Merge pull request #34 from kubewarden/artifacthub

feat: Update artifacthub-pkg.yml automatically from now on

.github/workflows/release.yml

@@ -11,18 +11,18 @@ jobs:
 
   test:
     name: run tests and linters
-    uses: kubewarden/github-actions/.github/workflows/reusable-test-policy-rust.yml@v1
+    uses: kubewarden/github-actions/.github/workflows/reusable-test-policy-rust.yml@v3.1.0
 
   release:
     needs: test
     permissions:
-      # Required to push to GHCR
+      # Required to create GH releases
       contents: write
+      # Required to push to GHCR
       packages: write
       # Required by cosign keyless signing
       id-token: write
 
-    uses: kubewarden/github-actions/.github/workflows/reusable-release-policy-rust.yml@v1
+    uses: kubewarden/github-actions/.github/workflows/reusable-release-policy-rust.yml@v3.1.0
     with:
-      input-wasm: capabilities_psp
       oci-target: ghcr.io/${{ github.repository_owner }}/policies/capabilities-psp

.github/workflows/tests.yml

@@ -1,64 +1,6 @@
 on: [push, pull_request]
-
 name: Continuous integration
-
 jobs:
-  check:
-    name: Check
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: stable
-          override: true
-      - uses: actions-rs/cargo@v1
-        with:
-          command: check
-
   test:
-    name: Test Suite
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: stable
-          override: true
-      - uses: actions-rs/cargo@v1
-        with:
-          command: test
-
-  fmt:
-    name: Rustfmt
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: stable
-          override: true
-      - run: rustup component add rustfmt
-      - uses: actions-rs/cargo@v1
-        with:
-          command: fmt
-          args: --all -- --check
-
-  clippy:
-    name: Clippy
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: stable
-          override: true
-      - run: rustup component add clippy
-      - uses: actions-rs/cargo@v1
-        with:
-          command: clippy
-          args: -- -D warnings
+    name: run tests and linter
+    uses: kubewarden/github-actions/.github/workflows/[email protected]

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "capabilities-psp"
-version = "0.1.10"
+version = "0.1.11"
 authors = ["Flavio Castelli <[email protected]>"]
 edition = "2018"
 

Makefile

@@ -1,11 +1,16 @@
 SOURCE_FILES := $(shell test -e src/ && find src -type f)
+VERSION := $(shell sed --posix -n 's,^version = \"\(.*\)\",\1,p' Cargo.toml)
 
 policy.wasm: $(SOURCE_FILES) Cargo.*
 	cargo build --target=wasm32-wasi --release
 	cp target/wasm32-wasi/release/*.wasm policy.wasm
 
-annotated-policy.wasm: policy.wasm metadata.yml
-	kwctl annotate -m metadata.yml -o annotated-policy.wasm policy.wasm
+artifacthub-pkg.yml: metadata.yml Cargo.toml
+	kwctl scaffold artifacthub --metadata-path metadata.yml --version $(VERSION) \
+		--questions-path questions-ui.yml --output artifacthub-pkg.yml
+
+annotated-policy.wasm: policy.wasm metadata.yml artifacthub-pkg.yml
+	kwctl annotate -m metadata.yml -u README.md -o annotated-policy.wasm policy.wasm
 
 .PHONY: fmt
 fmt:
@@ -26,4 +31,4 @@ test: fmt lint
 .PHONY: clean
 clean:
 	cargo clean
-	rm -f policy.wasm annotated-policy.wasm
+	rm -f policy.wasm annotated-policy.wasm artifacthub-pkg.yml

artifacthub-pkg.yml

@@ -1,38 +1,43 @@
----
-version: 0.1.10
+# Kubewarden Artifacthub Package config
+#
+# Use this config to submit the policy to https://artifacthub.io.
+#
+# This config can be saved to its default location with:
+#   kwctl scaffold artifacthub > artifacthub-pkg.yml 
+version: 0.1.11
 name: capabilities-psp
 displayName: Capabilities PSP
-createdAt: '2023-01-19T14:46:21+02:00'
-description: A Pod Security Policy that controls Container Capabilities
+createdAt: 2023-03-21T12:44:32.93498724Z
+description: Replacement for the Kubernetes Pod Security Policy that controls the usage of capabilities
 license: Apache-2.0
 homeURL: https://github.com/kubewarden/capabilities-psp-policy
 containersImages:
 - name: policy
-  image: ghcr.io/kubewarden/policies/capabilities-psp:v0.1.10
+  image: ghcr.io/kubewarden/policies/capabilities-psp:v0.1.11
 keywords:
 - psp
 - container
 - capability
 - capabilities
 links:
 - name: policy
-  url: https://github.com/kubewarden/capabilities-psp-policy/releases/download/v0.1.10/policy.wasm
+  url: https://github.com/kubewarden/capabilities-psp-policy/releases/download/v0.1.11/policy.wasm
 - name: source
   url: https://github.com/kubewarden/capabilities-psp-policy
+install: |
+  The policy can be obtained using [`kwctl`](https://github.com/kubewarden/kwctl):
+  ```console
+  kwctl pull ghcr.io/kubewarden/policies/capabilities-psp:v0.1.11
+  ```
+maintainers:
+- name: Kubewarden developers
+  email: [email protected]
 provider:
   name: kubewarden
 recommendations:
 - url: https://artifacthub.io/packages/helm/kubewarden/kubewarden-controller
 annotations:
-  kubewarden/resources: Pod
-  kubewarden/mutation: true
-  kubewarden/contextAware: false
-  kubewarden/rules: |
-    rules:
-    - apiGroups: [""]
-      apiVersions: ["v1"]
-      resources: ["pods"]
-      operations: ["CREATE"]
+  kubewarden/mutation: 'true'
   kubewarden/questions-ui: |
     questions:
     - default: [""]
@@ -61,3 +66,13 @@ annotations:
       required: false
       type: array[
       variable: default_add_capabilities
+  kubewarden/resources: Pod
+  kubewarden/rules: |
+    - apiGroups:
+      - ''
+      apiVersions:
+      - v1
+      resources:
+      - pods
+      operations:
+      - CREATE