Update version in readme and manifest to v0.1.12

github-actions · github-actions · commit a0b25c142d9d · 2023-08-31T23:47:29.000Z
diff --git a/README.md b/README.md
@@ -57,7 +57,7 @@ the container image. You can use digester to deploy container images by digest.
     Alternatively, you can download the latest version using these commands:
 
     ```sh
-    VERSION=v0.1.11
+    VERSION=v0.1.12
     curl -Lo digester "https://github.com/google/k8s-digester/releases/download/${VERSION}/digester_$(uname -s)_$(uname -m)"
     chmod +x digester
     ```
@@ -106,7 +106,7 @@ The digester webhook requires Kubernetes v1.16 or later.
 2.  Install the digester webhook in your Kubernetes cluster:
 
     ```sh
-    VERSION=v0.1.11
+    VERSION=v0.1.12
     kubectl apply -k "https://github.com/google/k8s-digester.git/manifests/?ref=${VERSION}"
     ```
 
diff --git a/docs/authentication.md b/docs/authentication.md
@@ -109,7 +109,7 @@ and you do not need a credential helper, you can run digester in a container.
 Mount your Docker config file in the container using the `--mount` flag:
 
 ```sh
-VERSION=v0.1.11
+VERSION=v0.1.12
 kpt fn eval [manifest directory] \
     --as-current-user \
     --env DOCKER_CONFIG=/.docker \
@@ -135,7 +135,7 @@ OFFLINE=false kpt fn eval [manifest directory] --exec ./digester
 If you want to run the KRM function in a container, mount your kubeconfig file:
 
 ```sh
-VERSION=v0.1.11
+VERSION=v0.1.12
 kpt fn eval [manifest directory] \
     --as-current-user \
     --env KUBECONFIG=/.kube/config \
diff --git a/manifests/README.md b/manifests/README.md
@@ -34,7 +34,7 @@ If you use a private GKE cluster, see additional steps for
 2.  Apply this package:
 
     ```sh
-    VERSION=v0.1.11
+    VERSION=v0.1.12
     kustomize build "https://github.com/google/k8s-digester.git/manifests?ref=$VERSION" | kubectl apply -f -
     ```
 
@@ -52,7 +52,7 @@ If you use a private GKE cluster, see additional steps for
 3.  Fetch this package:
 
     ```sh
-    VERSION=v0.1.11
+    VERSION=v0.1.12
     kpt pkg get "https://github.com/google/k8s-digester.git/manifests@${VERSION}" manifests
     ```
 
diff --git a/manifests/deployment.yaml b/manifests/deployment.yaml
@@ -1,70 +1,41 @@
-# Copyright 2021 Google LLC
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: digester-controller-manager
-  namespace: digester-system
   labels:
     control-plane: controller-manager
     digester/operation: webhook
     digester/system: "yes"
+  name: digester-controller-manager
+  namespace: digester-system
 spec:
-  replicas: 3 # kpt-set: ${replicas}
+  replicas: 3
   selector:
     matchLabels:
       control-plane: controller-manager
       digester/operation: webhook
       digester/system: "yes"
   template:
     metadata:
+      annotations:
+        prometheus.io/port: "8888"
       labels:
         control-plane: controller-manager
         digester/operation: webhook
         digester/system: "yes"
-      annotations:
-        prometheus.io/port: "8888" # kpt-set: ${metrics-port}
     spec:
-      serviceAccountName: digester-admin
-      nodeSelector:
-        kubernetes.io/os: linux
       containers:
-      - name: manager
-        image: k8s-digester # kpt-set: ${image}
-        args:
+      - args:
         - webhook
-        - --cert-dir=/certs # kpt-set: --cert-dir=${cert-dir}
-        - --disable-cert-rotation=false # kpt-set: --disable-cert-rotation=${disable-cert-rotation}
-        - --dry-run=false # kpt-set: --dry-run=${dry-run}
-        - --health-addr=:9090 # kpt-set: --health-addr=:${health-port}
-        - --metrics-addr=:8888 # kpt-set: --metrics-addr=:${metrics-port}
-        - --offline=false # kpt-set: --offline=${offline}
-        - --port=8443 # kpt-set: --port=${port}
-        ports:
-        - name: webhook-server
-          protocol: TCP
-          containerPort: 8443 # kpt-set: ${port}
-        - name: metrics
-          protocol: TCP
-          containerPort: 8888 # kpt-set: ${metrics-port}
-        - name: healthz
-          protocol: TCP
-          containerPort: 9090 # kpt-set: ${health-port}
+        - --cert-dir=/certs
+        - --disable-cert-rotation=false
+        - --dry-run=false
+        - --health-addr=:9090
+        - --metrics-addr=:8888
+        - --offline=false
+        - --port=8443
         env:
         - name: DEBUG
-          value: "false" # kpt-set: ${debug}
+          value: "false"
         - name: POD_NAME
           valueFrom:
             fieldRef:
@@ -74,23 +45,31 @@ spec:
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
-        resources:
-          requests:
-            cpu: 100m # kpt-set: ${request-cpu}
-            ephemeral-storage: 256Mi # kpt-set: ${request-ephemeral-storage}
-            memory: 256Mi # kpt-set: ${request-memory}
-        volumeMounts:
-        - name: cert
-          readOnly: true
-          mountPath: /certs # kpt-set: ${cert-dir}
+        image: ghcr.io/google/k8s-digester:v0.1.12@sha256:1bdd3e2442f3f4087502bf525537f32bdf02e595f47c6ae9ed32771d2455b3cb
         livenessProbe:
           httpGet:
-            port: healthz
             path: /healthz
+            port: healthz
+        name: manager
+        ports:
+        - containerPort: 8443
+          name: webhook-server
+          protocol: TCP
+        - containerPort: 8888
+          name: metrics
+          protocol: TCP
+        - containerPort: 9090
+          name: healthz
+          protocol: TCP
         readinessProbe:
           httpGet:
-            port: healthz
             path: /readyz
+            port: healthz
+        resources:
+          requests:
+            cpu: 100m
+            ephemeral-storage: 256Mi
+            memory: 256Mi
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
@@ -100,6 +79,13 @@ spec:
           runAsGroup: 65532
           runAsNonRoot: true
           runAsUser: 65532
+        volumeMounts:
+        - mountPath: /certs
+          name: cert
+          readOnly: true
+      nodeSelector:
+        kubernetes.io/os: linux
+      serviceAccountName: digester-admin
       volumes:
       - name: cert
         secret:
