
@@ -40,10 +34,7 @@ metadata:
  name: {{ include "cert-manager-webhook-gandi.rootCAIssuer" . }}
  namespace: {{ .Values.certManager.namespace | quote }}
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  ca:
    secretName: {{ include "cert-manager-webhook-gandi.rootCACertificate" . }}
@@ -55,10 +46,7 @@ metadata:
  name: {{ include "cert-manager-webhook-gandi.servingCertificate" . }}
  namespace: {{ .Values.certManager.namespace | quote }}
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  secretName: {{ include "cert-manager-webhook-gandi.servingCertificate" . }}
  duration: 8760h # 1y
--- a/deploy/cert-manager-webhook-gandi/templates/rbac.yaml
+++ b/deploy/cert-manager-webhook-gandi/templates/rbac.yaml
@@ -4,10 +4,7 @@ metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}
  namespace: {{ .Values.certManager.namespace | quote }}
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 ---
 # Grant the webhook permission to read the ConfigMap containing the Kubernetes
 # apiserver's requestheader-ca-certificate
@@ -18,10 +15,7 @@ metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}:webhook-authentication-reader
  namespace: kube-system
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
@@ -39,10 +33,7 @@ kind: ClusterRoleBinding
 metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}:auth-delegator
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
@@ -59,10 +50,7 @@ kind: ClusterRole
 metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}:domain-solver
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 rules:
  - apiGroups:
      - {{ .Values.groupName }}
@@ -76,10 +64,7 @@ kind: ClusterRoleBinding
 metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}:domain-solver
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
@@ -130,10 +115,7 @@ kind: ClusterRole
 metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}:flowcontrol-solver
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 rules:
  - apiGroups:
      - "flowcontrol.apiserver.k8s.io"
@@ -149,10 +131,7 @@ kind: ClusterRoleBinding
 metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}:flowcontrol-solver
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
--- a/deploy/cert-manager-webhook-gandi/templates/service.yaml
+++ b/deploy/cert-manager-webhook-gandi/templates/service.yaml
@@ -4,10 +4,7 @@ metadata:
  name: {{ include "cert-manager-webhook-gandi.fullname" . }}
  namespace: {{ .Values.certManager.namespace | quote }}
  labels:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.labels" . | nindent 4 }}
    chart: {{ include "cert-manager-webhook-gandi.chart" . }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
 spec:
  type: {{ .Values.service.type }}
  ports:
@@ -16,5 +13,4 @@ spec:
      protocol: TCP
      name: https
  selector:
-    app: {{ include "cert-manager-webhook-gandi.name" . }}
+    {{- include "cert-manager-webhook-gandi.selectorLabels" . | nindent 4 }}
    release: {{ .Release.Name }}
--- a/deploy/cert-manager-webhook-gandi/values.yaml
+++ b/deploy/cert-manager-webhook-gandi/values.yaml
@@ -1,51 +1,21 @@
 # The GroupName here is used to identify your company or business unit that
 # created this webhook.
 # For example, this may be "acme.mycompany.com".
 # This name will need to be referenced in each Issuer's `webhook` stanza to
 # inform cert-manager of where to send ChallengePayload resources in order to
 # solve the DNS01 challenge.
 # This group name should be **unique**, hence using your own company's domain
 # here is recommended.
 groupName: acme.bwolf.me
 logLevel: 6
 certManager:
  namespace: cert-manager
  serviceAccountName: cert-manager
 image:
-  repository: bwolf/cert-manager-webhook-gandi
+  repository: git.mug.lv/galen/cert-manager-webhook-gandi-server
-  tag: v0.1.1
+  # tag: X.Y.Z  defaults to app version
  pullPolicy: IfNotPresent
-
+nameOverride: ''
-nameOverride: ""
+fullnameOverride: ''
 fullnameOverride: ""
 service:
  type: ClusterIP
  port: 443
-
+containerport: 8443
 features:
  # API Priority and Fairness should be enabled from Kubernetes 1.20
  # https://kubernetes.io/docs/concepts/cluster-administration/flow-control/
  apiPriorityAndFairness: false
-
+resources: {}
 resources:
  {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  # limits:
  #  cpu: 100m
  #  memory: 128Mi
  # requests:
  #  cpu: 100m
  #  memory: 128Mi
 nodeSelector: {}
 tolerations: []
 affinity: {}
--- a/go.mod
+++ b/go.mod
@@ -1,113 +1,110 @@
 module github.com/bwolf/cert-manager-webhook-gandi
-go 1.17
+go 1.20
 require (
 	github.com/cert-manager/cert-manager v1.12.1
 	k8s.io/apiextensions-apiserver v0.27.2
 	k8s.io/apimachinery v0.27.2
 	k8s.io/client-go v0.27.2
 	k8s.io/klog/v2 v2.100.1
 )
 require (
 	github.com/NYTimes/gziphandler v1.1.1 // indirect
-	github.com/PuerkitoBio/purell v1.1.1 // indirect
+	github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 // indirect
-	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/blang/semver v3.5.1+incompatible // indirect
+	github.com/blang/semver/v4 v4.0.0 // indirect
-	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/coreos/go-semver v0.3.0 // indirect
-	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
+	github.com/coreos/go-systemd/v22 v22.4.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/emicklei/go-restful v2.15.0+incompatible // indirect
+	github.com/emicklei/go-restful/v3 v3.9.0 // indirect
-	github.com/evanphx/json-patch v4.11.0+incompatible // indirect
+	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
-	github.com/felixge/httpsnoop v1.0.2 // indirect
+	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
-	github.com/go-logr/logr v0.4.0 // indirect
+	github.com/felixge/httpsnoop v1.0.3 // indirect
-	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/fsnotify/fsnotify v1.6.0 // indirect
-	github.com/go-openapi/jsonreference v0.19.6 // indirect
+	github.com/go-logr/logr v1.2.4 // indirect
-	github.com/go-openapi/swag v0.19.15 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-logr/zapr v1.2.4 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
 	github.com/go-openapi/jsonreference v0.20.1 // indirect
 	github.com/go-openapi/swag v0.22.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/go-cmp v0.5.6 // indirect
+	github.com/google/cel-go v0.12.6 // indirect
 	github.com/google/gnostic v0.6.9 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/googleapis/gnostic v0.5.5 // indirect
 	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
-	github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 // indirect
 	github.com/imdario/mergo v0.3.12 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jetstack/cert-manager v1.5.4
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
-	github.com/miekg/dns v1.1.34 // indirect
+	github.com/miekg/dns v1.1.50 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/prometheus/client_golang v1.11.0 // indirect
+	github.com/prometheus/client_golang v1.15.1 // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/client_model v0.4.0 // indirect
-	github.com/prometheus/common v0.31.1 // indirect
+	github.com/prometheus/common v0.42.0 // indirect
-	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/prometheus/procfs v0.9.0 // indirect
-	github.com/spf13/cobra v1.2.1 // indirect
+	github.com/spf13/cobra v1.7.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	go.etcd.io/etcd/api/v3 v3.5.0 // indirect
+	github.com/stoewer/go-strcase v1.2.0 // indirect
-	go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.7 // indirect
-	go.etcd.io/etcd/client/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.7 // indirect
-	go.opentelemetry.io/contrib v0.20.0 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.7 // indirect
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.35.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.39.0 // indirect
-	go.opentelemetry.io/otel v0.20.0 // indirect
+	go.opentelemetry.io/otel v1.15.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp v0.20.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.15.0 // indirect
-	go.opentelemetry.io/otel/metric v0.20.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.15.0 // indirect
-	go.opentelemetry.io/otel/sdk v0.20.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.15.0 // indirect
-	go.opentelemetry.io/otel/sdk/export/metric v0.20.0 // indirect
+	go.opentelemetry.io/otel/metric v0.36.0 // indirect
-	go.opentelemetry.io/otel/sdk/metric v0.20.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.15.0 // indirect
-	go.opentelemetry.io/otel/trace v0.20.0 // indirect
+	go.opentelemetry.io/otel/trace v1.15.0 // indirect
-	go.opentelemetry.io/proto/otlp v0.7.0 // indirect
+	go.opentelemetry.io/proto/otlp v0.19.0 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
-	go.uber.org/multierr v1.7.0 // indirect
+	go.uber.org/multierr v1.6.0 // indirect
-	go.uber.org/zap v1.19.1 // indirect
+	go.uber.org/zap v1.24.0 // indirect
-	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
+	golang.org/x/crypto v0.6.0 // indirect
-	golang.org/x/net v0.0.0-20211005001312-d4b1ae081e3b // indirect
+	golang.org/x/mod v0.10.0 // indirect
-	golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f // indirect
+	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
+	golang.org/x/oauth2 v0.5.0 // indirect
-	golang.org/x/sys v0.0.0-20211004093028-2c5d950f24ef // indirect
+	golang.org/x/sync v0.2.0 // indirect
-	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
+	golang.org/x/sys v0.8.0 // indirect
-	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/term v0.8.0 // indirect
-	golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
+	golang.org/x/text v0.9.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.9.1 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20211001223012-bfb93cce50d9 // indirect
+	google.golang.org/genproto v0.0.0-20230223222841-637eb2293923 // indirect
-	google.golang.org/grpc v1.41.0 // indirect
+	google.golang.org/grpc v1.54.0 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
+	google.golang.org/protobuf v1.30.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/api v0.22.2 // indirect
+	k8s.io/api v0.27.2 // indirect
-	k8s.io/apiextensions-apiserver v0.22.2
+	k8s.io/apiserver v0.27.2 // indirect
-	k8s.io/apimachinery v0.22.2
+	k8s.io/component-base v0.27.2 // indirect
-	k8s.io/apiserver v0.22.2 // indirect
+	k8s.io/kms v0.27.2 // indirect
-	k8s.io/client-go v0.22.2
+	k8s.io/kube-aggregator v0.27.2 // indirect
-	k8s.io/component-base v0.22.2 // indirect
+	k8s.io/kube-openapi v0.0.0-20230515203736-54b630e78af5 // indirect
-	k8s.io/klog/v2 v2.9.0
+	k8s.io/utils v0.0.0-20230505201702-9f6742963106 // indirect
-	k8s.io/kube-aggregator v0.22.2 // indirect
+	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.2 // indirect
-	k8s.io/kube-openapi v0.0.0-20210929172449-94abcedd1aa4 // indirect
+	sigs.k8s.io/controller-runtime v0.15.0 // indirect
-	k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b // indirect
+	sigs.k8s.io/gateway-api v0.7.0 // indirect
-	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.24 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/controller-runtime v0.9.2 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.1.2 // indirect
 	sigs.k8s.io/yaml v1.3.0 // indirect
 )
 // Force packages versions over versions used by https://github.com/kubernetes/apiserver v0.22.2
 replace (
 	github.com/go-logr/logr => github.com/go-logr/logr v0.4.0
 	go.opentelemetry.io/contrib => go.opentelemetry.io/contrib v0.20.0
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc => go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp => go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0
 	go.opentelemetry.io/otel => go.opentelemetry.io/otel v0.20.0
 	go.opentelemetry.io/otel/exporters/otlp => go.opentelemetry.io/otel/exporters/otlp v0.20.0
 	go.opentelemetry.io/otel/metric => go.opentelemetry.io/otel/metric v0.20.0
 	go.opentelemetry.io/otel/sdk => go.opentelemetry.io/otel/sdk v0.20.0
 	go.opentelemetry.io/otel/sdk/export/metric => go.opentelemetry.io/otel/sdk/export/metric v0.20.0
 	go.opentelemetry.io/otel/sdk/metric => go.opentelemetry.io/otel/sdk/metric v0.20.0
 	go.opentelemetry.io/otel/trace => go.opentelemetry.io/otel/trace v0.20.0
 	go.opentelemetry.io/proto/otlp => go.opentelemetry.io/proto/otlp v0.7.0
 	k8s.io/klog/v2 => k8s.io/klog/v2 v2.9.0
 )
--- a/go.sum
+++ b/go.sum
--- a/main.go
+++ b/main.go
@@ -7,9 +7,9 @@ import (
 	"os"
 	"strings"
-	"github.com/jetstack/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
+	"github.com/cert-manager/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
-	"github.com/jetstack/cert-manager/pkg/acme/webhook/cmd"
+	"github.com/cert-manager/cert-manager/pkg/acme/webhook/cmd"
-	cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1"
+	cmmeta "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
 	extapi "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes"
@@ -40,7 +40,7 @@ func main() {
 // gandiDNSProviderSolver implements the provider-specific logic needed to
 // 'present' an ACME challenge TXT record for your own DNS provider.
-// To do so, it must implement the `github.com/jetstack/cert-manager/pkg/acme/webhook.Solver`
+// To do so, it must implement the `github.com/cert-manager/cert-manager/pkg/acme/webhook.Solver`
 // interface.
 type gandiDNSProviderSolver struct {
 	client *kubernetes.Clientset
--- a/main_test.go
+++ b/main_test.go
@@ -4,7 +4,7 @@ import (
 	"os"
 	"testing"
-	"github.com/jetstack/cert-manager/test/acme/dns"
+	"github.com/cert-manager/cert-manager/test/acme"
 )
 var (
Author	SHA1	Message	Date
Galen Abell	373cb7ffde	Bump version to v0.3.1 All checks were successful Release workflow / Publish Helm chart (push) Successful in 32s Details Release workflow / Publish Docker image (push) Successful in 2m21s Details	2023-10-17 10:12:03 -04:00
Galen Abell	625cd71ef7	Formatting	2023-10-17 10:11:19 -04:00
Galen Abell	2664ae3f11	Use named port in service	2023-10-17 10:08:37 -04:00
Galen Abell	4c0ef13c61	Fix service selector labels	2023-10-17 10:08:21 -04:00
Galen Abell	ac9a9fd796	Fix default repository	2023-10-17 09:59:21 -04:00
Galen Abell	7bd3f5769a	Bump version All checks were successful Release workflow / Publish Helm chart (push) Successful in 32s Details Release workflow / Publish Docker image (push) Successful in 2m19s Details	2023-10-16 16:59:42 -04:00
Galen Abell	84ac6d4d27	Interpolate image tag from version	2023-10-16 16:58:36 -04:00
Galen Abell	52583c3e12	Fix gitignore	2023-10-16 16:54:42 -04:00
Galen Abell	382418418b	Remove changelog	2023-10-16 16:54:42 -04:00
Galen Abell	661abf8df2	Update image in chart	2023-10-16 16:54:42 -04:00
Galen Abell	4c7c0b121a	Cleanup Makefile	2023-10-16 16:54:42 -04:00
Galen Abell	ef409187de	Add release workflow	2023-10-16 16:54:42 -04:00
Clement Gautier	33b74ccc20	Use default Helm3 label helper	2023-10-16 13:31:59 -04:00
Jarle Bjørgeengen	b818887966	Replace harcoded container port with value. Deafult to non-privileged port	2023-10-16 13:30:31 -04:00
Emanuele Barsanti	970e5fb44e	Update dependencies	2023-10-16 13:21:47 -04:00
Galen Abell	5785110ea0	Remove workflow	2023-10-16 13:18:48 -04:00
Galen Abell	aaa5f621e4	Add fork notice	2023-10-16 13:18:36 -04:00
Marcus Geiger	41edd7368c	Update README.md Fix missing backslash	2022-03-26 22:29:44 +01:00
github-actions[bot]	61bcd3d286	Update chart version to v0.2.0	2021-10-24 20:28:10 +00:00
github-actions[bot]	f63550ff6f	Update image tag to 0.2.0	2021-10-24 20:27:45 +00:00