Finalizations and clean-up

Makefile

@@ -3,7 +3,7 @@ ARCH ?= $(shell go env GOARCH)
 
 PROVIDER := "variomedia"
 IMAGE_NAME := "${REGISTRY}cert-manager-webhook-${PROVIDER}"
-IMAGE_TAG := "2.0.0"
+IMAGE_TAG := "v2.0.1"
 
 OUT := $(shell pwd)/_out
 
@@ -40,6 +40,6 @@ push:	build
 rendered-manifest.yaml:
 	helm template \
 	    --name cert-manager-webhook-${PROVIDER} \
-        --set image.repository=$(IMAGE_NAME) \
+	    --set image.repository=$(IMAGE_NAME) \
-        --set image.tag=$(IMAGE_TAG) \
+	    --set image.tag=$(IMAGE_TAG) \
-        deploy/cert-manager-webhook-${PROVIDER} > "$(OUT)/rendered-manifest.yaml"
+	    deploy/cert-manager-webhook-${PROVIDER} > "$(OUT)/rendered-manifest.yaml"

README.md

@@ -47,13 +47,15 @@ This is important, as otherwise it'd be possible for anyone with access to your
 webhook to complete ACME challenge validations and obtain certificates.
 
 The Variomedia AG webhook implementation is based on the example webhook provided
-by the cert-manager project (https://github.com/cert-manager/webhook-example).
+by the cert-manager project (https://github.com/cert-manager/webhook-example). Also,
+inspiration was taken from an implementation for the old Variomedia "provider API",
+which can be found at https://github.com/jheyduk/cert-manager-webhook-variomedia.
 
 ### Using your own repository
 
-The GitHub version of the Variomedia webhook implementation is focussed on providing
+The GitHub version of the Variomedia webhook implementation is currently focussed on providing
 an implementation in a decentral container registry, i.e. "Harbor". The Docker image
-is currently *not* published on docker.io.
+is currently *not* published on docker.io. This may change at a later time.
 
 #### Running the test suite
 
@@ -79,7 +81,7 @@ you can build and upload your local copy of the software using the following com
 $ export REGISTRY='your.registry.company.com/yourproject'
 $ docker login $REGISTRY
 
-# push the resulting image to your repository
+# build and push the resulting image to your repository
 # will invoke via dependencies test -> build -> push
 $ TEST_ZONE_NAME=example.com. make push
 ```
@@ -88,9 +90,13 @@ $ TEST_ZONE_NAME=example.com. make push
 
 We have provided a Helm chart to ease the installation of the Variomedia webhook.
 
+When specifying the groupName parameter, make sure to use a name in your cluster's domain.
+If you set that differently from "cluster.local", you'll need to use the proper domain suffix
+both as a Helm value and when creating the (Cluster)Issuer (see below).
+
 ## Configuration
 
-In addition to installing the webhook, you will also need to configure the according webhook and
+In addition to installing the webhook, you will also need to configure it and create at least one
 cert-manager Issuer.
 
 Configuration of the webhook consists in providing the according secrets for each DNS domain you
@@ -123,7 +129,7 @@ $ kubectl apply -f - << EOF
             solvers:
             - dns01:
                 webhook:
-                  groupName: acme.cert-manager-webhook-variomedia.local
+                  groupName: cert-manager-webhook-variomedia.cluster.local
                   solverName: variomedia-APIv2019
                   config:
                     example.com: variomedia-credentials-01
@@ -132,6 +138,9 @@ $ kubectl apply -f - << EOF
 EOF
 ```
 
+Although three domains were covered in above example, typically you'll have only a single domain to configure - you then can
+omit creating "secret/variomedia-credentials-02" and will have to specify only a single entry in "...:webhook:config".
+
 Variomedia AG published a page describing how to obtain the according API key (the page is in German
 only), basically stating that you can contact their support to have a key issued:
 https://www.variomedia.de/faq/Wie-bekomme-ich-einen-API-Token/article/326

go.mod

@@ -7,7 +7,9 @@ require (
 	github.com/miekg/dns v1.1.34
 	github.com/stretchr/testify v1.7.0
 	k8s.io/apiextensions-apiserver v0.23.1
+	k8s.io/apimachinery v0.23.1
 	k8s.io/client-go v0.23.1
+	k8s.io/klog/v2 v2.30.0
 )
 
 require (
@@ -88,10 +90,8 @@ require (
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 	k8s.io/api v0.23.1 // indirect
-	k8s.io/apimachinery v0.23.1 // indirect
 	k8s.io/apiserver v0.23.1 // indirect
 	k8s.io/component-base v0.23.1 // indirect
-	k8s.io/klog/v2 v2.30.0 // indirect
 	k8s.io/kube-aggregator v0.23.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 // indirect
 	k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b // indirect

go.sum

@@ -38,7 +38,6 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
 cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
-github.com/Azure/azure-sdk-for-go v56.2.0+incompatible h1:2GrG1JkTSMqLquy1pqVsjeRJhNtZLjss2+rx8ogZXx4=
 github.com/Azure/go-ansiterm v0.0.0-20210608223527-2377c96fe795/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
 github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=

helm/cert-manager-webhook-variomedia/Chart.yaml

@@ -15,11 +15,11 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.9.1
+version: 0.9.2
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.1.0"
+appVersion: "2.0.1"
 

helm/cert-manager-webhook-variomedia/values.yaml

@@ -1,6 +1,5 @@
 # Default values for cert-manager-webhook-variomedia.
 # This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
 
 replicaCount: 1
 
@@ -8,17 +7,18 @@ certManager:
   namespace: cert-manager
   serviceAccountName: cert-manager
 
-groupName: acme.cert-manager-webhook-variomedia.local
+# remember to change "cluster.local" to your cluster's domain, in case it's set differently
+groupName: cert-manager-webhook-variomedia.cluster.local
 
 image:
   repository: ''
   image: cert-manager-webhook-variomedia
-  tag: "v1.1.0"
+  tag: "v2.0.1"
   pullPolicy: IfNotPresent
 
 imagePullSecrets: []
 
-logLevel: 6
+logLevel: 2
 
 nameOverride: ""
 fullnameOverride: ""
@@ -67,7 +67,7 @@ resources: {}
 autoscaling:
   enabled: false
   minReplicas: 1
-  maxReplicas: 100
+  maxReplicas: 1
   targetCPUUtilizationPercentage: 80
   # targetMemoryUtilizationPercentage: 80
 

main.go

@@ -41,6 +41,7 @@ const (
 )
 
 func main() {
+	klog.InitFlags(nil) // initializing the klog flags
 	klog.V(4).Infof( "main() called")
 
 	if GroupName == "" {