feat: correct slsa and fix to digest

.github/PULL_REQUEST_TEMPLATE.md

@@ -15,6 +15,4 @@ following ourselves these points:
 - explain what and why in the body, if more than a trivial change, wrapping at
   72 characters
 
-If you have any issue or question, reach out us!
-https://clastix.slack.com >>> #capsule channel 
 -->

.github/workflows/docker-publish.yml

@@ -62,7 +62,7 @@ jobs:
       actions: read     # To read the workflow path.
     uses: slsa-framework/slsa-github-generator/.github/workflows/[email protected]
     with:
-      image: ghcr.io/${{ github.repository_owner }}/capsule/capsule
+      image: ghcr.io/${{ github.repository_owner }}/capsule
       digest: "${{ needs.publish-images.outputs.capsule-digest }}"
       registry-username: ${{ github.actor }}
     secrets:

Makefile

@@ -14,7 +14,7 @@ GIT_MODIFIED_2  ?= $(shell git diff --quiet && echo "" || echo ".dirty")
 GIT_MODIFIED    ?= $(shell echo "$(GIT_MODIFIED_1)$(GIT_MODIFIED_2)")
 GIT_REPO        ?= $(shell git config --get remote.origin.url)
 BUILD_DATE      ?= $(shell git log -1 --format="%at" | xargs -I{} sh -c 'if [ "$(shell uname)" = "Darwin" ]; then date -r {} +%Y-%m-%dT%H:%M:%S; else date -d @{} +%Y-%m-%dT%H:%M:%S; fi')
-IMG_BASE        ?= $(REPOSITORY)/capsule
+IMG_BASE        ?= $(REPOSITORY)
 IMG             ?= $(IMG_BASE):$(VERSION)
 CAPSULE_IMG     ?= $(REGISTRY)/$(IMG_BASE)
 
@@ -94,8 +94,9 @@ helm-docs: HELMDOCS_VERSION := v1.11.0
 helm-docs: docker
 	@docker run -v "$(SRC_ROOT):/helm-docs" jnorwood/helm-docs:$(HELMDOCS_VERSION) --chart-search-root /helm-docs
 
-helm-lint: ct
-	@ct lint --config $(SRC_ROOT)/.github/configs/ct.yaml --lint-conf $(SRC_ROOT)/.github/configs/lintconf.yaml --all --debug
+helm-lint: CT_VERSION := v3.3.1
+helm-lint: docker
+	@docker run -v "$(SRC_ROOT):/workdir" --entrypoint /bin/sh quay.io/helmpack/chart-testing:$(CT_VERSION) -c "cd /workdir; ct lint --config .github/configs/ct.yaml  --lint-conf .github/configs/lintconf.yaml  --all --debug"
 
 helm-test: kind ct ko-build-all
 	@kind create cluster --wait=60s --name capsule-charts

charts/capsule/README.md

@@ -22,29 +22,31 @@ The Capsule Operator Chart can be used to instantly deploy the Capsule Operator
 
 1. Add this repository:
 
-        $ helm repo add clastix https://clastix.github.io/charts
+        $ helm repo add projectcapsule https://projectcapsule.github.io/charts
 
 2. Install the Chart:
 
-        $ helm install capsule clastix/capsule -n capsule-system --create-namespace
+        $ helm install capsule projectcapsule/capsule -n capsule-system --create-namespace
+
+        or
+
+        $ helm install capsule oci://ghcr.io/projectcapsule/charts/capsule --version 0.4.6  -n capsule-system --create-namespace
 
 3. Show the status:
 
         $ helm status capsule -n capsule-system
 
 4. Upgrade the Chart
 
-        $ helm upgrade capsule clastix/capsule -n capsule-system
-
-5. Uninstall the Chart
-
-        $ helm uninstall capsule -n capsule-system
-
-### OCI Installation
+        $ helm upgrade capsule projectcapsule/capsule -n capsule-system
 
+        or
 
+        $ helm upgrade capsule oci://ghcr.io/projectcapsule/charts/capsule --version 0.4.7
 
+5. Uninstall the Chart
 
+        $ helm uninstall capsule -n capsule-system
 
 ## Customize the installation
 
@@ -100,11 +102,11 @@ Here the values you can override:
 |-----|------|---------|-------------|
 | manager.hostNetwork | bool | `false` | Specifies if the container should be started in hostNetwork mode.  Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working |
 | manager.image.pullPolicy | string | `"IfNotPresent"` | Set the image pull policy. |
-| manager.image.repository | string | `"clastix/capsule"` | Set the image repository of the capsule. |
+| manager.image.repository | string | `"projectcapsule/capsule"` | Set the image repository of the capsule. |
 | manager.image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. |
 | manager.kind | string | `"Deployment"` | Set the controller deployment mode as `Deployment` or `DaemonSet`. |
 | manager.livenessProbe | object | `{"httpGet":{"path":"/healthz","port":10080}}` | Configure the liveness probe using Deployment probe spec |
-| manager.options.capsuleUserGroups | list | `["capsule.clastix.io"]` | Override the Capsule user groups |
+| manager.options.capsuleUserGroups | list | `["capsule.projectcapsule.io"]` | Override the Capsule user groups |
 | manager.options.forceTenantPrefix | bool | `false` | Boolean, enforces the Tenant owner, during Namespace creation, to name it using the selected Tenant name as prefix, separated by a dash |
 | manager.options.generateCertificates | bool | `true` | Specifies whether capsule webhooks certificates should be generated by capsule operator |
 | manager.options.logLevel | string | `"4"` | Set the log verbosity of the capsule with a value from 1 to 10 |
@@ -202,7 +204,7 @@ Capsule, as many other add-ons, defines its own set of Custom Resource Definitio
 You can enable the generation of certificates using `cert-manager` as follows.
 
 ```
-helm upgrade --install capsule clastix/capsule --namespace capsule-system --create-namespace \
+helm upgrade --install capsule projectcapsule/capsule --namespace capsule-system --create-namespace \
   --set "certManager.generateCertificates=true" \
   --set "tls.create=false" \
   --set "tls.enableController=false"

charts/capsule/README.md.gotmpl

@@ -22,19 +22,27 @@ The Capsule Operator Chart can be used to instantly deploy the Capsule Operator
 
 1. Add this repository:
 
-        $ helm repo add clastix https://clastix.github.io/charts
+        $ helm repo add projectcapsule https://projectcapsule.github.io/charts
 
 2. Install the Chart:
 
-        $ helm install capsule clastix/capsule -n capsule-system --create-namespace
+        $ helm install capsule projectcapsule/capsule -n capsule-system --create-namespace
+
+        or
+
+        $ helm install capsule oci://ghcr.io/projectcapsule/charts/capsule --version 0.4.6  -n capsule-system --create-namespace
 
 3. Show the status:
 
         $ helm status capsule -n capsule-system
 
 4. Upgrade the Chart
 
-        $ helm upgrade capsule clastix/capsule -n capsule-system
+        $ helm upgrade capsule projectcapsule/capsule -n capsule-system
+
+        or
+
+        $ helm upgrade capsule oci://ghcr.io/projectcapsule/charts/capsule --version 0.4.7
 
 5. Uninstall the Chart
 
@@ -132,7 +140,7 @@ Capsule, as many other add-ons, defines its own set of Custom Resource Definitio
 You can enable the generation of certificates using `cert-manager` as follows.
 
 ```
-helm upgrade --install capsule clastix/capsule --namespace capsule-system --create-namespace \
+helm upgrade --install capsule projectcapsule/capsule --namespace capsule-system --create-namespace \
   --set "certManager.generateCertificates=true" \
   --set "tls.create=false" \
   --set "tls.enableController=false"

charts/capsule/values.yaml

@@ -19,7 +19,7 @@ manager:
 
   image:
     # -- Set the image repository of the capsule.
-    repository: clastix/capsule
+    repository: projectcapsule/capsule
     # -- Set the image pull policy.
     pullPolicy: IfNotPresent
     # -- Overrides the image tag whose default is the chart appVersion.
@@ -46,7 +46,7 @@ manager:
     # -- Boolean, enforces the Tenant owner, during Namespace creation, to name it using the selected Tenant name as prefix, separated by a dash
     forceTenantPrefix: false
     # -- Override the Capsule user groups
-    capsuleUserGroups: ["capsule.clastix.io"]
+    capsuleUserGroups: ["capsule.projectcapsule.io"]
     # -- If specified, disallows creation of namespaces matching the passed regexp
     protectedNamespaceRegex: ""
     # -- Specifies whether capsule webhooks certificates should be generated by capsule operator