Skip to content

Commit 5d3ad53

Browse files
DjelibeybiDjelibeybi
committed
Update README.md with a better documented sample workflow
Signed-off-by: Avi Miller <[email protected]>
1 parent 40d5c16 commit 5d3ad53

File tree

1 file changed

+19
-47
lines changed

1 file changed

+19
-47
lines changed

README.md

Lines changed: 19 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -1,32 +1,29 @@
11
# Configure `kubectl` for Oracle Container Engine for Kubernetes
22

3-
Use this GitHub Action to install and configure `kubectl` to connect to
4-
the specified [Oracle Container Engine for Kubernetes][OKE] (OKE) cluster.
3+
Use this GitHub Action to install and configure `kubectl` to connect to the specified [Oracle Container Engine for Kubernetes][1] (OKE) cluster.
54

65
## Prerequisites
76

8-
The target OKE cluster must have a **public Kubernetes API Endpoint** in
9-
order for the GitHub Action to successfully connect to the cluster.
7+
The target OKE cluster must have a **public Kubernetes API Endpoint** in order for the GitHub Action to successfully connect to the cluster.
108

11-
The following [OCI CLI environment variables][1] must be defined for at least
12-
the `configure-kubectl-oke` task:
9+
The following [OCI CLI environment variables][2] must be defined for the workflow:
1310

1411
* `OCI_CLI_USER`
1512
* `OCI_CLI_TENANCY`
1613
* `OCI_CLI_FINGERPRINT`
1714
* `OCI_CLI_KEY_CONTENT`
1815
* `OCI_CLI_REGION`
1916

20-
We recommend using GitHub Secrets to store these values. [Defining your environment variables][2]
21-
at the job or workflow level would allow multiple tasks/jobs to reduce
22-
duplication.
17+
We recommend using GitHub Secrets to store these values. [Defining your environment variables][3] at the job or workflow level would allow multiple tasks/jobs to reduce duplication.
2318

2419
## Inputs
2520

2621
* `cluster`: (Required) The OCID of the OKE cluster to configure
2722

2823
## Sample workflow steps
2924

25+
The following sample workflow configures `kubectl` for the `OKE_CLUSTER_OCID` OKE cluster.
26+
3027
```yaml
3128
jobs:
3229
install-kubectl:
@@ -41,56 +38,31 @@ jobs:
4138

4239
steps:
4340
- name: Configure Kubectl
44-
uses: oracle-actions/configure-kubectl-oke@v1
41+
uses: oracle-actions/configure-kubectl-oke@v1.0
4542
id: test-configure-kubectl-oke-action
4643
with:
47-
cluster: ${{ secrets.OKE_CLUSTER }}
44+
cluster: ${{ secrets.OKE_CLUSTER_OCID }}
4845

4946
- name: Run Kubectl
5047
run: kubectl get nodes -A
5148
```
5249
53-
## Security recommendations
54-
55-
The **[Oracle Cloud Infrastructure Security Guide][OSG]** details our recommended
56-
**[best practices for securing user authentication][BP]** which include:
57-
58-
* creating **a dedicated service user account** specifically for GitHub Actions;
59-
* assigning that service account a **unique** and **complex** password;
60-
* **rotating the API signing key pair** used by the service account every 90 days; and
61-
* using **[GitHub encrypted secrets][GHS]** to store credentials.
62-
63-
> **Tip:** if you [create these secrets in your organization][SO], you can limited
64-
> which repositories have access to these secrets while also avoiding duplicating
65-
> the credentials in multiple repositories.
66-
6750
## Contributing
6851
69-
We welcome contributions from the community. Please review our [contribution guide][CG],
70-
then [start a discussion][SD] or [open an issue][OI] and let us know what you'd
71-
like to contribute.
52+
We welcome contributions from the community. Before submitting a pull request, please [review our contribution guide][4].
7253
7354
## Security
7455
75-
Please consult the [security guide][SG] for our responsible security
76-
vulnerability disclosure process.
56+
Please consult the [security guide][5] for our responsible security vulnerability disclosure process.
7757
7858
## License
7959
80-
Copyright (c) 2021 Oracle and/or its affiliates.
81-
82-
Released under the Universal Permissive License v1.0 as shown at
83-
<https://oss.oracle.com/licenses/upl/>.
84-
85-
[1]: https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/clienvironmentvariables.htm
86-
[2]: https://docs.github.com/en/actions/learn-github-actions/environment-variables
87-
[OKE]: https://www.oracle.com/cloud-native/container-engine-kubernetes/
88-
[CC]: http://github.com/oracle-actions/configure-oci-credentials
89-
[OSG]: https://docs.oracle.com/en-us/iaas/Content/Security/Concepts/security_guide.htm
90-
[BP]: https://docs.oracle.com/en-us/iaas/Content/Security/Reference/iam_security.htm
91-
[GHS]: https://docs.github.com/en/actions/reference/encrypted-secrets
92-
[SO]: https://docs.github.com/en/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-an-organization
93-
[CG]: /CONTRIBUTING.md
94-
[SD]: https://github.com/oracle-actions/configure-kubectl-oke/discussions
95-
[OI]: https://github.com/oracle-actions/configure-kubectl-oke/issues
96-
[SG]: ./SECURITY.md
60+
Copyright (c) 2021, 2022, Oracle and/or its affiliates.
61+
62+
Released under the Universal Permissive License v1.0 as shown at <https://oss.oracle.com/licenses/upl/>.
63+
64+
[1]: https://www.oracle.com/cloud-native/container-engine-kubernetes/
65+
[2]: https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/clienvironmentvariables.htm
66+
[3]: https://docs.github.com/en/actions/learn-github-actions/environment-variables
67+
[4]: /CONTRIBUTING.md
68+
[5]: ./SECURITY.md

0 commit comments

Comments
 (0)