Mod update

README.md

@@ -1,8 +1,8 @@
 # ziti-k8s-agent
 
-To deploy to your cluster for testing:
+The agent automates sidecar injection for microservices within Kubernetes. It manages identity creation and deletion on the NetFoundry Network and in Kubernetes Secrets. It deploys a mutating webhook that interacts with the Kubernetes Admission Controller using pod CRUD (Create, Read, Update, Delete) events.
 
-**Note: All resources in the spec are configured for namespace `ziti`. One can replace it with his/her own namespace by replacing `ziti` with a new one. `metadata: namespace: ziti`. The webhook container was precreated for the testing and it is already configured in the deployment spec `docker.io/elblag91/ziti-agent-wh:{tag}`.**
+# deployment details
 
 Update the secret and config map templates with the ziti controller details and some additional sidecar specific configuration in the webhook spec file.
 ```bash
@@ -19,6 +19,9 @@ data:
   zitiRoleKey: identity.openziti.io/role-attributes
   podSecurityContextOverride: "false"
   SearchDomainList: "$WHITESPACE_SEPERATED_STRING" #Default cluster.local $POD_NAMESPACE.svc
+
+# update webhook namespace
+Replace $WEBHOOK_NAMESPACE with the chosen namespace.
 ```
 
 Run the spec
@@ -69,17 +72,20 @@ env:
         key:  clusterDnsSvcIp
 ```
 
-### Example Ziti Webhook Deployment Template
+# Example Deployment
 
 **Prerequisities:**
 
 [NF Network](https://cloudziti.io/login)
+
 ```shell
-export NF_IDENTITY_PATH="path/to/adminUser.json create on NF Network"
-export $WEBHOOK_NAMESPACE="namespace to deploy the webhook to"
+export NF_IDENTITY_PATH="path/to/adminUser.json created and enrolled on NF Network"
+export WEBHOOK_NAMESPACE="namespace to deploy the webhook to"
+export CLUSTER="cluster context name"
 ```
 Copy the following code to linux terminal
-<details><summary>Code</summary><p>
+
+<details><summary>Webhook Spec Creation</summary><p>
 
 ```shell
 export CTRL_MGMT_API=$(sed "s/client/management/" <<< `jq -r .ztAPI $NF_IDENTITY_PATH`)
@@ -305,3 +311,11 @@ EOF
 ```
 
 </p></details>
+
+<details><summary>Deployment Spec to Cluster</summary><p>
+
+```shell
+kubectl -f ziti-webhook-spec.yaml --context $CLUSTER
+```
+
+</p></details>

demo/README.md

@@ -3639,7 +3639,7 @@ kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.22/samp
 ### Deploy Cert-manager CRDs to GKE
 ```shell
 kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.15.1/cert-manager.yaml --context $GKE_CLUSTER
-kubectl get pods --namespace cert-manager --context $AWS_CLUSTER
+kubectl get pods --namespace cert-manager --context $GKE_CLUSTER
 ```
 ### Deploy Ziti K8S Agent Webhook to GKE
 ```shell

go.mod

@@ -1,26 +1,22 @@
-module github.com/dariuszski/ziti-k8s-agent
+module github.com/netfoundry/ziti-k8s-agent
 
 go 1.22.3
 
 require (
 	github.com/google/uuid v1.6.0
-	github.com/openziti/edge-api v0.26.20
-	github.com/openziti/sdk-golang v0.23.38
+	github.com/openziti/edge-api v0.26.22
+	github.com/openziti/sdk-golang v0.23.39
 	github.com/spf13/cobra v1.8.1
-	k8s.io/api v0.30.2
-	k8s.io/apimachinery v0.30.2
-	k8s.io/client-go v0.30.2
-	k8s.io/component-base v0.30.2
+	k8s.io/api v0.30.3
+	k8s.io/apimachinery v0.30.3
+	k8s.io/client-go v0.30.3
 	k8s.io/klog/v2 v2.130.1
 )
 
 require (
 	github.com/Jeffail/gabs v1.4.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
-	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
@@ -43,7 +39,6 @@ require (
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
-	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
 	github.com/gorilla/schema v1.2.0 // indirect
@@ -57,7 +52,6 @@ require (
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
 	github.com/michaelquigley/pfxlog v0.6.10 // indirect
 	github.com/miekg/pkcs11 v1.1.1 // indirect
@@ -69,22 +63,18 @@ require (
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
-	github.com/openziti/channel/v2 v2.0.132 // indirect
-	github.com/openziti/foundation/v2 v2.0.46 // indirect
-	github.com/openziti/identity v1.0.79 // indirect
-	github.com/openziti/metrics v1.2.55 // indirect
-	github.com/openziti/secretstream v0.1.20 // indirect
-	github.com/openziti/transport/v2 v2.0.135 // indirect
+	github.com/openziti/channel/v2 v2.0.136 // indirect
+	github.com/openziti/foundation/v2 v2.0.47 // indirect
+	github.com/openziti/identity v1.0.81 // indirect
+	github.com/openziti/metrics v1.2.56 // indirect
+	github.com/openziti/secretstream v0.1.21 // indirect
+	github.com/openziti/transport/v2 v2.0.138 // indirect
 	github.com/orcaman/concurrent-map/v2 v2.0.1 // indirect
 	github.com/parallaxsecond/parsec-client-go v0.0.0-20221025095442-f0a77d263cf9 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
-	github.com/prometheus/client_golang v1.16.0 // indirect
-	github.com/prometheus/client_model v0.4.0 // indirect
-	github.com/prometheus/common v0.44.0 // indirect
-	github.com/prometheus/procfs v0.10.1 // indirect
 	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
-	github.com/shirou/gopsutil/v3 v3.24.4 // indirect
+	github.com/shirou/gopsutil/v3 v3.24.5 // indirect
 	github.com/shoenig/go-m1cpu v0.1.6 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/speps/go-hashids v2.0.0+incompatible // indirect
@@ -93,21 +83,21 @@ require (
 	github.com/tklauser/numcpus v0.6.1 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
 	github.com/zitadel/oidc/v2 v2.12.0 // indirect
-	go.mongodb.org/mongo-driver v1.15.0 // indirect
+	go.mongodb.org/mongo-driver v1.16.0 // indirect
 	go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1 // indirect
-	go.opentelemetry.io/otel v1.27.0 // indirect
-	go.opentelemetry.io/otel/metric v1.27.0 // indirect
-	go.opentelemetry.io/otel/trace v1.27.0 // indirect
-	golang.org/x/crypto v0.24.0 // indirect
+	go.opentelemetry.io/otel v1.28.0 // indirect
+	go.opentelemetry.io/otel/metric v1.28.0 // indirect
+	go.opentelemetry.io/otel/trace v1.28.0 // indirect
+	golang.org/x/crypto v0.25.0 // indirect
 	golang.org/x/exp v0.0.0-20221031165847-c99f073a8326 // indirect
-	golang.org/x/net v0.26.0 // indirect
-	golang.org/x/oauth2 v0.20.0 // indirect
+	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/oauth2 v0.21.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.21.0 // indirect
-	golang.org/x/term v0.21.0 // indirect
+	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/term v0.22.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
-	google.golang.org/protobuf v1.34.1 // indirect
+	google.golang.org/protobuf v1.34.2 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect