Remove imagepullsecret after open sourcing

README.md

@@ -8,29 +8,12 @@ You’ll need an [EKS](https://aws.amazon.com/eks/) cluster to run against.
 
 ### Running on the EKS cluster
 1. Make sure that you have configured an [IAM role for the service account](#IAM-Role-for-Service-Account) `kyverno-aws-adapter-sa` in your desired namespace (configured in `values.yaml`) and specified the role's ARN in the `roleArn` field inside `values.yaml` file.
-2. Install the Helm chart after making any necessary changes to `charts/kyverno-aws-adapter/values.yaml`
-   ```sh
-   helm install kyverno-aws-adapter charts/kyverno-aws-adapter
-   ```
+2. Install the Helm Chart. Follow instructions given [here](/charts/kyverno-aws-adapter#installation).
 3. Check the `status` field of the `<cluster-name>-config` custom resource in the namespace specified in `values.yaml`. For instance, if the cluster name is `eks-test` and namespace is `kyverno-aws-adapter`, then:
    ```sh
    kubectl get awsacfg eks-test-config -n kyverno-aws-adapter -o yaml
    ```
 
-## Helm Values
-Currently supported values for the Helm chart are as follows:
-| Value | Description |
--- | ---
-| `namespace` | Namespace for installing the controller and CRD |
-| `eksCluster` | Configuration for EKS cluster's `name` and `region` |
-| `registryConfig` | ghcr.io `username` and `password` configuration for the image secret |
-| `pollInterval` | Interval for controller reconciliation |
-| `image` | Configuration for image `name`, `tag` and `pullPolicy` |
-| `roleArn` | IAM Role ARN with required permissions for the EKS cluster |
-| `nameOverride` | Override the chart name |
-| `fullnameOverride` | Override the entire generated name |
-
-
 ## IAM Role for Service Account
 This adapter utilizes the ARN of a user-defined IAM Role associated with any policy that has `Full: List, Read` permissions for the `EKS` service, including the following:
 
@@ -52,7 +35,7 @@ This adapter utilizes the ARN of a user-defined IAM Role associated with any pol
 | DescribeUpdate |
 | ListTagsForResource |
 
-You can specify the Role's ARN in the `roleArn` field inside the Helm chart's `values.yaml` file.
+You can specify the Role's ARN through the `roleArn` setting in the [Helm chart](/charts/kyverno-aws-adapter#installation).
 
 Please ensure that the trust relationship policy for your IAM role resembles the following format:
 ```json

charts/kyverno-aws-adapter/README.md

@@ -15,14 +15,22 @@ You’ll need an [EKS](https://aws.amazon.com/eks/) cluster to run against.
 ### Running on the EKS cluster
 
 1. Make sure that you have configured an [IAM role for the service account](#IAM-Role-for-Service-Account) `kyverno-aws-adapter-sa` in your desired namespace (configured in `values.yaml`) and specified the role's ARN in the `roleArn` field inside `values.yaml` file.
-2. Install the Helm chart after making any necessary changes to `charts/kyverno-aws-adapter/values.yaml`
-   ```sh
-   helm install kyverno-aws-adapter charts/kyverno-aws-adapter
-   ```
-3. Check the `status` field of the `<cluster-name>-config` custom resource in the namespace specified in `values.yaml`. For instance, if the cluster name is `eks-test` and namespace is `kyverno-aws-adapter`, then:
-   ```sh
-   kubectl get awsacfg eks-test-config -n kyverno-aws-adapter -o yaml
-   ```
+
+2. Add the Kyverno AWS Adapter Helm repository.
+    ```console
+    helm repo add kyverno-aws-adapter https://nirmata.github.io/kyverno-aws-adapter/
+    helm repo update kyverno-aws-adapter
+    ```
+
+3. Install the Helm chart in an appropriate namespace, providing other parameters as described in the [Values](#values) section.
+    ```console
+    helm install --namespace kyverno-aws-adapter --create-namespace kyverno-aws-adapter kyverno-aws-adapter/kyverno-aws-adapter
+    ```
+
+4. Check the `status` field of the `awsacfg` custom resource created in the namespace specified in `values.yaml`. For instance if namespace is `kyverno-aws-adapter`, then:
+    ```console
+    kubectl get awsacfg -n kyverno-aws-adapter -o yaml
+    ```
 
 ## Values
 
@@ -34,8 +42,6 @@ You’ll need an [EKS](https://aws.amazon.com/eks/) cluster to run against.
 | pollInterval | int | `30` | Interval at which the controller reconciles in minutes |
 | eksCluster.name | string | `nil` | EKS cluster name |
 | eksCluster.region | string | `nil` | EKS cluster region |
-| registryConfig.username | string | `nil` | Username to pull the private image (ghcr.io) |
-| registryConfig.password | string | `nil` | Password to pull the private image (ghcr.io) |
 | rbac.create | bool | `true` | Enable RBAC resources creation |
 | rbac.serviceAccount.name | string | `nil` | Service account name, you MUST provide one when `rbac.create` is set to `false` |
 | image.repository | string | `"ghcr.io/nirmata/kyverno-aws-adapter"` | Image repository |

charts/kyverno-aws-adapter/README.md.gotmpl

@@ -15,14 +15,22 @@ You’ll need an [EKS](https://aws.amazon.com/eks/) cluster to run against.
 ### Running on the EKS cluster
 
 1. Make sure that you have configured an [IAM role for the service account](#IAM-Role-for-Service-Account) `kyverno-aws-adapter-sa` in your desired namespace (configured in `values.yaml`) and specified the role's ARN in the `roleArn` field inside `values.yaml` file.
-2. Install the Helm chart after making any necessary changes to `charts/kyverno-aws-adapter/values.yaml`
-   ```sh
-   helm install kyverno-aws-adapter charts/kyverno-aws-adapter
-   ```
-3. Check the `status` field of the `<cluster-name>-config` custom resource in the namespace specified in `values.yaml`. For instance, if the cluster name is `eks-test` and namespace is `kyverno-aws-adapter`, then:
-   ```sh
-   kubectl get awsacfg eks-test-config -n kyverno-aws-adapter -o yaml
-   ```
+
+2. Add the Kyverno AWS Adapter Helm repository.
+    ```console
+    helm repo add kyverno-aws-adapter https://nirmata.github.io/kyverno-aws-adapter/
+    helm repo update kyverno-aws-adapter
+    ```
+
+3. Install the Helm chart in an appropriate namespace, providing other parameters as described in the [Values](#values) section. 
+    ```console
+    helm install --namespace kyverno-aws-adapter --create-namespace kyverno-aws-adapter kyverno-aws-adapter/kyverno-aws-adapter
+    ```
+
+4. Check the `status` field of the `awsacfg` custom resource created in the namespace specified in `values.yaml`. For instance if namespace is `kyverno-aws-adapter`, then:
+    ```console
+    kubectl get awsacfg -n kyverno-aws-adapter -o yaml
+    ```
 
 {{ template "chart.valuesSection" . }}
 

charts/kyverno-aws-adapter/templates/_helpers.tpl

@@ -59,14 +59,6 @@ app.kubernetes.io/name: {{ include "kyverno-aws-adapter.name" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}
 
-{{/*
-Generate the dockerconfigjson value
-*/}}
-{{- define "kyverno-aws-adapter.dockerconfigjson" -}}
-{{- $user_pwd_hashed := printf "%s:%s" .Values.registryConfig.username .Values.registryConfig.password | b64enc }}
-{{- printf "{\"auths\":{\"ghcr.io\":{\"auth\":\"%s\"}}}" $user_pwd_hashed | b64enc }}
-{{- end }}
-
 {{- define "kyverno-aws-adapter.image" -}}
 {{ printf "%s:%s" (required "An image repository is required" .Values.image.repository) (default .Chart.AppVersion .Values.image.tag) }}
 {{- end }}

charts/kyverno-aws-adapter/templates/deployment.yaml

@@ -16,10 +16,6 @@ spec:
       labels:
         {{- include "kyverno-aws-adapter.labels" . | nindent 8 }}
     spec:
-      {{- if .Values.registryConfig.username }}
-      imagePullSecrets:
-      - name: {{ include "kyverno-aws-adapter.fullname" . }}
-      {{- end }}
       containers:
       - command:
         - /manager

charts/kyverno-aws-adapter/values.yaml

@@ -20,12 +20,6 @@ eksCluster:
   # -- EKS cluster region
   region:
 
-registryConfig:
-  # -- Username to pull the private image (ghcr.io)
-  username:
-  # -- Password to pull the private image (ghcr.io)
-  password:
-
 rbac:
   # -- Enable RBAC resources creation
   create: true