helm: Rename ory-oathkeeper to ory/oathkeeper

.circleci/config.yml

@@ -7,7 +7,7 @@ jobs:
     steps:
       - checkout
       - run: curl -L https://git.io/get_helm.sh | bash
-      - run: helm lint ./helm/charts/ory-oathkeeper/
+      - run: helm lint ./helm/charts/oathkeeper/
 
   release:
     docker:
@@ -17,7 +17,7 @@ jobs:
       - checkout
       - run: curl -L https://git.io/get_helm.sh | bash
       - run: helm init --client-only
-      - run: helm package -d docs/helm/charts/ ./helm/charts/ory-oathkeeper/ --version `echo $CIRCLE_TAG | sed s/v//g`
+      - run: helm package -d docs/helm/charts/ ./helm/charts/oathkeeper/ --version `echo $CIRCLE_TAG | sed s/v//g`
       - run: helm repo index docs/helm/charts/
       - run: git config --global user.email "hi@ory.sh"
       - run: git config --global user.name "ORY Continuous Integration"

docs/helm/README.md

@@ -16,7 +16,7 @@ The ORY Oathkeeper Helm Chart helps you deploy ORY Oathkeeper on Kubernetes usin
 Installing ORY Oathkeeper using Helm with
 
 ```bash
-$ helm install ory-oathkeeper
+$ helm install ory/oathkeeper
 ```
 
 which sets up a very basic configuration with no access rules and no enabled authenticators, authorizers, or
@@ -30,7 +30,7 @@ This Helm Chart supports a demo mode which deploys access rules for urls
 that point to [httpbin.org](https://httpbin.org). To install ORY Oathkeeper in demo-mode, run:
 
 ```bash
-$ helm install --set demo=true ory-oathkeeper
+$ helm install --set demo=true ory/oathkeeper
 ```
 
 Be aware that this mode uses JSON Web Keys and other secrets that are publicly accessible via GitHub.
@@ -57,7 +57,7 @@ oathkeeper:
 and passing that as a value override to helm:
 
 ```bash
-$ helm install -f ./path/to/config.yaml ory-oathkeeper
+$ helm install -f ./path/to/config.yaml ory/oathkeeper
 ```
 
 Values such as the proxy / api port will be automatically propagated to the service and ingress definitions.
@@ -73,7 +73,7 @@ from disk and deploying it as a Kubernetes Secret:
 ```bash
 $ helm install \
     --set-file oathkeeper.mutatorIdTokenJWKs=./path/to/jwks.json \
-    ory-oathkeeper
+    ory/oathkeeper
 ```
 
 Please note that any configuration values set for `oathkeeper.config.mutator.id_token.jwks_url` using e.g.
@@ -86,7 +86,7 @@ Instead of fetching access rules from remote locations, you can set your access
 ```bash
 $ helm install \
     --set-file oathkeeper.accessRules=./path/to/access-rules.json \
-    ory-oathkeeper
+    ory/oathkeeper
 ```
 
 Please note that any configuration values set for `oathkeeper.config.access_rules.repositories` using e.g.

helm/charts/ory-oathkeeper/Chart.yaml → helm/charts/oathkeeper/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 appVersion: "v0.16.0-beta.4"
 description: A Helm chart for deployoing ORY Oathkeeper in Kubernetes
-name: ory-oathkeeper
+name: oathkeeper
 version: 0.0.1
 keywords:
   - zero-trust

helm/charts/ory-oathkeeper/stub/remote-config.yaml → helm/charts/oathkeeper/stub/remote-config.yaml

@@ -8,7 +8,7 @@ oathkeeper:
 
     access_rules:
       repositories:
-        - "https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/ory-oathkeeper/demo/access-rules.json"
+        - "https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/oathkeeper/demo/access-rules.json"
 
     authenticators:
       anonymous:
@@ -25,5 +25,5 @@ oathkeeper:
         enabled: true
       id_token:
         enabled: true
-        issuer_url: http://{{ include "ory-oathkeeper.fullname" . }}/
-        jwks_url: https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/ory-oathkeeper/demo/mutator.id_token.jwks.json
+        issuer_url: http://{{ include "oathkeeper.fullname" . }}/
+        jwks_url: https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/oathkeeper/demo/mutator.id_token.jwks.json

helm/charts/ory-oathkeeper/templates/NOTES.txt → helm/charts/oathkeeper/templates/NOTES.txt

@@ -6,22 +6,22 @@ The ORY Oathkeeper HTTP Reverse Proxy is available via:
   {{- end }}
 {{- end }}
 {{- else if contains "NodePort" .Values.service.proxy.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ory-oathkeeper.fullname" . }})
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "oathkeeper.fullname" . }})
   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
   echo http://$NODE_IP:$NODE_PORT
   curl -X GET http://$NODE_IP:$NODE_PORT/authenticator/noop/authorizer/allow/mutator/noop
   curl -X GET http://$NODE_IP:$NODE_PORT/authenticator/anonymous/authorizer/allow/mutator/header
   curl -X GET http://$NODE_IP:$NODE_PORT/authenticator/anonymous/authorizer/allow/mutator/id_token
 {{- else if contains "LoadBalancer" .Values.service.proxy.type }}
      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ory-oathkeeper.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ory-oathkeeper.fullname" . }}-proxy -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "oathkeeper.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "oathkeeper.fullname" . }}-proxy -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
   echo http://$SERVICE_IP:{{ .Values.service.proxy.port }}
   curl -X GET http://$SERVICE_IP:{{ .Values.service.proxy.port }}/authenticator/noop/authorizer/allow/mutator/noop
   curl -X GET http://$SERVICE_IP:{{ .Values.service.proxy.port }}/authenticator/anonymous/authorizer/allow/mutator/header
   curl -X GET http://$SERVICE_IP:{{ .Values.service.proxy.port }}/authenticator/anonymous/authorizer/allow/mutator/id_token
 {{- else if contains "ClusterIP" .Values.service.proxy.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ory-oathkeeper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "oathkeeper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
   echo "Visit http://127.0.0.1:{{ .Values.service.proxy.port }} to use your application"
   kubectl port-forward $POD_NAME {{ .Values.service.proxy.port }}:{{ .Values.oathkeeper.config.serve.proxy.port }}
   {{- if .Values.demo }}
@@ -42,20 +42,20 @@ The ORY Oathkeeper HTTP API is available via:
   {{- end }}
 {{- end }}
 {{- else if contains "NodePort" .Values.service.api.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "ory-oathkeeper.fullname" . }})
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "oathkeeper.fullname" . }})
   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
   echo http://$NODE_IP:$NODE_PORT
   curl -X GET http://$NODE_IP:$NODE_PORT/health/alive
   curl -X GET http://$NODE_IP:$NODE_PORT/rules
 {{- else if contains "LoadBalancer" .Values.service.api.type }}
      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "ory-oathkeeper.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "ory-oathkeeper.fullname" . }}-api -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "oathkeeper.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "oathkeeper.fullname" . }}-api -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
   echo http://$SERVICE_IP:{{ .Values.service.api.port }}
   curl -X GET http://$SERVICE_IP:{{ .Values.service.api.port }}/health/alive
   curl -X GET http://$SERVICE_IP:{{ .Values.service.api.port }}/rules
 {{- else if contains "ClusterIP" .Values.service.api.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ory-oathkeeper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "oathkeeper.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
   echo "Visit http://127.0.0.1:{{ .Values.service.api.port }} to use your application"
   kubectl port-forward $POD_NAME {{ .Values.service.api.port }}:{{ .Values.oathkeeper.config.serve.api.port }}
   curl -X GET http://127.0.0.1:{{ .Values.service.api.port }}/health/alive

helm/charts/ory-oathkeeper/templates/_helpers.tpl → helm/charts/oathkeeper/templates/_helpers.tpl

@@ -2,7 +2,7 @@
 {{/*
 Expand the name of the chart.
 */}}
-{{- define "ory-oathkeeper.name" -}}
+{{- define "oathkeeper.name" -}}
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
@@ -11,7 +11,7 @@ Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 If release name contains chart name it will be used as a full name.
 */}}
-{{- define "ory-oathkeeper.fullname" -}}
+{{- define "oathkeeper.fullname" -}}
 {{- if .Values.fullnameOverride -}}
 {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
 {{- else -}}
@@ -27,16 +27,16 @@ If release name contains chart name it will be used as a full name.
 {{/*
 Create chart name and version as used by the chart label.
 */}}
-{{- define "ory-oathkeeper.chart" -}}
+{{- define "oathkeeper.chart" -}}
 {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
 {{/*
 Common labels
 */}}
-{{- define "ory-oathkeeper.labels" -}}
-app.kubernetes.io/name: {{ include "ory-oathkeeper.name" . }}
-helm.sh/chart: {{ include "ory-oathkeeper.chart" . }}
+{{- define "oathkeeper.labels" -}}
+app.kubernetes.io/name: {{ include "oathkeeper.name" . }}
+helm.sh/chart: {{ include "oathkeeper.chart" . }}
 app.kubernetes.io/instance: {{ .Release.Name }}
 {{- if .Chart.AppVersion }}
 app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}

helm/charts/ory-oathkeeper/templates/configmap.yaml → helm/charts/oathkeeper/templates/configmap.yaml

@@ -1,9 +1,9 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: {{ include "ory-oathkeeper.fullname" . }}
+  name: {{ include "oathkeeper.fullname" . }}
   labels:
-{{ include "ory-oathkeeper.labels" . | indent 4 }}
+{{ include "oathkeeper.labels" . | indent 4 }}
 data:
 {{- if .Values.oathkeeper.accessRules}}
   "access-rules.json": |
@@ -13,15 +13,15 @@ data:
 {{- if .Values.demo }}
     access_rules:
       repositories:
-      - "https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/ory-oathkeeper/demo/access-rules.json"
+      - "https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/oathkeeper/demo/access-rules.json"
 
     authenticators:
       anonymous:
         enabled: true
       jwt:
         enabled: true
         jwks_urls:
-          - "https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/ory-oathkeeper/demo/authenticator.jwt.jwks.json"
+          - "https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/oathkeeper/demo/authenticator.jwt.jwks.json"
       noop:
         enabled: true
       unauthorized:
@@ -40,8 +40,8 @@ data:
         enabled: true
       id_token:
         enabled: true
-        issuer_url: http://{{ include "ory-oathkeeper.fullname" . }}/
-        jwks_url: https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/ory-oathkeeper/demo/mutator.id_token.jwks.json
+        issuer_url: http://{{ include "oathkeeper.fullname" . }}/
+        jwks_url: https://raw.githubusercontent.com/ory/k8s/feat-oathkeeper-helm/helm/oathkeeper/demo/mutator.id_token.jwks.json
       noop:
         enabled: true
 

helm/charts/ory-oathkeeper/templates/deployment.yaml → helm/charts/oathkeeper/templates/deployment.yaml

@@ -1,32 +1,32 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: {{ include "ory-oathkeeper.fullname" . }}
+  name: {{ include "oathkeeper.fullname" . }}
   labels:
-{{ include "ory-oathkeeper.labels" . | indent 4 }}
+{{ include "oathkeeper.labels" . | indent 4 }}
 spec:
   replicas: {{ .Values.replicaCount }}
   selector:
     matchLabels:
-      app.kubernetes.io/name: {{ include "ory-oathkeeper.name" . }}
+      app.kubernetes.io/name: {{ include "oathkeeper.name" . }}
       app.kubernetes.io/instance: {{ .Release.Name }}
   template:
     metadata:
       labels:
-        app.kubernetes.io/name: {{ include "ory-oathkeeper.name" . }}
+        app.kubernetes.io/name: {{ include "oathkeeper.name" . }}
         app.kubernetes.io/instance: {{ .Release.Name }}
     spec:
     {{- with .Values.imagePullSecrets }}
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}
     {{- end }}
       volumes:
-        - name: {{ include "ory-oathkeeper.name" . }}-config-volume
+        - name: {{ include "oathkeeper.name" . }}-config-volume
           configMap:
-            name: {{ include "ory-oathkeeper.fullname" . }}
-        - name: {{ include "ory-oathkeeper.name" . }}-secrets-volume
+            name: {{ include "oathkeeper.fullname" . }}
+        - name: {{ include "oathkeeper.name" . }}-secrets-volume
           secret:
-            secretName: {{ include "ory-oathkeeper.fullname" . }}
+            secretName: {{ include "oathkeeper.fullname" . }}
       containers:
         - name: {{ .Chart.Name }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
@@ -42,10 +42,10 @@ spec:
               value: "file:///etc/config/access-rules.json"
             {{- end }}
           volumeMounts:
-            - name: {{ include "ory-oathkeeper.name" . }}-config-volume
+            - name: {{ include "oathkeeper.name" . }}-config-volume
               mountPath: /etc/config
               readOnly: true
-            - name: {{ include "ory-oathkeeper.name" . }}-secrets-volume
+            - name: {{ include "oathkeeper.name" . }}-secrets-volume
               mountPath: /etc/secrets
               readOnly: true
           ports:

helm/charts/ory-oathkeeper/templates/ingress-api.yaml → helm/charts/oathkeeper/templates/ingress-api.yaml

@@ -1,11 +1,11 @@
 {{- if .Values.ingress.api.enabled -}}
-{{- $fullName := include "ory-oathkeeper.fullname" . -}}
+{{- $fullName := include "oathkeeper.fullname" . -}}
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
   name: {{ $fullName }}
   labels:
-{{ include "ory-oathkeeper.labels" . | indent 4 }}
+{{ include "oathkeeper.labels" . | indent 4 }}
   {{- with .Values.ingress.api.annotations }}
   annotations:
     {{- toYaml . | nindent 4 }}

helm/charts/ory-oathkeeper/templates/ingress-proxy.yaml → helm/charts/oathkeeper/templates/ingress-proxy.yaml

@@ -1,11 +1,11 @@
 {{- if .Values.ingress.proxy.enabled -}}
-{{- $fullName := include "ory-oathkeeper.fullname" . -}}
+{{- $fullName := include "oathkeeper.fullname" . -}}
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
   name: {{ $fullName }}
   labels:
-{{ include "ory-oathkeeper.labels" . | indent 4 }}
+{{ include "oathkeeper.labels" . | indent 4 }}
   {{- with .Values.ingress.proxy.annotations }}
   annotations:
     {{- toYaml . | nindent 4 }}

helm/charts/ory-oathkeeper/templates/secret-jwks.yaml → helm/charts/oathkeeper/templates/secret-jwks.yaml

@@ -1,9 +1,9 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ include "ory-oathkeeper.fullname" . }}
+  name: {{ include "oathkeeper.fullname" . }}
   labels:
-{{ include "ory-oathkeeper.labels" . | indent 4 }}
+{{ include "oathkeeper.labels" . | indent 4 }}
 type: Opaque
 data:
 {{- if .Values.oathkeeper.mutatorIdTokenJWKs }}

helm/charts/ory-oathkeeper/templates/service-api.yaml → helm/charts/oathkeeper/templates/service-api.yaml

@@ -2,9 +2,9 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "ory-oathkeeper.fullname" . }}-api
+  name: {{ include "oathkeeper.fullname" . }}-api
   labels:
-{{ include "ory-oathkeeper.labels" . | indent 4 }}
+{{ include "oathkeeper.labels" . | indent 4 }}
 spec:
   type: {{ .Values.service.api.type }}
   ports:
@@ -13,6 +13,6 @@ spec:
       protocol: TCP
       name: http-api
   selector:
-    app.kubernetes.io/name: {{ include "ory-oathkeeper.name" . }}
+    app.kubernetes.io/name: {{ include "oathkeeper.name" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}

helm/charts/ory-oathkeeper/templates/service-proxy.yaml → helm/charts/oathkeeper/templates/service-proxy.yaml

@@ -2,9 +2,9 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "ory-oathkeeper.fullname" . }}-proxy
+  name: {{ include "oathkeeper.fullname" . }}-proxy
   labels:
-{{ include "ory-oathkeeper.labels" . | indent 4 }}
+{{ include "oathkeeper.labels" . | indent 4 }}
 spec:
   type: {{ .Values.service.proxy.type }}
   ports:
@@ -13,6 +13,6 @@ spec:
       protocol: TCP
       name: http-proxy
   selector:
-    app.kubernetes.io/name: {{ include "ory-oathkeeper.name" . }}
+    app.kubernetes.io/name: {{ include "oathkeeper.name" . }}
     app.kubernetes.io/instance: {{ .Release.Name }}
 {{- end }}