From 575340257e5daed20755791cd96de3b1159d97f7 Mon Sep 17 00:00:00 2001
From: Chris <stuurmcp@telkomsa.net>
Date: Sat, 23 Mar 2024 22:18:34 +0200
Subject: [PATCH] Updated chart templates and added apikey in main.go

---
 deploy/sthome-webhook/templates/_helpers.tpl    | 7 +++++++
 deploy/sthome-webhook/templates/deployment.yaml | 4 ++--
 deploy/sthome-webhook/values.yaml               | 8 +++++---
 main.go                                         | 9 ++-------
 4 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/deploy/sthome-webhook/templates/_helpers.tpl b/deploy/sthome-webhook/templates/_helpers.tpl
index ed6a799..d889995 100644
--- a/deploy/sthome-webhook/templates/_helpers.tpl
+++ b/deploy/sthome-webhook/templates/_helpers.tpl
@@ -46,3 +46,10 @@ Create chart name and version as used by the chart label.
 {{- define "sthome-webhook.servingCertificate" -}}
 {{ printf "%s-webhook-tls" (include "sthome-webhook.fullname" .) }}
 {{- end -}}
+
+{{/*
+Create base64 imagePullSecret using username and password.
+*/}}
+{{- define "imagePullSecret" }}
+{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.imageCredentials.registry (printf "%s:%s" .Values.imageCredentials.username .Values.imageCredentials.password | b64enc) | b64enc }}
+{{- end }}
\ No newline at end of file
diff --git a/deploy/sthome-webhook/templates/deployment.yaml b/deploy/sthome-webhook/templates/deployment.yaml
index 1f4dd35..b505a12 100644
--- a/deploy/sthome-webhook/templates/deployment.yaml
+++ b/deploy/sthome-webhook/templates/deployment.yaml
@@ -21,12 +21,12 @@ spec:
         release: {{ .Release.Name }}
     spec:
       serviceAccountName: {{ include "sthome-webhook.fullname" . }}
+      imagePullSecrets:
+      - name: {{ .Values.imageCredentials.name }}
       containers:
         - name: {{ .Chart.Name }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
           imagePullPolicy: {{ .Values.image.pullPolicy }}
-          imagePullSecrets:
-            - name: {{ .Values.image.imagePullSecrets.name }}
           args:
             - --tls-cert-file=/tls/tls.crt
             - --tls-private-key-file=/tls/tls.key
diff --git a/deploy/sthome-webhook/values.yaml b/deploy/sthome-webhook/values.yaml
index 07871ed..b7d6369 100644
--- a/deploy/sthome-webhook/values.yaml
+++ b/deploy/sthome-webhook/values.yaml
@@ -15,9 +15,11 @@ certManager:
 image:
   repository: stuurmcp/cert-manager-webhook-sthome
   tag: 0.0.1
-  pullPolicy: IfNotPresent
-  imagePullSecrets: 
-    name: regcred-secret
+  #pullPolicy should be IfNotPresent. Set to Always for testing purposes
+  pullPolicy: Always
+
+imageCredentials: 
+  name: docker-registry-credentials
 
 nameOverride: ""
 fullnameOverride: ""
diff --git a/main.go b/main.go
index 8462371..1e487bb 100644
--- a/main.go
+++ b/main.go
@@ -9,6 +9,7 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
 
+	cmmetav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1"
 	"github.com/cert-manager/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
 	"github.com/cert-manager/cert-manager/pkg/acme/webhook/cmd"
 	"github.com/cert-manager/cert-manager/pkg/issuer/acme/dns/util"
@@ -24,12 +25,6 @@ func main() {
 	if GroupName == "" {
 		panic("GROUP_NAME must be specified")
 	}
-
-	// This will register our sthome DNS provider with the webhook serving
-	// library, making it available as an API under the provided GroupName.
-	// You can register multiple DNS provider implementations with a single
-	// webhook, where the Name() method will be used to disambiguate between
-	// the different implementations.
 	cmd.RunWebhookServer(GroupName,
 		&sthomeDNSProviderSolver{},
 	)
@@ -70,7 +65,7 @@ type sthomeDNSProviderConfig struct {
 	// `issuer.spec.acme.dns01.providers.webhook.config` field.
 
 	Email string `json:"email"`
-	//APIKeySecretRef v1alpha1.SecretKeySelector `json:"apiKeySecretRef"`
+	APIKeySecretRef cmmetav1.SecretKeySelector `json:"apiKeySecretRef"`
 }
 
 // Name is used as the name for this DNS solver when referencing it on the ACME