Merge commit 'b73315d8063996b80eb147fa4a8bec9ace40f52b' into bug_fixes

.github/workflows/image.yaml

@@ -18,8 +18,8 @@ jobs:
         with:
           go-version: 1.14
           
-      - name: login to GitHub Container Registry
-        run: echo ${{ secrets.CR_PAT }} | docker login https://docker.pkg.github.com -u $GITHUB_ACTOR --password-stdin
+      - name: login to docker hub
+        run: echo "${{ secrets.DOCKERIO_PASSWORD }}" | docker login -u "${{ secrets.DOCKERIO_USERNAME }}" --password-stdin
 
       - name: docker images publish
         run: |

Makefile

@@ -8,8 +8,8 @@ GIT_BRANCH := $(shell git branch | grep \* | cut -d ' ' -f2)
 GIT_HASH := $(GIT_BRANCH)/$(shell git log -1 --pretty=format:"%H")
 TIMESTAMP := $(shell date '+%Y-%m-%d_%I:%M:%S%p')
 
-REGISTRY?=ghcr.io
-REPO=$(REGISTRY)/kyverno
+REGISTRY?=index.docker.io
+REPO=$(REGISTRY)/nirmata/kyverno
 IMAGE_TAG?=$(GIT_VERSION)
 GOOS ?= $(shell go env GOOS)
 PACKAGE ?=github.com/kyverno/kyverno
@@ -38,14 +38,14 @@ docker-publish-initContainer: docker-build-initContainer docker-tag-repo-initCon
 docker-build-initContainer:
 	CGO_ENABLED=0 GOOS=linux go build -o $(PWD)/$(INITC_PATH)/kyvernopre -ldflags=$(LD_FLAGS) $(PWD)/$(INITC_PATH)/main.go
 	echo $(PWD)/$(INITC_PATH)/
-	@docker build -f $(PWD)/$(INITC_PATH)/Dockerfile -t $(REPO)/$(INITC_IMAGE):$(IMAGE_TAG) $(PWD)/$(INITC_PATH)/
+	@docker build -f $(PWD)/$(INITC_PATH)/Dockerfile -t $(REGISTRY)/nirmata/$(INITC_IMAGE):$(IMAGE_TAG) $(PWD)/$(INITC_PATH)/
 
 docker-tag-repo-initContainer:
-	@docker tag $(REPO)/$(INITC_IMAGE):$(IMAGE_TAG) $(REPO)/$(INITC_IMAGE):latest
+	@docker tag $(REGISTRY)/nirmata/$(INITC_IMAGE):$(IMAGE_TAG) $(REGISTRY)/nirmata/$(INITC_IMAGE):latest
 
 docker-push-initContainer:
-	@docker push $(REPO)/$(INITC_IMAGE):$(IMAGE_TAG)
-	@docker push $(REPO)/$(INITC_IMAGE):latest
+	@docker push $(REGISTRY)/nirmata/$(INITC_IMAGE):$(IMAGE_TAG)
+	@docker push $(REGISTRY)/nirmata/$(INITC_IMAGE):latest
 
 ##################################
 # KYVERNO CONTAINER
@@ -65,15 +65,15 @@ docker-publish-kyverno: docker-build-kyverno  docker-tag-repo-kyverno  docker-pu
 
 docker-build-kyverno:
 	CGO_ENABLED=0 GOOS=linux go build -o $(PWD)/$(KYVERNO_PATH)/kyverno -ldflags=$(LD_FLAGS) $(PWD)/$(KYVERNO_PATH)/main.go
-	@docker build -f $(PWD)/$(KYVERNO_PATH)/Dockerfile -t $(REPO)/$(KYVERNO_IMAGE):$(IMAGE_TAG) $(PWD)/$(KYVERNO_PATH)
+	@docker build -f $(PWD)/$(KYVERNO_PATH)/Dockerfile -t $(REGISTRY)/nirmata/$(KYVERNO_IMAGE):$(IMAGE_TAG) $(PWD)/$(KYVERNO_PATH)
 
 docker-tag-repo-kyverno:
-	@echo "docker tag $(REPO)/$(KYVERNO_IMAGE):$(IMAGE_TAG) $(REPO)/$(KYVERNO_IMAGE):latest"
-	@docker tag $(REPO)/$(KYVERNO_IMAGE):$(IMAGE_TAG) $(REPO)/$(KYVERNO_IMAGE):latest
+	@echo "docker tag $(REGISTRY)/nirmata/$(KYVERNO_IMAGE):$(IMAGE_TAG) $(REGISTRY)/nirmata/$(KYVERNO_IMAGE):latest"
+	@docker tag $(REGISTRY)/nirmata/$(KYVERNO_IMAGE):$(IMAGE_TAG) $(REGISTRY)/nirmata/$(KYVERNO_IMAGE):latest
 
 docker-push-kyverno:
-	@docker push $(REPO)/$(KYVERNO_IMAGE):$(IMAGE_TAG)
-	@docker push $(REPO)/$(KYVERNO_IMAGE):latest
+	@docker push $(REGISTRY)/nirmata/$(KYVERNO_IMAGE):$(IMAGE_TAG)
+	@docker push $(REGISTRY)/nirmata/$(KYVERNO_IMAGE):latest
 
 ##################################
 
@@ -98,15 +98,15 @@ docker-publish-cli: docker-build-cli  docker-tag-repo-cli  docker-push-cli
 
 docker-build-cli:
 	CGO_ENABLED=0 GOOS=linux go build -o $(PWD)/$(CLI_PATH)/kyverno -ldflags=$(LD_FLAGS) $(PWD)/$(CLI_PATH)/main.go
-	@docker build -f $(PWD)/$(CLI_PATH)/Dockerfile -t $(REPO)/$(KYVERNO_CLI_IMAGE):$(IMAGE_TAG) $(PWD)/$(CLI_PATH)
+	@docker build -f $(PWD)/$(CLI_PATH)/Dockerfile -t $(REGISTRY)/nirmata/$(KYVERNO_CLI_IMAGE):$(IMAGE_TAG) $(PWD)/$(CLI_PATH)
 
 docker-tag-repo-cli:
-	@echo "docker tag $(REPO)/$(KYVERNO_CLI_IMAGE):$(IMAGE_TAG) $(REPO)/$(KYVERNO_CLI_IMAGE):latest"
-	@docker tag $(REPO)/$(KYVERNO_CLI_IMAGE):$(IMAGE_TAG) $(REPO)/$(KYVERNO_CLI_IMAGE):latest
+	@echo "docker tag $(REGISTRY)/nirmata/$(KYVERNO_CLI_IMAGE):$(IMAGE_TAG) $(REGISTRY)/nirmata/$(KYVERNO_CLI_IMAGE):latest"
+	@docker tag $(REGISTRY)/nirmata/$(KYVERNO_CLI_IMAGE):$(IMAGE_TAG) $(REGISTRY)/nirmata/$(KYVERNO_CLI_IMAGE):latest
 
 docker-push-cli:
-	@docker push $(REPO)/$(KYVERNO_CLI_IMAGE):$(IMAGE_TAG)
-	@docker push $(REPO)/$(KYVERNO_CLI_IMAGE):latest
+	@docker push $(REGISTRY)/nirmata/$(KYVERNO_CLI_IMAGE):$(IMAGE_TAG)
+	@docker push $(REGISTRY)/nirmata/$(KYVERNO_CLI_IMAGE):latest
 
 ##################################
 docker-publish-all: docker-publish-initContainer docker-publish-kyverno docker-publish-cli

charts/kyverno/README.md

@@ -73,10 +73,10 @@ Parameter | Description | Default
 `generatecontrollerExtraResources` | extra resource type Kyverno is allowed to generate | `[]`
 `image.pullPolicy` | Image pull policy | `IfNotPresent`
 `image.pullSecrets` | Specify image pull secrets | `[]` (does not add image pull secrets to deployed pods)
-`image.repository` | Image repository | `ghcr.io/kyverno/kyverno`
+`image.repository` | Image repository | `nirmata/kyverno`
 `image.tag` | Image tag | `nil`
 `initImage.pullPolicy` | Init image pull policy | `nil`
-`initImage.repository` | Init image repository | `ghcr.io/kyverno/kyvernopre`
+`initImage.repository` | Init image repository | `nirmata/kyvernopre`
 `initImage.tag` | Init image tag | `nil`
 `livenessProbe` | liveness probe configuration | `{}`
 `nameOverride` | override the name of the chart | `nil`

charts/kyverno/values.yaml

@@ -11,14 +11,14 @@ rbac:
     #   example.com/annotation: value
 
 image:
-  repository: ghcr.io/kyverno/kyverno
+  repository: nirmata/kyverno
   # Defaults to appVersion in Chart.yaml if omitted
   tag:
   pullPolicy: IfNotPresent
   pullSecrets: []
   # - secretName
 initImage:
-  repository: ghcr.io/kyverno/kyvernopre
+  repository: nirmata/kyvernopre
   # If initImage.tag is missing, defaults to image.tag
   tag:
   # If initImage.pullPolicy is missing, defaults to image.pullPolicy

definitions/install.yaml

@@ -3021,7 +3021,7 @@ spec:
               fieldPath: metadata.namespace
         - name: KYVERNO_SVC
           value: kyverno-svc
-        image: ghcr.io/kyverno/kyverno:v1.3.0-rc3
+        image: nirmata/kyverno:v1.3.0-rc3
         imagePullPolicy: Always
         livenessProbe:
           failureThreshold: 4
@@ -3064,7 +3064,7 @@ spec:
           runAsNonRoot: true
           runAsUser: 1000
       initContainers:
-      - image: ghcr.io/kyverno/kyvernopre:v1.3.0-rc3
+      - image: nirmata/kyvernopre:v1.3.0-rc3
         imagePullPolicy: Always
         name: kyverno-pre
         securityContext:

definitions/kustomization.yaml

@@ -6,9 +6,9 @@ resources:
 - ./manifest/
 - ./k8s-resource/
 images:
-- name: ghcr.io/kyverno/kyverno
-  newName: ghcr.io/kyverno/kyverno
+- name: nirmata/kyverno
+  newName: nirmata/kyverno
   newTag: v1.3.0-rc3
-- name: ghcr.io/kyverno/kyvernopre
-  newName: ghcr.io/kyverno/kyvernopre
+- name: nirmata/kyvernopre
+  newName: nirmata/kyvernopre
   newTag: v1.3.0-rc3

definitions/manifest/deployment.yaml

@@ -21,7 +21,7 @@ spec:
         runAsNonRoot: true
       initContainers:
         - name: kyverno-pre
-          image: ghcr.io/kyverno/kyvernopre:v1.1.9
+          image: nirmata/kyvernopre:v1.1.9
           imagePullPolicy: Always
           securityContext:
             runAsUser: 1000
@@ -34,7 +34,7 @@ spec:
                 - all
       containers:
         - name: kyverno
-          image: ghcr.io/kyverno/kyverno:latest
+          image: nirmata/kyverno:latest
           imagePullPolicy: Always
           args:
           - "--filterK8Resources=[Event,*,*][*,kube-system,*][*,kube-public,*][*,kube-node-lease,*][Node,*,*][APIService,*,*][TokenReview,*,*][SubjectAccessReview,*,*][*,kyverno,*][Binding,*,*][ReplicaSet,*,*][ReportChangeRequest,*,*][ClusterReportChangeRequest,*,*][PolicyReport,*,*][ClusterPolicyReport,*,*]"

definitions/release/install.yaml

@@ -3084,7 +3084,7 @@ spec:
               fieldPath: metadata.namespace
         - name: KYVERNO_SVC
           value: kyverno-svc
-        image: ghcr.io/kyverno/kyverno:v1.3.0-rc3
+        image: nirmata/kyverno:v1.3.0-rc3
         imagePullPolicy: Always
         livenessProbe:
           failureThreshold: 4
@@ -3127,7 +3127,7 @@ spec:
           runAsNonRoot: true
           runAsUser: 1000
       initContainers:
-      - image: ghcr.io/kyverno/kyvernopre:v1.3.0-rc3
+      - image: nirmata/kyvernopre:v1.3.0-rc3
         imagePullPolicy: Always
         name: kyverno-pre
         securityContext:

scripts/ci.sh

@@ -11,8 +11,8 @@ chmod a+x $pwd/kind
 
 ## Create Kind Cluster
 $pwd/kind create cluster
-$pwd/kind load docker-image ghcr.io/kyverno/kyverno:$hash
-$pwd/kind load docker-image ghcr.io/kyverno/kyvernopre:$hash
+$pwd/kind load docker-image nirmata/kyverno:$hash
+$pwd/kind load docker-image nirmata/kyvernopre:$hash
 
 pwd=$(pwd)
 cd $pwd/definitions
@@ -22,6 +22,6 @@ curl -sLO "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/ha
 bash ./install_kustomize.sh $latest
 chmod a+x $pwd/definitions/kustomize
 echo "Kustomize image edit"
-$pwd/definitions/kustomize edit set image ghcr.io/kyverno/kyverno:$hash
-$pwd/definitions/kustomize edit set image ghcr.io/kyverno/kyvernopre:$hash
+$pwd/definitions/kustomize edit set image nirmata/kyverno:$hash
+$pwd/definitions/kustomize edit set image nirmata/kyvernopre:$hash
 $pwd/definitions/kustomize build $pwd/definitions/ > $pwd/definitions/install.yaml

scripts/install-cli.sh

@@ -7,7 +7,7 @@ usage() {
   this=$1
   cat <<EOF
 
-$this: download binaries for kyverno/kyverno
+$this: download binaries for nirmata/kyverno
 
 Usage: $this [-b bindir] [-d] [tag]
   -b sets bindir or installation directory, Defaults to ./bin