From b9630d889447ff497a6ee3526f4c3af72588ee17 Mon Sep 17 00:00:00 2001
From: Valentin Klopfenstein <klopfenstein@puzzle.ch>
Date: Wed, 19 Jun 2024 09:53:06 +0200
Subject: [PATCH] Change wording and handling of .Values.groupName

---
 README.md                                        |  2 +-
 .../templates/_helpers.tpl                       |  7 +++++++
 .../templates/apiservice.yaml                    |  4 ++--
 .../templates/deployment.yaml                    |  2 +-
 .../templates/production.cluster-issuer.yaml     |  2 +-
 .../templates/rbac.yaml                          |  2 +-
 .../templates/staging.cluster-issuer.yaml        |  2 +-
 charts/cert-manager-webhook-dnsimple/values.yaml | 16 ++++++----------
 8 files changed, 20 insertions(+), 17 deletions(-)

diff --git a/README.md b/README.md
index 084ebd9..273b044 100644
--- a/README.md
+++ b/README.md
@@ -66,7 +66,7 @@ The Helm chart accepts the following values:
 | `image.pullPolicy`                 | ✔️       | Image pull policy of the solver                 | `IfNotPresent`                          |
 | `logLevel`                         |          | Set the verbosity of the solver                 | _empty_                                 |
 | `useUnprivilegedPort`              |          | Use an unprivileged container-port for the webhook  | `true`                              |
-| `groupName`                        | ✔️       | Identifies the company that created the webhook | _empty_                                 |
+| `groupName`                        | ✔️       | Name of the API group used to register the webhook API service as | `acme.dnsimple.com`                                 |
 | `certManager.namespace`            | ✔️       | The namespace cert-manager was installed to     | `cert-manager`                          |
 | `certManager.serviceAccountName`   | ✔️       | The service account cert-manager runs under     | `cert-manager`                          |
 
diff --git a/charts/cert-manager-webhook-dnsimple/templates/_helpers.tpl b/charts/cert-manager-webhook-dnsimple/templates/_helpers.tpl
index 81058bb..ea54feb 100644
--- a/charts/cert-manager-webhook-dnsimple/templates/_helpers.tpl
+++ b/charts/cert-manager-webhook-dnsimple/templates/_helpers.tpl
@@ -6,6 +6,13 @@ Expand the name of the chart.
 {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
 
+{{/*
+APIService group name
+*/}}
+{{- define "dnsimple-webhook.api-group" -}}
+{{- default "acme.dnsimple.com" (.Values.groupName) -}}
+{{- end -}}
+
 {{/*
 Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
diff --git a/charts/cert-manager-webhook-dnsimple/templates/apiservice.yaml b/charts/cert-manager-webhook-dnsimple/templates/apiservice.yaml
index 2e39b75..b498911 100644
--- a/charts/cert-manager-webhook-dnsimple/templates/apiservice.yaml
+++ b/charts/cert-manager-webhook-dnsimple/templates/apiservice.yaml
@@ -2,7 +2,7 @@
 apiVersion: {{ $APIRegistrationAPIVersion }}
 kind: APIService
 metadata:
-  name: v1alpha1.{{ .Values.groupName }}
+  name: v1alpha1.{{ include "dnsimple-webhook.api-group" . }}
   labels:
     app: {{ include "dnsimple-webhook.name" . }}
     chart: {{ include "dnsimple-webhook.chart" . }}
@@ -11,7 +11,7 @@ metadata:
   annotations:
     cert-manager.io/inject-ca-from: "{{ .Release.Namespace }}/{{ include "dnsimple-webhook.servingCertificate" . }}"
 spec:
-  group: {{ .Values.groupName }}
+  group: {{ include "dnsimple-webhook.api-group" . }}
   groupPriorityMinimum: 1000
   versionPriority: 15
   service:
diff --git a/charts/cert-manager-webhook-dnsimple/templates/deployment.yaml b/charts/cert-manager-webhook-dnsimple/templates/deployment.yaml
index 02634ec..26efa09 100644
--- a/charts/cert-manager-webhook-dnsimple/templates/deployment.yaml
+++ b/charts/cert-manager-webhook-dnsimple/templates/deployment.yaml
@@ -43,7 +43,7 @@ spec:
 {{- end }}
           env:
             - name: GROUP_NAME
-              value: {{ .Values.groupName | quote }}
+              value: {{ include "dnsimple-webhook.api-group" . | quote }}
           ports:
             - name: https
 {{- if .Values.useUnprivilegedPort }}
diff --git a/charts/cert-manager-webhook-dnsimple/templates/production.cluster-issuer.yaml b/charts/cert-manager-webhook-dnsimple/templates/production.cluster-issuer.yaml
index 880b592..2ac5220 100644
--- a/charts/cert-manager-webhook-dnsimple/templates/production.cluster-issuer.yaml
+++ b/charts/cert-manager-webhook-dnsimple/templates/production.cluster-issuer.yaml
@@ -22,6 +22,6 @@ spec:
               key: token
               name: {{ include "dnsimple-webhook.tokenSecretName" . }}
             accountID: {{ .Values.dnsimple.accountID | quote }}
-          groupName: {{ .Values.groupName }}
+          groupName: {{ include "dnsimple-webhook.api-group" . }}
           solverName: dnsimple
 {{- end -}}
diff --git a/charts/cert-manager-webhook-dnsimple/templates/rbac.yaml b/charts/cert-manager-webhook-dnsimple/templates/rbac.yaml
index 0dc20c4..91192d8 100644
--- a/charts/cert-manager-webhook-dnsimple/templates/rbac.yaml
+++ b/charts/cert-manager-webhook-dnsimple/templates/rbac.yaml
@@ -65,7 +65,7 @@ metadata:
     heritage: {{ .Release.Service }}
 rules:
   - apiGroups:
-      - {{ .Values.groupName }}
+      - {{ include "dnsimple-webhook.api-group" . }}
     resources:
       - '*'
     verbs:
diff --git a/charts/cert-manager-webhook-dnsimple/templates/staging.cluster-issuer.yaml b/charts/cert-manager-webhook-dnsimple/templates/staging.cluster-issuer.yaml
index 73c0973..1bc4134 100644
--- a/charts/cert-manager-webhook-dnsimple/templates/staging.cluster-issuer.yaml
+++ b/charts/cert-manager-webhook-dnsimple/templates/staging.cluster-issuer.yaml
@@ -22,6 +22,6 @@ spec:
               key: token
               name: {{ include "dnsimple-webhook.tokenSecretName" . }}
             accountID: {{ .Values.dnsimple.accountID | quote }}
-          groupName: {{ .Values.groupName }}
+          groupName: {{ include "dnsimple-webhook.api-group" . }}
           solverName: dnsimple
 {{- end -}}
diff --git a/charts/cert-manager-webhook-dnsimple/values.yaml b/charts/cert-manager-webhook-dnsimple/values.yaml
index a058a1b..c8daeea 100644
--- a/charts/cert-manager-webhook-dnsimple/values.yaml
+++ b/charts/cert-manager-webhook-dnsimple/values.yaml
@@ -1,12 +1,8 @@
-# The GroupName here is used to identify your company or business unit that
-# created this webhook.
-# For example, this may be "acme.mycompany.com".
-# This name will need to be referenced in each Issuer's `webhook` stanza to
-# inform cert-manager of where to send ChallengePayload resources in order to
-# solve the DNS01 challenge.
-# This group name should be **unique**, hence using your own company's domain
-# here is recommended.
-groupName: ""
+
+# groupName sets the API group name for the API service that registers this webhook service.
+# If you wish to customize this name, uncomment line and set the value to an FQDN, i.e. acme.company.com
+#groupName: ""
+
 certManager:
   namespace: cert-manager
   serviceAccountName: cert-manager
@@ -47,4 +43,4 @@ resources: {}
 
 nodeSelector: {}
 tolerations: []
-affinity: {}
+affinity: {}
\ No newline at end of file