diff --git a/.github/SECURITY.md b/.github/SECURITY.md index b49e22c..3f19a7c 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -11,4 +11,4 @@ The Merger plugin is tested with the following Kustomize versions (but should wo ## Reporting a Vulnerability -If a vulnerability is found, please report it via [GitHub issues](https://github.com/aabouzaid/kustomize-plugin-merger/issues). +If a vulnerability is found, please report it via [GitHub issues](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/issues). diff --git a/.github/workflows/go-ci.yml b/.github/workflows/go-ci.yml index efafd98..99fad34 100644 --- a/.github/workflows/go-ci.yml +++ b/.github/workflows/go-ci.yml @@ -19,10 +19,11 @@ jobs: go-version-file: go.mod cache: false - name: Run GolangCI linter - uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3 + uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0 with: - version: v1.54 args: '--timeout=5m' + skip-cache: true + skip-save-cache: true - name: Run Go test coverage run: go test -race -coverprofile=coverage.out -covermode=atomic ./... - name: Upload coverage to Codecov @@ -41,9 +42,12 @@ jobs: uses: ./.github/workflows/tpl-packaging.yml secrets: inherit with: + goreleaser-version: 2 goreleaser-args: "release --clean --snapshot" artifacts-cache: true artifacts-cache-key: "dist-${{ github.run_id }}" + artifacts-publish-ci: true + artifacts-identifier: "${{ github.event.number == 0 && format('main-{0}', github.sha) || format('pr-{0}', github.event.number) }}" upload: name: Upload Artifacts - ${{ matrix.os.name }} diff --git a/.github/workflows/go-release.yml b/.github/workflows/go-release.yml index 8534e62..f9f5358 100644 --- a/.github/workflows/go-release.yml +++ b/.github/workflows/go-release.yml @@ -21,4 +21,3 @@ jobs: secrets: inherit with: goreleaser-args: "release --clean" - registry-login: true diff --git a/.github/workflows/tpl-packaging.yml b/.github/workflows/tpl-packaging.yml index b65df9f..0a4c14e 100644 --- a/.github/workflows/tpl-packaging.yml +++ b/.github/workflows/tpl-packaging.yml @@ -9,10 +9,13 @@ on: goreleaser-args: required: true type: string - registry-login: + artifacts-cache: default: false type: boolean - artifacts-cache: + artifacts-identifier: + default: latest + type: string + artifacts-publish-ci: default: false type: boolean artifacts-cache-key: @@ -52,7 +55,6 @@ jobs: - name: Setup Cosign uses: sigstore/cosign-installer@main - name: Login to GitHub Container Registry - if: ${{ inputs.registry-login }} uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3 with: registry: ghcr.io @@ -67,6 +69,24 @@ jobs: args: "${{ inputs.goreleaser-args }}" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Cleanup CI Docker Image + if: ${{ inputs.artifacts-publish-ci }} + uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + package-name: kustomize-generator-merger-ci + package-type: container + min-versions-to-keep: 10 + - name: Publish CI Docker Image + if: ${{ inputs.artifacts-publish-ci }} + run: | + for xarch in amd64 arm64; do + docker_image_src="ghcr.io/devopshivehq/kustomize-generator-merger:latest-${xarch}" + docker_image_dst="ghcr.io/devopshivehq/kustomize-generator-merger-ci:${{ inputs.artifacts-identifier }}-${xarch}" + echo "Tag and push image: ${docker_image_dst}" + docker tag ${docker_image_src} ${docker_image_dst} + docker push ${docker_image_dst} + done - name: Cache Artifacts uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3 if: ${{ inputs.artifacts-cache }} diff --git a/.golangci.yml b/.golangci.yml index 6032f4c..6a9d143 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -5,7 +5,7 @@ linters-settings: gocyclo: min-complexity: 15 goimports: - local-prefixes: github.com/aabouzaid/kustomize-plugin-merger + local-prefixes: github.com/DevOpsHiveHQ/kustomize-plugin-merger govet: check-shadowing: true misspell: diff --git a/Dockerfile b/Dockerfile index b7a5b21..5bcb5d2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,8 @@ +FROM ubuntu:latest as base +RUN useradd -u 1001 merger + FROM scratch -ENTRYPOINT ["/kustomize-plugin-merger"] +COPY --from=base /etc/passwd /etc/passwd COPY kustomize-plugin-merger / +USER 1001 +ENTRYPOINT ["/kustomize-plugin-merger"] diff --git a/README.md b/README.md index f8e4f83..57773d0 100644 --- a/README.md +++ b/README.md @@ -13,24 +13,24 @@ A Kustomize generator plugin to merge YAML files seamlessly for real-world use c

-[![CI](https://img.shields.io/github/actions/workflow/status/aabouzaid/kustomize-plugin-merger/.github%2Fworkflows%2Fgo-ci.yml?logo=github&label=CI&color=31c653)](https://github.com/aabouzaid/kustomize-plugin-merger/actions/workflows/go-ci.yml?query=branch%3Amain) -[![CodeQL](https://img.shields.io/github/actions/workflow/status/aabouzaid/kustomize-plugin-merger/.github%2Fworkflows%2Fgo-ci.yml?logo=github&label=CodeQL&color=31c653)](https://github.com/aabouzaid/kustomize-plugin-merger/actions/workflows/sec-codeql.yml?query=branch%3Amain) +[![CI](https://img.shields.io/github/actions/workflow/status/aabouzaid/kustomize-plugin-merger/.github%2Fworkflows%2Fgo-ci.yml?logo=github&label=CI&color=31c653)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/actions/workflows/go-ci.yml?query=branch%3Amain) +[![CodeQL](https://img.shields.io/github/actions/workflow/status/aabouzaid/kustomize-plugin-merger/.github%2Fworkflows%2Fgo-ci.yml?logo=github&label=CodeQL&color=31c653)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/actions/workflows/sec-codeql.yml?query=branch%3Amain) [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7815/badge)](https://www.bestpractices.dev/projects/7815) -[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/aabouzaid/kustomize-plugin-merger/badge)](https://securityscorecards.dev/viewer/?uri=github.com/aabouzaid/kustomize-plugin-merger) -[![Go Report Card](https://goreportcard.com/badge/github.com/aabouzaid/kustomize-plugin-merger)](https://goreportcard.com/report/github.com/aabouzaid/kustomize-plugin-merger) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/DevOpsHiveHQ/kustomize-plugin-merger/badge)](https://securityscorecards.dev/viewer/?uri=github.com/DevOpsHiveHQ/kustomize-plugin-merger) +[![Go Report Card](https://goreportcard.com/badge/github.com/DevOpsHiveHQ/kustomize-plugin-merger)](https://goreportcard.com/report/github.com/DevOpsHiveHQ/kustomize-plugin-merger) [![codecov](https://codecov.io/github/aabouzaid/kustomize-plugin-merger/graph/badge.svg?token=BUFRT7BO2I)](https://codecov.io/github/aabouzaid/kustomize-plugin-merger) -[![GitHub Release](https://img.shields.io/github/v/release/aabouzaid/kustomize-plugin-merger?logo=github)](https://github.com/aabouzaid/kustomize-plugin-merger/releases) -[![Docker](https://img.shields.io/badge/Docker-available-blue?logo=docker&logoColor=white)](https://github.com/aabouzaid/kustomize-plugin-merger/pkgs/container/kustomize-generator-merger) -[![Go Reference](https://pkg.go.dev/badge/github.com/aabouzaid/kustomize-plugin-merger.svg)](https://pkg.go.dev/github.com/aabouzaid/kustomize-plugin-merger) -[![Renovate](https://img.shields.io/badge/Renovate-enabled-blue?logo=renovatebot)](https://github.com/aabouzaid/kustomize-plugin-merger/issues/7) -[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](https://github.com/aabouzaid/kustomize-plugin-merger/pulls) +[![GitHub Release](https://img.shields.io/github/v/release/aabouzaid/kustomize-plugin-merger?logo=github)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/releases) +[![Docker](https://img.shields.io/badge/Docker-available-blue?logo=docker&logoColor=white)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/pkgs/container/kustomize-generator-merger) +[![Go Reference](https://pkg.go.dev/badge/github.com/DevOpsHiveHQ/kustomize-plugin-merger.svg)](https://pkg.go.dev/github.com/DevOpsHiveHQ/kustomize-plugin-merger) +[![Renovate](https://img.shields.io/badge/Renovate-enabled-blue?logo=renovatebot)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/issues/7) +[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/pulls) - [Why](#why) - [Features](#features) - [Options](#options) -- [Common use cases](#common-use-cases) +- [Examples](#examples) - [1. Generate multiple manifests from a single base](#1-generate-multiple-manifests-from-a-single-base) - [2. Merge non-manifest files and store them into ConfigMap or Secret](#2-merge-non-manifest-files-and-store-them-into-configmap-or-secret) - [3. Merge lists in manifests without schema or a unique identifier](#3-merge-lists-in-manifests-without-schema-or-a-unique-identifier) @@ -114,7 +114,7 @@ spec: ``` -## Common use cases +## Examples This section shows a couple of use cases where Merger can help. @@ -165,8 +165,8 @@ but it will follow the SemVer convention. ## Contributing All feedback and contributions are welcome. If you find any issues or want to contribute, -please feel free to [fill an issue](https://github.com/aabouzaid/kustomize-plugin-merger/issues) -or [create a PR](https://github.com/aabouzaid/kustomize-plugin-merger/pulls). +please feel free to [fill an issue](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/issues) +or [create a PR](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/pulls). ## License diff --git a/examples/long-omni-manifest/README.md b/examples/long-omni-manifest/README.md index d280619..1429c21 100644 --- a/examples/long-omni-manifest/README.md +++ b/examples/long-omni-manifest/README.md @@ -136,7 +136,7 @@ spec: ## Build ```shell -kustomize build --enable-alpha-plugins --as-current-user . +kustomize build --enable-alpha-plugins . ``` ## Output diff --git a/examples/manifest-lists-without-schema/README.md b/examples/manifest-lists-without-schema/README.md index 6e602de..8ee6e58 100644 --- a/examples/manifest-lists-without-schema/README.md +++ b/examples/manifest-lists-without-schema/README.md @@ -100,7 +100,7 @@ spec: ## Build ```shell -kustomize build --enable-alpha-plugins --as-current-user . +kustomize build --enable-alpha-plugins . ``` ## Output diff --git a/examples/multiple-manifests-from-single-file/README.md b/examples/multiple-manifests-from-single-file/README.md index 144223e..0558f5f 100644 --- a/examples/multiple-manifests-from-single-file/README.md +++ b/examples/multiple-manifests-from-single-file/README.md @@ -150,7 +150,7 @@ spec: ## Build ```shell -kustomize build --enable-alpha-plugins --as-current-user . +kustomize build --enable-alpha-plugins . ``` ## Output diff --git a/examples/non-manifest-into-configmap-or-secret/README.md b/examples/non-manifest-into-configmap-or-secret/README.md index 47098b6..e9813e0 100644 --- a/examples/non-manifest-into-configmap-or-secret/README.md +++ b/examples/non-manifest-into-configmap-or-secret/README.md @@ -94,7 +94,7 @@ spec: ## Build ```shell -kustomize build --enable-alpha-plugins --as-current-user . +kustomize build --enable-alpha-plugins . ``` ## Output diff --git a/go.mod b/go.mod index 860e517..1adfc40 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module github.com/aabouzaid/kustomize-plugin-merger +module github.com/DevOpsHiveHQ/kustomize-plugin-merger go 1.22.0 diff --git a/main.go b/main.go index ce83f87..1c69ce2 100644 --- a/main.go +++ b/main.go @@ -6,7 +6,7 @@ import ( "sigs.k8s.io/kustomize/kyaml/fn/framework" "sigs.k8s.io/kustomize/kyaml/kio" - "github.com/aabouzaid/kustomize-plugin-merger/pkg/merger" + "github.com/DevOpsHiveHQ/kustomize-plugin-merger/pkg/merger" ) func main() {