Rename to semaphore-policy

.gitignore

@@ -1 +1 @@
-kube-policy-semaphore
+semaphore-policy

Dockerfile

@@ -1,14 +1,14 @@
 FROM golang:1.16-alpine AS build
-WORKDIR /go/src/github.com/utilitywarehouse/kube-policy-semaphore
-COPY . /go/src/github.com/utilitywarehouse/kube-policy-semaphore
+WORKDIR /go/src/github.com/utilitywarehouse/semaphore-policy
+COPY . /go/src/github.com/utilitywarehouse/semaphore-policy
 ENV CGO_ENABLED=0
 RUN \
   apk --no-cache add git upx \
   && go get -t ./... \
   && go test -v \
-  && go build -ldflags='-s -w' -o /kube-policy-semaphore . \
-  && upx /kube-policy-semaphore
+  && go build -ldflags='-s -w' -o /semaphore-policy . \
+  && upx /semaphore-policy
 
 FROM alpine:3.13
-COPY --from=build /kube-policy-semaphore /kube-policy-semaphore
-ENTRYPOINT [ "/kube-policy-semaphore" ]
+COPY --from=build /semaphore-policy /semaphore-policy
+ENTRYPOINT [ "/semaphore-policy" ]

README.md

@@ -1,17 +1,17 @@
-# kube-policy-semaphore
+# semaphore-policy
 
 This is an kubernetes operator that watches pods on a remote cluster based on
-a label and an annotation, and creates and manages local calico
-GlobalNetworkSets resources that contain the watched pods' ip addresses. As a
-result, we can use the produced sets of ips to create local NetworkPolicies for
-kubernetes cross cluster pod to pod communication.
+a label and creates and manages local calico GlobalNetworkSets resources that
+contain the watched pods' ip addresses. As a result, we can use the produced
+sets of ips to create local NetworkPolicies for kubernetes cross cluster pod to
+pod communication.
 
 # Usage
 
 ## Flags
 
 ```
-Usage of ./kube-policy-semaphore:
+Usage of ./semaphore-policy:
   -full-store-resync-period duration
         Frequency to perform a full network set store resync from cache to calico GlocalNetworkPolicies (default 1h0m0s)
   -local-kube-config string
@@ -34,7 +34,7 @@ Usage of ./kube-policy-semaphore:
 
 ## Operator
 
-  Kube-policy-semaphore will watch the target cluster pods which are labelled
+  The policy operator will watch the target cluster pods which are labelled
 with: `semaphore.uw.systems/name`. For these pods it will extract a name from
 the label and will use it along with the namespace of the pod and the cluster it
 resides to create a GlobalNetworkSet resource (or amend an existing one) on the
@@ -102,7 +102,7 @@ is able to bind to GlobalNetworkSets.
 
 # Deploy
 
-In order to deploy kube-policy-semaphore, first we need to deploy a service
+In order to deploy semaphore-policy, first we need to deploy a service
 account to the remote target cluster and grant it the required permissions to
 be able to watch pods. For that one could use our kustomize [base](./deploy/kustomize/remote/)
 directly.

calico/calico.go

@@ -9,7 +9,7 @@ import (
 	calicoOptions "github.com/projectcalico/libcalico-go/lib/options"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	"github.com/utilitywarehouse/kube-policy-semaphore/metrics"
+	"github.com/utilitywarehouse/semaphore-policy/metrics"
 )
 
 // NewClient return a calico client

deploy/example/deployment.yaml

@@ -1,27 +1,27 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: kube-policy-semaphore
+  name: semaphore-policy
   labels:
-    app: kube-policy-semaphore
+    app: semaphore-policy
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: kube-policy-semaphore
+      app: semaphore-policy
   template:
     metadata:
       labels:
-        app: kube-policy-semaphore
+        app: semaphore-policy
       annotations:
         prometheus.io/scrape: 'true'
         prometheus.io/path: /metrics
         prometheus.io/port: '8080'
     spec:
-      serviceAccountName: kube-policy-semaphore
+      serviceAccountName: semaphore-policy
       containers:
-        - name: kube-policy-semaphore
-          image: kube-policy-semaphore
+        - name: semaphore-policy
+          image: semaphore-policy
           env:
             - name: KPS_REMOTE_SERVICE_ACCOUNT_TOKEN
               valueFrom:

deploy/example/kustomization.yaml

@@ -9,6 +9,6 @@ secretGenerator:
     files:
       - token=secrets/target-kube-token
 images:
-  - name: kube-policy-semaphore
-    newName: quay.io/utilitywarehouse/kube-policy-semaphore
+  - name: semaphore-policy
+    newName: quay.io/utilitywarehouse/semaphore-policy
     newTag: latest

deploy/example/rbac.yaml

@@ -1,7 +1,7 @@
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: kube-policy-semaphore
+  name: semaphore-policy
 rules:
   - apiGroups: ['crd.projectcalico.org']
     resources:
@@ -16,17 +16,17 @@ rules:
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: kube-policy-semaphore
+  name: semaphore-policy
 subjects:
   - kind: ServiceAccount
-    name: kube-policy-semaphore
+    name: semaphore-policy
     namespace: kube-system
 roleRef:
   kind: ClusterRole
-  name: kube-policy-semaphore
+  name: semaphore-policy
   apiGroup: rbac.authorization.k8s.io
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: kube-policy-semaphore
+  name: semaphore-policy

deploy/kustomize/remote/rbac.yaml

@@ -1,7 +1,7 @@
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: kube-policy-semaphore-watcher
+  name: semaphore-policy-watcher
 rules:
   - apiGroups: ['']
     resources:
@@ -11,18 +11,18 @@ rules:
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: kube-policy-semaphore-watcher
+  name: semaphore-policy-watcher
 subjects:
   - kind: ServiceAccount
-    name: kube-policy-semaphore-watcher
+    name: semaphore-policy-watcher
     namespace: kube-system
 roleRef:
   kind: ClusterRole
-  name: kube-policy-semaphore-watcher
+  name: semaphore-policy-watcher
   apiGroup: rbac.authorization.k8s.io
 ---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: kube-policy-semaphore-watcher
+  name: semaphore-policy-watcher
   namespace: kube-system

go.mod

@@ -1,4 +1,4 @@
-module github.com/utilitywarehouse/kube-policy-semaphore
+module github.com/utilitywarehouse/semaphore-policy
 
 go 1.16
 

kube/client.go

@@ -17,7 +17,7 @@ import (
 	// in case of local kube config
 	_ "k8s.io/client-go/plugin/pkg/client/auth/oidc"
 
-	"github.com/utilitywarehouse/kube-policy-semaphore/log"
+	"github.com/utilitywarehouse/semaphore-policy/log"
 )
 
 type certMan struct {

kube/pod_watcher.go

@@ -12,8 +12,8 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/cache"
 
-	"github.com/utilitywarehouse/kube-policy-semaphore/log"
-	"github.com/utilitywarehouse/kube-policy-semaphore/metrics"
+	"github.com/utilitywarehouse/semaphore-policy/log"
+	"github.com/utilitywarehouse/semaphore-policy/metrics"
 )
 
 // PodEventHandler is the function to handle new events

main.go

@@ -11,32 +11,32 @@ import (
 	"time"
 
 	"github.com/prometheus/client_golang/prometheus/promhttp"
-	"github.com/utilitywarehouse/kube-policy-semaphore/calico"
-	"github.com/utilitywarehouse/kube-policy-semaphore/kube"
-	"github.com/utilitywarehouse/kube-policy-semaphore/log"
+	"github.com/utilitywarehouse/semaphore-policy/calico"
+	"github.com/utilitywarehouse/semaphore-policy/kube"
+	"github.com/utilitywarehouse/semaphore-policy/log"
 	"k8s.io/client-go/kubernetes"
 )
 
 const (
 	labelManagedBy       = "managed-by"
-	valueManagedBy       = "kube-policy-semaphore"
+	valueManagedBy       = "semaphore-policy"
 	labelNetSetCluster   = "semaphore.uw.systems/cluster"
 	labelNetSetName      = "semaphore.uw.systems/name"
 	labelNetSetNamespace = "semaphore.uw.systems/namespace"
 )
 
 var (
-	flagKubeConfigPath        = flag.String("local-kube-config", getEnv("KPS_LOCAL_KUBE_CONFIG", ""), "Path of the local kube cluster config file, if not provided the app will try to get in cluster config")
-	flagTargetKubeConfigPath  = flag.String("target-kube-config", getEnv("KPS_TARGET_KUBE_CONFIG", ""), "(Required) Path of the target cluster kube config file to watch pods")
-	flagLogLevel              = flag.String("log-level", getEnv("KPS_LOG_LEVEL", "info"), "Log level")
-	flagRemoteAPIURL          = flag.String("remote-api-url", getEnv("KPS_REMOTE_API_URL", ""), "Remote Kubernetes API server URL")
-	flagRemoteCAURL           = flag.String("remote-ca-url", getEnv("KPS_REMOTE_CA_URL", ""), "Remote Kubernetes CA certificate URL")
-	flagRemoteSATokenPath     = flag.String("remote-sa-token-path", getEnv("KPS_REMOTE_SERVICE_ACCOUNT_TOKEN_PATH", ""), "Remote Kubernetes cluster token path")
+	flagKubeConfigPath        = flag.String("local-kube-config", getEnv("SP_LOCAL_KUBE_CONFIG", ""), "Path of the local kube cluster config file, if not provided the app will try to get in cluster config")
+	flagTargetKubeConfigPath  = flag.String("target-kube-config", getEnv("SP_TARGET_KUBE_CONFIG", ""), "(Required) Path of the target cluster kube config file to watch pods")
+	flagLogLevel              = flag.String("log-level", getEnv("SP_LOG_LEVEL", "info"), "Log level")
+	flagRemoteAPIURL          = flag.String("remote-api-url", getEnv("SP_REMOTE_API_URL", ""), "Remote Kubernetes API server URL")
+	flagRemoteCAURL           = flag.String("remote-ca-url", getEnv("SP_REMOTE_CA_URL", ""), "Remote Kubernetes CA certificate URL")
+	flagRemoteSATokenPath     = flag.String("remote-sa-token-path", getEnv("SP_REMOTE_SERVICE_ACCOUNT_TOKEN_PATH", ""), "Remote Kubernetes cluster token path")
 	flagFullStoreResyncPeriod = flag.Duration("full-store-resync-period", 60*time.Minute, "Frequency to perform a full network set store resync from cache to calico GlocalNetworkPolicies")
 	flagPodResyncPeriod       = flag.Duration("pod-resync-period", 60*time.Minute, "Pod watcher cache resync period")
-	flagTargetCluster         = flag.String("target-cluster-name", getEnv("KPS_TARGET_CLUSTER_NAME", ""), "(required) The name of the cluster from which pods are synced as networksets. It will also be used as a prefix used when creating network sets.")
+	flagTargetCluster         = flag.String("target-cluster-name", getEnv("SP_TARGET_CLUSTER_NAME", ""), "(required) The name of the cluster from which pods are synced as networksets. It will also be used as a prefix used when creating network sets.")
 
-	saToken  = os.Getenv("KPS_REMOTE_SERVICE_ACCOUNT_TOKEN")
+	saToken  = os.Getenv("SP_REMOTE_SERVICE_ACCOUNT_TOKEN")
 	bearerRe = regexp.MustCompile(`[A-Z|a-z0-9\-\._~\+\/]+=*`)
 )
 
@@ -55,7 +55,7 @@ func getEnv(key, defaultValue string) string {
 
 func main() {
 	flag.Parse()
-	log.InitLogger("kube-policy-semaphore", *flagLogLevel)
+	log.InitLogger("semaphore-policy", *flagLogLevel)
 	if *flagTargetCluster == "" {
 		log.Logger.Error("Must specify non-empty target cluster naeme for the created globalnetworksets")
 		usage()

metrics/prometheus.go

@@ -1,5 +1,5 @@
 // Package metrics contains global structures for capturing
-// kube-policy-semaphore metrics. The following metrics are implemented:
+// semaphore-policy metrics. The following metrics are implemented:
 //
 //   - kube_policy_semaphore_calico_client_request{"type", "success"}
 //   - kube_policy_semaphore_pod_watcher_failures{"type"}

networksets.go

@@ -6,9 +6,9 @@ import (
 
 	calicoClient "github.com/projectcalico/libcalico-go/lib/clientv3"
 
-	"github.com/utilitywarehouse/kube-policy-semaphore/calico"
-	"github.com/utilitywarehouse/kube-policy-semaphore/log"
-	"github.com/utilitywarehouse/kube-policy-semaphore/metrics"
+	"github.com/utilitywarehouse/semaphore-policy/calico"
+	"github.com/utilitywarehouse/semaphore-policy/log"
+	"github.com/utilitywarehouse/semaphore-policy/metrics"
 )
 
 type NetworkSet struct {

networksets_test.go

@@ -5,7 +5,7 @@ import (
 
 	"github.com/stretchr/testify/assert"
 
-	"github.com/utilitywarehouse/kube-policy-semaphore/log"
+	"github.com/utilitywarehouse/semaphore-policy/log"
 )
 
 func TestNetworkSets(t *testing.T) {

runner.go

@@ -10,8 +10,8 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/cache"
 
-	"github.com/utilitywarehouse/kube-policy-semaphore/kube"
-	"github.com/utilitywarehouse/kube-policy-semaphore/log"
+	"github.com/utilitywarehouse/semaphore-policy/kube"
+	"github.com/utilitywarehouse/semaphore-policy/log"
 )
 
 type Runner struct {