Update index.yaml

Signed-off-by: mumoshu <mumoshu@users.noreply.github.com>

.github/workflows/on-push-lint-charts.yml

@@ -1,75 +0,0 @@
-name: Lint and Test Charts
-
-on:
-  push:
-    paths:
-      - 'charts/**'
-      - '.github/**'
-  workflow_dispatch:
-
-env:
-  KUBE_SCORE_VERSION: 1.10.0
-  HELM_VERSION: v3.4.1
-
-jobs:
-  lint-test:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-
-      - name: Set up Helm
-        uses: azure/setup-helm@v1
-        with:
-          version: ${{ env.HELM_VERSION }}
-
-      - name: Set up kube-score
-        run: |
-          wget https://github.com/zegl/kube-score/releases/download/v${{ env.KUBE_SCORE_VERSION }}/kube-score_${{ env.KUBE_SCORE_VERSION }}_linux_amd64 -O kube-score
-          chmod 755 kube-score
-
-      - name: Kube-score generated manifests
-        run: helm template  --values charts/.ci/values-kube-score.yaml charts/* | ./kube-score score -
-              --ignore-test pod-networkpolicy
-              --ignore-test deployment-has-poddisruptionbudget
-              --ignore-test deployment-has-host-podantiaffinity
-              --ignore-test container-security-context
-              --ignore-test pod-probes
-              --ignore-test container-image-tag
-              --enable-optional-test container-security-context-privileged
-              --enable-optional-test container-security-context-readonlyrootfilesystem
-
-      # python is a requirement for the chart-testing action below (supports yamllint among other tests)
-      - uses: actions/setup-python@v2
-        with:
-          python-version: 3.7
-
-      - name: Set up chart-testing
-        uses: helm/chart-testing-action@v2.0.1
-
-      - name: Run chart-testing (list-changed)
-        id: list-changed
-        run: |
-          changed=$(ct list-changed --config charts/.ci/ct-config.yaml)
-          if [[ -n "$changed" ]]; then
-            echo "::set-output name=changed::true"
-          fi
-
-      - name: Run chart-testing (lint)
-        run: ct lint --config charts/.ci/ct-config.yaml
-
-      - name: Create kind cluster
-        uses: helm/kind-action@v1.0.0
-        if: steps.list-changed.outputs.changed == 'true'
-
-      # We need cert-manager already installed in the cluster because we assume the CRDs exist
-      - name: Install cert-manager
-        run: |
-          helm repo add jetstack https://charts.jetstack.io --force-update
-          helm install cert-manager jetstack/cert-manager --set installCRDs=true --wait
-        if: steps.list-changed.outputs.changed == 'true'
-
-      - name: Run chart-testing (install)
-        run: ct install --config charts/.ci/ct-config.yaml

.github/workflows/on-push-master-publish-chart.yml

@@ -1,101 +0,0 @@
-name: Publish helm chart
-
-on:
-  push:
-    branches:
-      - master
-      - main # assume that the branch name may change in future
-    paths:
-      - 'charts/**'
-      - '.github/**'
-  workflow_dispatch:
-
-env:
-  KUBE_SCORE_VERSION: 1.10.0
-  HELM_VERSION: v3.4.1
-
-jobs:
-  lint-chart:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-
-      - name: Set up Helm
-        uses: azure/setup-helm@v1
-        with:
-          version: ${{ env.HELM_VERSION }}
-
-      - name: Set up kube-score
-        run: |
-          wget https://github.com/zegl/kube-score/releases/download/v${{ env.KUBE_SCORE_VERSION }}/kube-score_${{ env.KUBE_SCORE_VERSION }}_linux_amd64 -O kube-score
-          chmod 755 kube-score
-
-      - name: Kube-score generated manifests
-        run: helm template  --values charts/.ci/values-kube-score.yaml charts/* | ./kube-score score -
-              --ignore-test pod-networkpolicy
-              --ignore-test deployment-has-poddisruptionbudget
-              --ignore-test deployment-has-host-podantiaffinity
-              --ignore-test container-security-context
-              --ignore-test pod-probes
-              --ignore-test container-image-tag
-              --enable-optional-test container-security-context-privileged
-              --enable-optional-test container-security-context-readonlyrootfilesystem
-
-      # python is a requirement for the chart-testing action below (supports yamllint among other tests)
-      - uses: actions/setup-python@v2
-        with:
-          python-version: 3.7
-
-      - name: Set up chart-testing
-        uses: helm/chart-testing-action@v2.0.1
-
-      - name: Run chart-testing (list-changed)
-        id: list-changed
-        run: |
-          changed=$(ct list-changed --config charts/.ci/ct-config.yaml)
-          if [[ -n "$changed" ]]; then
-            echo "::set-output name=changed::true"
-          fi
-
-      - name: Run chart-testing (lint)
-        run: ct lint --config charts/.ci/ct-config.yaml
-
-      - name: Create kind cluster
-        uses: helm/kind-action@v1.0.0
-        if: steps.list-changed.outputs.changed == 'true'
-
-      # We need cert-manager already installed in the cluster because we assume the CRDs exist
-      - name: Install cert-manager
-        run: |
-          helm repo add jetstack https://charts.jetstack.io --force-update
-          helm install cert-manager jetstack/cert-manager --set installCRDs=true --wait
-        if: steps.list-changed.outputs.changed == 'true'
-
-      - name: Run chart-testing (install)
-        run: ct install --config charts/.ci/ct-config.yaml
-        if: steps.list-changed.outputs.changed == 'true'
-
-  publish-chart:
-
-    runs-on: ubuntu-latest
-    needs: lint-chart
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-
-      - name: Configure Git
-        run: |
-          git config user.name "$GITHUB_ACTOR"
-          git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
-
-      - name: Run chart-releaser
-        uses: helm/chart-releaser-action@v1.1.0
-        env:
-          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
-

README.md

@@ -519,7 +519,7 @@ NAME=$DOCKER_USER/actions-runner-controller \
 
 Please follow the instructions explained in [Using Personal Access Token](#using-personal-access-token) to obtain
 `GITHUB_TOKEN`, and those in [Using GitHub App](#using-github-app) to obtain `APP_ID`, `INSTALLATION_ID`, and
-`PRIAVTE_KEY_FILE_PATH`.
+`PRIVATE_KEY_FILE_PATH`.
 
 The test creates a one-off `kind` cluster, deploys `cert-manager` and `actions-runner-controller`,
 creates a `RunnerDeployment` custom resource for a public Git repository to confirm that the
@@ -527,7 +527,7 @@ controller is able to bring up a runner pod with the actions runner registration
 
 If you prefer to test in a non-kind cluster, you can instead run:
 
-```shell script
+```shell
 KUBECONFIG=path/to/kubeconfig \
 NAME=$DOCKER_USER/actions-runner-controller \
   GITHUB_TOKEN=*** \

artifacthub-repo.yml

@@ -0,0 +1,4 @@
+repositoryID: 6e120248-b034-45e5-b16c-6015ecfa7c6c
+owners:
+- name: mumoshu
+  email: ykuoka@gmail.com

charts/.ci/ct-config.yaml

@@ -1,4 +0,0 @@
-# This file defines the config for "ct" (chart tester) used by the helm linting GitHub workflow
-lint-conf: charts/.ci/lint-config.yaml
-chart-repos:
-  - jetstack=https://charts.jetstack.io

charts/.ci/lint-config.yaml

@@ -1,6 +0,0 @@
-rules:
-  # One blank line is OK
-  empty-lines: 
-    max-start: 1
-    max-end: 1
-    max: 1

charts/.ci/scripts/local-ct-lint.sh

@@ -1,3 +0,0 @@
-#!/bin/bash
-
-docker run --rm -it -w /repo -v $(pwd):/repo quay.io/helmpack/chart-testing ct lint --all --config charts/.ci/ct-config.yaml

charts/.ci/scripts/local-kube-score.sh

@@ -1,15 +0,0 @@
-#!/bin/bash
-
-
-for chart in `ls charts`;
-do
-helm template --values charts/$chart/ci/ci-values.yaml charts/$chart | kube-score score - \
-    --ignore-test pod-networkpolicy \
-    --ignore-test deployment-has-poddisruptionbudget \
-    --ignore-test deployment-has-host-podantiaffinity \
-    --ignore-test pod-probes \
-    --ignore-test container-image-tag \
-    --enable-optional-test container-security-context-privileged \
-    --enable-optional-test container-security-context-readonlyrootfilesystem \
-    --ignore-test container-security-context
-done

charts/actions-runner-controller/Chart.yaml

@@ -15,22 +15,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.2
+version: 0.1.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 0.16.0
+appVersion: 0.11.2
-
-home: https://github.com/summerwind/actions-runner-controller
-
-sources:
-    - https://github.com/summerwind/actions-runner-controller
-
-maintainers:
-    - name: summerwind
-      email: contact@summerwind.jp
-      url: https://github.com/summerwind
-    - name: funkypenguin
-      email: davidy@funkypenguin.co.nz
-      url: https://www.funkypenguin.co.nz

charts/actions-runner-controller/ci/ci-values.yaml

@@ -1,27 +0,0 @@
-# This file sets some opinionated values for kube-score to use
-# when parsing the chart
-image:
-  pullPolicy: Always
-
-podSecurityContext:
-  fsGroup: 2000
-
-securityContext: 
-  capabilities:
-    drop:
-    - ALL
-  readOnlyRootFilesystem: true
-  runAsNonRoot: true
-  runAsUser: 2000
-
-resources: 
-  limits:
-    cpu: 100m
-    memory: 128Mi
-  requests:
-    cpu: 100m
-    memory: 128Mi  
-
-# Set the following to true to create a dummy secret, allowing the manager pod to start
-# This is only useful in CI
-createDummySecret: true

charts/actions-runner-controller/templates/_helpers.tpl

@@ -89,7 +89,7 @@ Create the name of the service account to use
 {{- end }}
 
 {{- define "actions-runner-controller.authProxyServiceName" -}}
-{{- include "actions-runner-controller.fullname" . }}-metrics-service
+{{- include "actions-runner-controller.fullname" . }}-controller-manager-metrics-service
 {{- end }}
 
 {{- define "actions-runner-controller.selfsignedIssuerName" -}}

charts/actions-runner-controller/templates/ci-secret.yaml

@@ -1,10 +0,0 @@
-# This template only exists to facilitate CI testing of the chart, since
-# a secret is expected to be found in the namespace by the controller manager
-{{ if .Values.createDummySecret -}}
-apiVersion: v1
-data:
-  github_token: dGVzdA==
-kind: Secret
-metadata:
-  name: controller-manager
-{{- end }}

charts/actions-runner-controller/templates/deployment.yaml

@@ -66,14 +66,10 @@ spec:
           protocol: TCP
         resources:
           {{- toYaml .Values.resources | nindent 12 }}
-        securityContext:
-          {{- toYaml .Values.securityContext | nindent 12 }}          
         volumeMounts:
         - mountPath: "/etc/actions-runner-controller"
           name: controller-manager
           readOnly: true
-        - mountPath: /tmp
-          name: tmp         
         - mountPath: /tmp/k8s-webhook-server/serving-certs
           name: cert
           readOnly: true
@@ -82,16 +78,11 @@ spec:
         - "--upstream=http://127.0.0.1:8080/"
         - "--logtostderr=true"
         - "--v=10"
-        image: "{{ .Values.kube_rbac_proxy.image.repository }}:{{ .Values.kube_rbac_proxy.image.tag }}"
+        image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.1
         name: kube-rbac-proxy
-        imagePullPolicy: {{ .Values.image.pullPolicy }}
         ports:
         - containerPort: 8443
           name: https
-        resources:
-          {{- toYaml .Values.resources | nindent 12 }}   
-        securityContext:
-          {{- toYaml .Values.securityContext | nindent 12 }}     
       terminationGracePeriodSeconds: 10
       volumes:
       - name: controller-manager
@@ -101,8 +92,6 @@ spec:
         secret:
           defaultMode: 420
           secretName: webhook-server-cert
-      - name: tmp
-        emptyDir: {}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

charts/actions-runner-controller/values.yaml

@@ -26,11 +26,6 @@ image:
   dindSidecarRepositoryAndTag: "docker:dind"
   pullPolicy: IfNotPresent
 
-kube_rbac_proxy:
-  image:
-    repository: gcr.io/kubebuilder/kube-rbac-proxy
-    tag: v0.4.1
-
 imagePullSecrets: []
 nameOverride: ""
 fullnameOverride: ""
@@ -102,4 +97,4 @@ affinity: {}
 # Leverage a PriorityClass to ensure your pods survive resource shortages
 # ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/
 # PriorityClass: system-cluster-critical
-priorityClassName: ""
+priorityClassName: ""