Updating readme and templates

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -81,10 +81,3 @@ body:
       label: Operating system type and version
     validations:
       required: true
-
-  - type: input
-    id: xr-version
-    attributes:
-      label: JFrog Xray version
-    validations:
-      required: false

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,5 +1,5 @@
 - [ ] All [tests](https://github.com/jfrog/jfrog-registry-operator#tests) passed. If this feature is not already covered by the tests, I added new tests.
-- [ ] This pull request is on the dev branch.
+- [ ] This pull request is on the main branch.
 - [ ] I used gofmt for formatting the code before submitting the pull request.
 ---
 

.github/workflows/frogbot-scan-pull-request.yml

@@ -12,112 +12,13 @@ jobs:
     # "jfrog-registry-operator" GitHub environment can approve the pull request to be scanned.
     environment: jfrog-registry-operator
     steps:
-      - uses: jfrog/jfrog-registry-operator@v2
+      - uses: jfrog/jfrog-registry-operator
         env:
           JFROG_CLI_LOG_LEVEL: "DEBUG"
-          # [Mandatory]
-          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
-          JF_URL: ${{ secrets.OPERATOR_URL }}
 
           # [Mandatory if JF_USER and JF_PASSWORD are not provided]
-          # JFrog access token with 'read' permissions on Xray service
           JF_ACCESS_TOKEN: ${{ secrets.OPERATOR_ACCESS_TOKEN }}
 
           # [Mandatory]
           # The GitHub token is automatically generated for the job
           JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-          # [Optional, default: https://api.github.com]
-          # API endpoint to GitHub
-          # JF_GIT_API_ENDPOINT: https://github.example.com
-
-          # [Optional]
-          # By default, the jfrog-registry-operator workflows download the jfrog-registry-operator executable as well as other tools
-          # needed from https://releases.jfrog.io
-          # If the machine that runs jfrog-registry-operator has no access to the internet, follow these steps to allow the
-          # executable to be downloaded from an Artifactory instance, which the machine has access to:
-          #
-          # 1. Login to the Artifactory UI, with a user who has admin credentials.
-          # 2. Create a Remote Repository with the following properties set.
-          #    Under the 'Basic' tab:
-          #       Package Type: Generic
-          #       URL: https://releases.jfrog.io
-          #    Under the 'Advanced' tab:
-          #       Uncheck the 'Store Artifacts Locally' option
-          # 3. Set the value of the 'JF_RELEASES_REPO' variable with the Repository Key you created.
-          # JF_RELEASES_REPO: ""
-
-          # [Optional]
-          # Configure the SMTP server to enable jfrog-registry-operator to send emails with detected secrets in pull request scans.
-          # SMTP server URL including should the relevant port: (Example: smtp.server.com:8080)
-          JF_SMTP_SERVER: ${{ secrets.JF_SMTP_SERVER }}
-
-          # [Mandatory if JF_SMTP_SERVER is set]
-          # The username required for authenticating with the SMTP server.
-          JF_SMTP_USER: ${{ secrets.JF_SMTP_USER }}
-
-          # [Mandatory if JF_SMTP_SERVER is set]
-          # The password associated with the username required for authentication with the SMTP server.
-          JF_SMTP_PASSWORD: ${{ secrets.JF_SMTP_PASSWORD }}
-
-          # [Optional]
-          # List of comma separated email addresses to receive email notifications about secrets
-          # detected during pull request scanning. The notification is also sent to the email set
-          # in the committer git profile regardless of whether this variable is set or not.
-          JF_EMAIL_RECEIVERS: "[email protected]"
-
-          ##########################################################################
-          ##   If your project uses a 'jfrog-registry-operator-config.yml' file, you can define   ##
-          ##   the following variables inside the file, instead of here.          ##
-          ##########################################################################
-
-          # [Mandatory if the two conditions below are met]
-          # 1. The project uses yarn 2, NuGet or .NET Core to download its dependencies
-          # 2. The `installCommand` variable isn't set in your jfrog-registry-operator-config.yml file.
-          #
-          # The command that installs the project dependencies (e.g "nuget restore")
-          # JF_INSTALL_DEPS_CMD: ""
-
-          # [Optional, default: "."]
-          # Relative path to the root of the project in the Git repository
-          # JF_WORKING_DIR: path/to/project/dir
-
-          # [Optional]
-          # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches
-          # JF_WATCHES: <watch-1>,<watch-2>...<watch-n>
-
-          # [Optional]
-          # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects
-          # JF_PROJECT: <project-key>
-
-          # [Optional, default: "FALSE"]
-          # Displays all existing vulnerabilities, including the ones that were added by the pull request.
-          # JF_INCLUDE_ALL_VULNERABILITIES: "TRUE"
-
-          # [Optional, default: "FALSE"]
-          # When adding new comments on pull requests, keep old comments that were added by previous scans.
-          # JF_AVOID_PREVIOUS_PR_COMMENTS_DELETION: "TRUE"
-
-          # [Optional, default: "TRUE"]
-          # Fails the jfrog-registry-operator task if any security issue is found.
-          # JF_FAIL: "FALSE"
-
-          # [Optional]
-          # Jfrog-registry-operator will download the project dependencies if they're not cached locally. To download the
-          # dependencies from a virtual repository in Artifactory, set the name of the repository. There's no
-          # need to set this value, if it is set in the jfrog-registry-operator-config.yml file.
-          # JF_DEPS_REPO: ""
-
-          # [Optional, Default: "FALSE"]
-          # If TRUE, Jfrog-registry-operator creates a single pull request with all the fixes.
-          # If false, Jfrog-registry-operator creates a separate pull request for each fix.
-          # JF_GIT_AGGREGATE_FIXES: "FALSE"
-
-          # [Optional, Default: "FALSE"]
-          # Handle vulnerabilities with fix versions only
-          # JF_FIXABLE_ONLY: "TRUE"
-
-          # [Optional]
-          # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests
-          # The following values are accepted: Low, Medium, High or Critical
-          # JF_MIN_SEVERITY: ""

.github/workflows/frogbot-scan-repository.yml

@@ -15,18 +15,11 @@ jobs:
     strategy:
       matrix:
         # The repository scanning will be triggered periodically on the following branches.
-        branch: [ "dev" ]
+        branch: [ "main" ]
     steps:
-      - uses: jfrog/jfrog-registry-operator@v2
+      - uses: jfrog/jfrog-registry-operator
         env:
           JFROG_CLI_LOG_LEVEL: "DEBUG"
-          # [Mandatory]
-          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
-          JF_URL: ${{ secrets.OPERATOR_URL }}
-
-          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
-          # JFrog access token with 'read' permissions on Xray service
-          JF_ACCESS_TOKEN: ${{ secrets.OPERATOR_ACCESS_TOKEN }}
 
           # [Mandatory]
           # The GitHub token is automatically generated for the job
@@ -35,84 +28,3 @@ jobs:
           # [Mandatory]
           # The name of the branch on which jfrog-registry-operator will perform the scan
           JF_GIT_BASE_BRANCH: ${{ matrix.branch }}
-
-          # [Optional, default: https://api.github.com]
-          # API endpoint to GitHub
-          # JF_GIT_API_ENDPOINT: https://github.example.com
-
-          # [Optional]
-          # By default, the jfrog-registry-operator workflows download the jfrog-registry-operator executable as well as other tools
-          # needed from https://releases.jfrog.io
-          # If the machine that runs jfrog-registry-operator has no access to the internet, follow these steps to allow the
-          # executable to be downloaded from an Artifactory instance, which the machine has access to:
-          #
-          # 1. Login to the Artifactory UI, with a user who has admin credentials.
-          # 2. Create a Remote Repository with the following properties set.
-          #    Under the 'Basic' tab:
-          #       Package Type: Generic
-          #       URL: https://releases.jfrog.io
-          #    Under the 'Advanced' tab:
-          #       Uncheck the 'Store Artifacts Locally' option
-          # 3. Set the value of the 'JF_RELEASES_REPO' variable with the Repository Key you created.
-          # JF_RELEASES_REPO: ""
-
-          ##########################################################################
-          ##   If your project uses a 'jfrog-registry-operator-config.yml' file, you can define   ##
-          ##   the following variables inside the file, instead of here.          ##
-          ##########################################################################
-
-          # [Optional, default: "."]
-          # Relative path to the root of the project in the Git repository
-          # JF_WORKING_DIR: path/to/project/dir
-
-          # [Optional]
-          # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches
-          # JF_WATCHES: <watch-1>,<watch-2>...<watch-n>
-
-          # [Optional]
-          # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects
-          # JF_PROJECT: <project-key>
-
-          # [Optional, default: "TRUE"]
-          # Fails the jfrog-registry-operator task if any security issue is found.
-          # JF_FAIL: "FALSE"
-
-          # [Optional]
-          # jfrog-registry-operator will download the project dependencies, if they're not cached locally. To download the
-          # dependencies from a virtual repository in Artifactory, set the name of the repository. There's no
-          # need to set this value, if it is set in the jfrog-registry-operator-config.yml file.
-          # JF_DEPS_REPO: ""
-
-          # [Optional]
-          # Template for the branch name generated by jfrog-registry-operator when creating pull requests with fixes.
-          # The template must include {BRANCH_NAME_HASH}, to ensure that the generated branch name is unique.
-          # The template can optionally include the {IMPACTED_PACKAGE} and {FIX_VERSION} variables.
-          # JF_BRANCH_NAME_TEMPLATE: "jfrog-registry-operator-{IMPACTED_PACKAGE}-{BRANCH_NAME_HASH}"
-
-          # [Optional]
-          # Template for the commit message generated by jfrog-registry-operator when creating pull requests with fixes
-          # The template can optionally include the {IMPACTED_PACKAGE} and {FIX_VERSION} variables.
-          # JF_COMMIT_MESSAGE_TEMPLATE: "Upgrade {IMPACTED_PACKAGE} to {FIX_VERSION}"
-
-          # [Optional]
-          # Template for the pull request title generated by jfrog-registry-operator when creating pull requests with fixes.
-          # The template can optionally include the {IMPACTED_PACKAGE} and {FIX_VERSION} variables.
-          # JF_PULL_REQUEST_TITLE_TEMPLATE: "[🐸 Jfrog Registry Operator] Upgrade {IMPACTED_PACKAGE} to {FIX_VERSION}"
-
-          # [Optional, Default: "FALSE"]
-          # If TRUE, jfrog-registry-operator creates a single pull request with all the fixes.
-          # If FALSE, jfrog-registry-operator creates a separate pull request for each fix.
-          # JF_GIT_AGGREGATE_FIXES: "FALSE"
-
-          # [Optional, Default: "FALSE"]
-          # Handle vulnerabilities with fix versions only
-          # JF_FIXABLE_ONLY: "TRUE"
-
-          # [Optional]
-          # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests
-          # The following values are accepted: Low, Medium, High or Critical
-          # JF_MIN_SEVERITY: ""
-
-          # [Optional, Default: [email protected]]
-          # Set the email of the commit author
-          # JF_GIT_EMAIL_AUTHOR: ""

.github/workflows/validate-pr-target-branch.yml

@@ -13,7 +13,7 @@ jobs:
     steps:
       - name: Check Target Branch
         run: |
-          if [ "${{ github.base_ref }}" != "dev" ]; then
-            echo "Pull requests must target the 'dev' branch."
+          if [ "${{ github.base_ref }}" != "main" ]; then
+            echo "Pull requests must target the 'main' branch."
             exit 1
           fi

README.md

@@ -1,7 +1,6 @@
 
 # JFrog Registry Operator
 
-## Two ways to install an operator using manual deployment and a Helm chart on Kubernetes
 
 ### Install operator using helm chart
 
@@ -68,34 +67,6 @@ kubectl delete -f [secretrotator.yaml](https://github.com/jfrog/jfrog-registry-o
 kubectl delete crd secretrotators.apps.jfrog.com
 ```
 
-### Install JFrog secret rotator operator manually
-
-```sh
-# deploy the crd:
-kubectl apply -f https://raw.githubusercontent.com/jfrog/jfrog-registry-operator/main/config/crd/bases/apps.jfrog.com_secretrotators.yaml
-
-# install operator
-kubectl apply -f https://raw.githubusercontent.com/jfrog/jfrog-registry-operator/main/config/deploy/operator.yaml
-
-# create secretrotator object
-Ref: https://github.com/jfrog/jfrog-registry-operator/blob/main/charts/jfrog-registry-operator/examples/secretrotator.yaml
-kubectl apply -f [secretrotator.yaml](https://github.com/jfrog/jfrog-registry-operator/blob/main/charts/jfrog-registry-operator/examples/secretrotator.yaml) -n ${NAMESPACE}
-```
-
-#### Uninstall operator
-
-```sh
-# delete secretrotator object
-Ref: https://github.com/jfrog/jfrog-registry-operator/blob/main/charts/jfrog-registry-operator/examples/secretrotator.yaml
-kubectl delete -f secretrotator.yaml -n ${NAMESPACE}
-
-# delete the operator:
-kubectl delete -f https://raw.githubusercontent.com/jfrog/jfrog-registry-operator/main/config/deploy/operator.yaml
-
-### delete CRD
-kubectl delete -f https://raw.githubusercontent.com/jfrog/jfrog-registry-operator/main/config/crd/bases/apps.jfrog.com_secretrotators.yaml
-```
-
 ### Check Resources in your cluster
 
 ```shell

charts/jfrog-registry-operator/full-values.yaml

@@ -357,7 +357,7 @@ persistence:
   ##
   mountPath: /var/opt/jfrog/jfrog-registry-operator
   ## @param persistence.subPath The subdirectory of the volume to mount to
-  ## Useful in dev environments and one PV for multiple services
+  ## Useful in main environments and one PV for multiple services
   ##
   subPath: ""
   ## @param persistence.size PVC Storage Request for metadata data volume

charts/jfrog-registry-operator/values.yaml

@@ -189,7 +189,7 @@ persistence:
   ##
   mountPath: /var/opt/jfrog/jfrog-registry-operator
   ## @param persistence.subPath The subdirectory of the volume to mount to
-  ## Useful in dev environments and one PV for multiple services
+  ## Useful in main environments and one PV for multiple services
   ##
   subPath: ""
   ## @param persistence.size PVC Storage Request for metadata data volume

controllers/secretrotator_controller.go

@@ -20,6 +20,7 @@ import (
 	jfrogv1alpha1 "artifactory-secrets-rotator/api/v1alpha1"
 	"artifactory-secrets-rotator/internal/operations"
 	"errors"
+
 	corev1 "k8s.io/api/core/v1"
 	"sigs.k8s.io/controller-runtime/pkg/controller"
 	"sigs.k8s.io/controller-runtime/pkg/log"