DevOpsHiveHQ · aabouzaid · Sep 14, 2024 · Sep 13, 2024 · Sep 13, 2024 · Sep 13, 2024
@@ -11,4 +11,4 @@ The Merger plugin is tested with the following Kustomize versions (but should wo
 
 ## Reporting a Vulnerability
 
-If a vulnerability is found, please report it via [GitHub issues](https://github.com/aabouzaid/kustomize-plugin-merger/issues).
+If a vulnerability is found, please report it via [GitHub issues](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/issues).
diff --git a/.github/workflows/go-ci.yml b/.github/workflows/go-ci.yml
@@ -19,10 +19,11 @@ jobs:
         go-version-file: go.mod
         cache: false
     - name: Run GolangCI linter
-      uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3
+      uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0
       with:
-        version: v1.54
         args: '--timeout=5m'
+        skip-cache: true
+        skip-save-cache: true
     - name: Run Go test coverage
       run: go test -race -coverprofile=coverage.out -covermode=atomic ./...
     - name: Upload coverage to Codecov
@@ -41,9 +42,12 @@ jobs:
     uses: ./.github/workflows/tpl-packaging.yml
     secrets: inherit
     with:
+      goreleaser-version: 2
       goreleaser-args: "release --clean --snapshot"
       artifacts-cache: true
       artifacts-cache-key: "dist-${{ github.run_id }}"
+      artifacts-publish-ci: true
+      artifacts-identifier: "${{ github.event.number == 0 && format('main-{0}', github.sha) || format('pr-{0}', github.event.number) }}"
 
   upload:
     name: Upload Artifacts - ${{ matrix.os.name }}

diff --git a/.github/workflows/go-release.yml b/.github/workflows/go-release.yml
@@ -21,4 +21,3 @@ jobs:
     secrets: inherit
     with:
       goreleaser-args: "release --clean"
-      registry-login: true
diff --git a/.github/workflows/tpl-packaging.yml b/.github/workflows/tpl-packaging.yml
@@ -9,10 +9,13 @@ on:
       goreleaser-args:
         required: true
         type: string
-      registry-login:
+      artifacts-cache:
         default: false
         type: boolean
-      artifacts-cache:
+      artifacts-identifier:
+        default: latest
+        type: string
+      artifacts-publish-ci:
         default: false
         type: boolean
       artifacts-cache-key:
@@ -52,7 +55,6 @@ jobs:
     - name: Setup Cosign
       uses: sigstore/cosign-installer@main
     - name: Login to GitHub Container Registry
-      if: ${{ inputs.registry-login }}
       uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
       with:
         registry: ghcr.io
@@ -67,6 +69,24 @@ jobs:
         args: "${{ inputs.goreleaser-args }}"
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    - name: Cleanup CI Docker Image
+      if: ${{ inputs.artifacts-publish-ci }}
+      uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        package-name: kustomize-generator-merger-ci
+        package-type: container
+        min-versions-to-keep: 10
+    - name: Publish CI Docker Image
+      if: ${{ inputs.artifacts-publish-ci }}
+      run: |
+        for xarch in amd64 arm64; do
+          docker_image_src="ghcr.io/devopshivehq/kustomize-generator-merger:latest-${xarch}"
+          docker_image_dst="ghcr.io/devopshivehq/kustomize-generator-merger-ci:${{ inputs.artifacts-identifier }}-${xarch}"
+          echo "Tag and push image: ${docker_image_dst}"
+          docker tag ${docker_image_src} ${docker_image_dst}
+          docker push ${docker_image_dst}
+        done
     - name: Cache Artifacts
       uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3
       if: ${{ inputs.artifacts-cache }}

@@ -5,7 +5,7 @@ linters-settings:
   gocyclo:
     min-complexity: 15
   goimports:
-    local-prefixes: github.com/aabouzaid/kustomize-plugin-merger
+    local-prefixes: github.com/DevOpsHiveHQ/kustomize-plugin-merger
   govet:
     check-shadowing: true
   misspell:

@@ -1,3 +1,8 @@
+FROM ubuntu:latest as base
+RUN useradd -u 1001 merger
+
 FROM scratch
-ENTRYPOINT ["/kustomize-plugin-merger"]
+COPY --from=base /etc/passwd /etc/passwd
 COPY kustomize-plugin-merger /
+USER 1001
+ENTRYPOINT ["/kustomize-plugin-merger"]
@@ -13,24 +13,24 @@ A Kustomize generator plugin to merge YAML files seamlessly for real-world use c
 
 </b></p>
 
-[![CI](https://img.shields.io/github/actions/workflow/status/aabouzaid/kustomize-plugin-merger/.github%2Fworkflows%2Fgo-ci.yml?logo=github&label=CI&color=31c653)](https://github.com/aabouzaid/kustomize-plugin-merger/actions/workflows/go-ci.yml?query=branch%3Amain)
-[![CodeQL](https://img.shields.io/github/actions/workflow/status/aabouzaid/kustomize-plugin-merger/.github%2Fworkflows%2Fgo-ci.yml?logo=github&label=CodeQL&color=31c653)](https://github.com/aabouzaid/kustomize-plugin-merger/actions/workflows/sec-codeql.yml?query=branch%3Amain)
+[![CI](https://img.shields.io/github/actions/workflow/status/aabouzaid/kustomize-plugin-merger/.github%2Fworkflows%2Fgo-ci.yml?logo=github&label=CI&color=31c653)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/actions/workflows/go-ci.yml?query=branch%3Amain)
+[![CodeQL](https://img.shields.io/github/actions/workflow/status/aabouzaid/kustomize-plugin-merger/.github%2Fworkflows%2Fgo-ci.yml?logo=github&label=CodeQL&color=31c653)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/actions/workflows/sec-codeql.yml?query=branch%3Amain)
 [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7815/badge)](https://www.bestpractices.dev/projects/7815)
-[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/aabouzaid/kustomize-plugin-merger/badge)](https://securityscorecards.dev/viewer/?uri=github.com/aabouzaid/kustomize-plugin-merger)
-[![Go Report Card](https://goreportcard.com/badge/github.com/aabouzaid/kustomize-plugin-merger)](https://goreportcard.com/report/github.com/aabouzaid/kustomize-plugin-merger)
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/DevOpsHiveHQ/kustomize-plugin-merger/badge)](https://securityscorecards.dev/viewer/?uri=github.com/DevOpsHiveHQ/kustomize-plugin-merger)
+[![Go Report Card](https://goreportcard.com/badge/github.com/DevOpsHiveHQ/kustomize-plugin-merger)](https://goreportcard.com/report/github.com/DevOpsHiveHQ/kustomize-plugin-merger)
 [![codecov](https://codecov.io/github/aabouzaid/kustomize-plugin-merger/graph/badge.svg?token=BUFRT7BO2I)](https://codecov.io/github/aabouzaid/kustomize-plugin-merger)
-[![GitHub Release](https://img.shields.io/github/v/release/aabouzaid/kustomize-plugin-merger?logo=github)](https://github.com/aabouzaid/kustomize-plugin-merger/releases)
-[![Docker](https://img.shields.io/badge/Docker-available-blue?logo=docker&logoColor=white)](https://github.com/aabouzaid/kustomize-plugin-merger/pkgs/container/kustomize-generator-merger)
-[![Go Reference](https://pkg.go.dev/badge/github.com/aabouzaid/kustomize-plugin-merger.svg)](https://pkg.go.dev/github.com/aabouzaid/kustomize-plugin-merger)
-[![Renovate](https://img.shields.io/badge/Renovate-enabled-blue?logo=renovatebot)](https://github.com/aabouzaid/kustomize-plugin-merger/issues/7)
-[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](https://github.com/aabouzaid/kustomize-plugin-merger/pulls)
+[![GitHub Release](https://img.shields.io/github/v/release/aabouzaid/kustomize-plugin-merger?logo=github)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/releases)
+[![Docker](https://img.shields.io/badge/Docker-available-blue?logo=docker&logoColor=white)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/pkgs/container/kustomize-generator-merger)
+[![Go Reference](https://pkg.go.dev/badge/github.com/DevOpsHiveHQ/kustomize-plugin-merger.svg)](https://pkg.go.dev/github.com/DevOpsHiveHQ/kustomize-plugin-merger)
+[![Renovate](https://img.shields.io/badge/Renovate-enabled-blue?logo=renovatebot)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/issues/7)
+[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/pulls)
 
 </div>
 
 - [Why](#why)
 - [Features](#features)
 - [Options](#options)
-- [Common use cases](#common-use-cases)
+- [Examples](#examples)
   - [1. Generate multiple manifests from a single base](#1-generate-multiple-manifests-from-a-single-base)
   - [2. Merge non-manifest files and store them into ConfigMap or Secret](#2-merge-non-manifest-files-and-store-them-into-configmap-or-secret)
   - [3. Merge lists in manifests without schema or a unique identifier](#3-merge-lists-in-manifests-without-schema-or-a-unique-identifier)
@@ -114,7 +114,7 @@ spec:
 ```
 
 
-## Common use cases
+## Examples
 
 This section shows a couple of use cases where Merger can help.
 
@@ -165,8 +165,8 @@ but it will follow the SemVer convention.
 ## Contributing
 
 All feedback and contributions are welcome. If you find any issues or want to contribute,
-please feel free to [fill an issue](https://github.com/aabouzaid/kustomize-plugin-merger/issues)
-or [create a PR](https://github.com/aabouzaid/kustomize-plugin-merger/pulls).
+please feel free to [fill an issue](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/issues)
+or [create a PR](https://github.com/DevOpsHiveHQ/kustomize-plugin-merger/pulls).
 
 
 ## License

@@ -136,7 +136,7 @@ spec:
 ## Build
 
 ```shell
-kustomize build  --enable-alpha-plugins --as-current-user .
+kustomize build  --enable-alpha-plugins .
 ```
 
 ## Output

@@ -100,7 +100,7 @@ spec:
 ## Build
 
 ```shell
-kustomize build  --enable-alpha-plugins --as-current-user .
+kustomize build  --enable-alpha-plugins .
 ```
 
 ## Output

@@ -150,7 +150,7 @@ spec:
 ## Build
 
 ```shell
-kustomize build  --enable-alpha-plugins --as-current-user .
+kustomize build  --enable-alpha-plugins .
 ```
 
 ## Output

@@ -94,7 +94,7 @@ spec:
 ## Build
 
 ```shell
-kustomize build  --enable-alpha-plugins --as-current-user .
+kustomize build  --enable-alpha-plugins .
 ```
 
 ## Output

@@ -1,4 +1,4 @@
-module github.com/aabouzaid/kustomize-plugin-merger
+module github.com/DevOpsHiveHQ/kustomize-plugin-merger
 
 go 1.22.0
 

@@ -6,7 +6,7 @@ import (
 	"sigs.k8s.io/kustomize/kyaml/fn/framework"
 	"sigs.k8s.io/kustomize/kyaml/kio"
 
-	"github.com/aabouzaid/kustomize-plugin-merger/pkg/merger"
+	"github.com/DevOpsHiveHQ/kustomize-plugin-merger/pkg/merger"
 )
 
 func main() {