chore: rebrand from squat/kilo to cozystack/kilo

.github/workflows/ci.yml

@@ -150,15 +150,43 @@ jobs:
       uses: docker/setup-qemu-action@v2
       with:
         platforms: all
-    - name: Login to DockerHub
+    - name: Login to GHCR
       if: github.event_name != 'pull_request'
       uses: docker/login-action@v2
       with:
-        username: ${{ secrets.DOCKER_USERNAME }}
-        password: ${{ secrets.DOCKER_PASSWORD }}
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
     - name: Build and push
       if: github.event_name != 'pull_request'
       run: make manifest
     - name: Build and push latest
       if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
       run: make manifest-latest
+
+  bump-manifests:
+    if: startsWith(github.ref, 'refs/tags/v')
+    needs: [push]
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        ref: main
+    - name: Get version from tag
+      id: version
+      run: echo "VERSION=${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
+    - name: Update manifest versions
+      run: |
+        sed -i 's|image: ghcr.io/cozystack/cozystack/kilo:v[0-9]*\.[0-9]*\.[0-9]*|image: ghcr.io/cozystack/cozystack/kilo:${{ steps.version.outputs.VERSION }}|g' manifests/*.yaml e2e/*.yaml
+    - name: Create Pull Request
+      uses: peter-evans/create-pull-request@v7
+      with:
+        commit-message: "chore: bump kilo image to ${{ steps.version.outputs.VERSION }}"
+        signoff: true
+        title: "chore(manifests): bump kilo image to ${{ steps.version.outputs.VERSION }}"
+        body: |
+          Automated PR to update manifest image versions to `${{ steps.version.outputs.VERSION }}`.
+        branch: "chore/bump-manifests-${{ steps.version.outputs.VERSION }}"

Dockerfile

@@ -9,7 +9,7 @@ RUN apk add --no-cache curl && \
 FROM $FROM
 ARG GOARCH
 ARG ALPINE_VERSION=v3.20
-LABEL maintainer="squat <lserven@gmail.com>"
+LABEL maintainer="Cozystack <https://github.com/cozystack>"
 RUN echo -e "https://alpine.global.ssl.fastly.net/alpine/$ALPINE_VERSION/main\nhttps://alpine.global.ssl.fastly.net/alpine/$ALPINE_VERSION/community" > /etc/apk/repositories && \
     apk add --no-cache ipset iptables ip6tables graphviz font-noto
 COPY --from=cni bridge host-local loopback portmap /opt/cni/bin/

Makefile

@@ -12,9 +12,9 @@ else
 endif
 RELEASE_BINS := $(addprefix bin/release/kgctl-, $(addprefix linux-, $(ALL_ARCH)) darwin-amd64 darwin-arm64 windows-amd64)
 PROJECT := kilo
-PKG := github.com/squat/$(PROJECT)
-REGISTRY ?= index.docker.io
-IMAGE ?= squat/$(PROJECT)
+PKG := github.com/cozystack/$(PROJECT)
+REGISTRY ?= ghcr.io
+IMAGE ?= cozystack/cozystack/$(PROJECT)
 FULLY_QUALIFIED_IMAGE := $(REGISTRY)/$(IMAGE)
 
 TAG := $(shell git describe --abbrev=0 --tags HEAD 2>/dev/null)

README.md

@@ -4,9 +4,8 @@
 
 Kilo is a multi-cloud network overlay built on WireGuard and designed for Kubernetes.
 
-[![Build Status](https://github.com/squat/kilo/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/squat/kilo/actions/workflows/ci.yml)
-[![Go Report Card](https://goreportcard.com/badge/github.com/squat/kilo)](https://goreportcard.com/report/github.com/squat/kilo)
-[![Docker Pulls](https://img.shields.io/docker/pulls/squat/kilo)](https://hub.docker.com/r/squat/kilo)
+[![Build Status](https://github.com/cozystack/kilo/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/cozystack/kilo/actions/workflows/ci.yml)
+[![Go Report Card](https://goreportcard.com/badge/github.com/cozystack/kilo)](https://goreportcard.com/report/github.com/cozystack/kilo)
 [![Slack](https://img.shields.io/badge/join%20slack-%23kilo-brightgreen.svg)](https://slack.k8s.io/)
 
 ## Overview
@@ -72,29 +71,29 @@ Kilo can be installed by deploying a DaemonSet to the cluster.
 To run Kilo on kubeadm:
 
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/crds.yaml
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/kilo-kubeadm.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/crds.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/kilo-kubeadm.yaml
 ```
 
 To run Kilo on bootkube:
 
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/crds.yaml
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/kilo-bootkube.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/crds.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/kilo-bootkube.yaml
 ```
 
 To run Kilo on Typhoon:
 
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/crds.yaml
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/kilo-typhoon.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/crds.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/kilo-typhoon.yaml
 ```
 
 To run Kilo on k3s:
 
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/crds.yaml
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/kilo-k3s.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/crds.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/kilo-k3s.yaml
 ```
 
 ## Add-on Mode
@@ -106,11 +105,11 @@ Kilo currently supports running on top of Flannel.
 For example, to run Kilo on a Typhoon cluster running Flannel:
 
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/crds.yaml
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/kilo-typhoon-flannel.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/crds.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/kilo-typhoon-flannel.yaml
 ```
 
-[See the manifests directory for more examples](https://github.com/squat/kilo/tree/main/manifests).
+[See the manifests directory for more examples](https://github.com/cozystack/kilo/tree/main/manifests).
 
 ## VPN
 

cmd/kg/handlers.go

@@ -26,7 +26,7 @@ import (
 
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 
-	"github.com/squat/kilo/pkg/mesh"
+	"github.com/cozystack/kilo/pkg/mesh"
 )
 
 type graphHandler struct {

cmd/kg/main.go

@@ -38,12 +38,12 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 
-	"github.com/squat/kilo/pkg/encapsulation"
-	"github.com/squat/kilo/pkg/k8s"
-	kiloclient "github.com/squat/kilo/pkg/k8s/clientset/versioned"
-	"github.com/squat/kilo/pkg/mesh"
-	"github.com/squat/kilo/pkg/version"
-	"github.com/squat/kilo/pkg/wireguard"
+	"github.com/cozystack/kilo/pkg/encapsulation"
+	"github.com/cozystack/kilo/pkg/k8s"
+	kiloclient "github.com/cozystack/kilo/pkg/k8s/clientset/versioned"
+	"github.com/cozystack/kilo/pkg/mesh"
+	"github.com/cozystack/kilo/pkg/version"
+	"github.com/cozystack/kilo/pkg/wireguard"
 )
 
 const (

cmd/kg/webhook.go

@@ -35,8 +35,8 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 
-	kilo "github.com/squat/kilo/pkg/k8s/apis/kilo/v1alpha1"
-	"github.com/squat/kilo/pkg/version"
+	kilo "github.com/cozystack/kilo/pkg/k8s/apis/kilo/v1alpha1"
+	"github.com/cozystack/kilo/pkg/version"
 )
 
 var webhookCmd = &cobra.Command{

cmd/kgctl/connect_linux.go

@@ -37,11 +37,11 @@ import (
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	"github.com/squat/kilo/pkg/iproute"
-	"github.com/squat/kilo/pkg/k8s/apis/kilo/v1alpha1"
-	"github.com/squat/kilo/pkg/mesh"
-	"github.com/squat/kilo/pkg/route"
-	"github.com/squat/kilo/pkg/wireguard"
+	"github.com/cozystack/kilo/pkg/iproute"
+	"github.com/cozystack/kilo/pkg/k8s/apis/kilo/v1alpha1"
+	"github.com/cozystack/kilo/pkg/mesh"
+	"github.com/cozystack/kilo/pkg/route"
+	"github.com/cozystack/kilo/pkg/wireguard"
 )
 
 var (

cmd/kgctl/graph.go

@@ -20,7 +20,7 @@ import (
 	"github.com/spf13/cobra"
 	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 
-	"github.com/squat/kilo/pkg/mesh"
+	"github.com/cozystack/kilo/pkg/mesh"
 )
 
 func graph() *cobra.Command {

cmd/kgctl/main.go

@@ -27,10 +27,10 @@ import (
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/tools/clientcmd"
 
-	"github.com/squat/kilo/pkg/k8s"
-	kiloclient "github.com/squat/kilo/pkg/k8s/clientset/versioned"
-	"github.com/squat/kilo/pkg/mesh"
-	"github.com/squat/kilo/pkg/version"
+	"github.com/cozystack/kilo/pkg/k8s"
+	kiloclient "github.com/cozystack/kilo/pkg/k8s/clientset/versioned"
+	"github.com/cozystack/kilo/pkg/mesh"
+	"github.com/cozystack/kilo/pkg/version"
 )
 
 const (

cmd/kgctl/showconf.go

@@ -29,9 +29,9 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/runtime/serializer/json"
 
-	"github.com/squat/kilo/pkg/k8s/apis/kilo/v1alpha1"
-	"github.com/squat/kilo/pkg/mesh"
-	"github.com/squat/kilo/pkg/wireguard"
+	"github.com/cozystack/kilo/pkg/k8s/apis/kilo/v1alpha1"
+	"github.com/cozystack/kilo/pkg/mesh"
+	"github.com/cozystack/kilo/pkg/wireguard"
 )
 
 const (

docs/building_kilo.md

@@ -14,7 +14,7 @@ To follow along, you need to install the following utilities:
 
 Clone the Repository and `cd` into it.
 ```shell
-git clone https://github.com/squat/kilo.git
+git clone https://github.com/cozystack/kilo.git
 cd kilo
 ```
 
@@ -97,4 +97,4 @@ make manifest-latest
 ```
 
 Now you can deploy the custom build of Kilo to your cluster.
-If you are already running Kilo, change the image from `squat/kilo` to `[registry/]<username>/kilo[:sha]`.
+If you are already running Kilo, change the image from `cozystack/kilo` to `[registry/]<username>/kilo[:sha]`.

docs/kg.md

@@ -8,7 +8,7 @@ It performs several key functions, including:
 * maintaining routing table entries and iptables rules.
 
 `kg` is typically installed on all nodes of a Kubernetes cluster using a DaemonSet.
-Example manifests can be found [in the manifests directory](https://github.com/squat/kilo/tree/main/manifests).
+Example manifests can be found [in the manifests directory](https://github.com/cozystack/kilo/tree/main/manifests).
 
 ## Usage
 

docs/kgctl.md

@@ -6,20 +6,20 @@ This tool can be used to understand a mesh's topology, get the WireGuard configu
 
 ## Installation
 
-The `kgctl` binary is automatically compiled for Linux, macOS, and Windows for every release of Kilo and can be downloaded from [the GitHub releases page](https://github.com/squat/kilo/releases/latest).
+The `kgctl` binary is automatically compiled for Linux, macOS, and Windows for every release of Kilo and can be downloaded from [the GitHub releases page](https://github.com/cozystack/kilo/releases/latest).
 
 ### Building from Source
 Kilo is written in Golang and as a result the [Go toolchain must be installed](https://golang.org/doc/install) in order to build the `kgctl` binary.
 To download the Kilo source code and then build and install `kgctl` using the latest commit all with a single command, run:
 
 ```shell
-go install github.com/squat/kilo/cmd/kgctl@latest
+go install github.com/cozystack/kilo/cmd/kgctl@latest
 ```
 
 Alternatively, `kgctl` can be built and installed based on specific version of the code by specifying a Git tag or hash, e.g.:
 
 ```shell
-go install github.com/squat/kilo/cmd/[email protected]
+go install github.com/cozystack/kilo/cmd/[email protected]
 ```
 
 When working on Kilo locally, it can be helpful to build and test the `kgctl` binary as part of the development cycle.

docs/monitoring.md

@@ -6,23 +6,23 @@ The following assumes that you have applied the [kube-prometheus](https://github
 
 Monitor the Kilo DaemonSet with:
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/podmonitor.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/podmonitor.yaml
 ```
 
 ## WireGuard
 
 Monitor the WireGuard interfaces with:
 ```shell
 kubectl create ns kilo
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/wg-exporter.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/wg-exporter.yaml
 ```
 
 The manifest will deploy the [Prometheus WireGuard Exporter](https://github.com/MindFlavor/prometheus_wireguard_exporter) as a DaemonSet and a [PodMonitor](https://docs.openshift.com/container-platform/4.8/rest_api/monitoring_apis/podmonitor-monitoring-coreos-com-v1.html).
 
 By default the kube-prometheus stack only monitors the `default`, `kube-system` and `monitoring` namespaces.
 In order to allow Prometheus to monitor the `kilo` namespace, apply the Role and RoleBinding with:
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/wg-exporter-role-kube-prometheus.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/wg-exporter-role-kube-prometheus.yaml
 ```
 
 ## Metrics
@@ -91,7 +91,7 @@ kubectl -n monitoring port-forward svc/grafana 3000
 Now navigate your browser to `localhost:3000`.
 The default user and password is `admin` `admin`.
 
-An example configuration for a dashboard displaying Kilo metrics can be found [here](https://raw.githubusercontent.com/squat/kilo/main/docs/grafana/kilo.json).
+An example configuration for a dashboard displaying Kilo metrics can be found [here](https://raw.githubusercontent.com/cozystack/kilo/main/docs/grafana/kilo.json).
 You can import this dashboard by hitting **+** -> **Import** on the Grafana dashboard.
 
 The dashboard looks like this:

docs/network-policies.md

@@ -10,7 +10,7 @@ Support for [Kubernetes network policies](https://kubernetes.io/docs/concepts/se
 The following command adds network policy support by deploying kube-router to work alongside Kilo:
 
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/kube-router.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/kube-router.yaml
 ```
 
 ## Examples

docs/peer-validation.md

@@ -9,13 +9,13 @@ Once such a configuration is applied, the Kubernetes API server will send an Adm
 With regard to the [failure policy](https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#failure-policy), the API server will apply the requested changes to a resource if the request was answered with `"allowed": true`, or deny the changes if the answer was `"allowed": false`.
 
 In case of Kilo Peer Validation, the specified operations are `UPDATE` and `CREATE`, the resources are `Peers`, and the default `failurePolicy` is set to `Fail`.
-View the full ValidatingWebhookConfiguration [here](https://github.com/squat/kilo/blob/main/manifests/peer-validation.yaml).
+View the full ValidatingWebhookConfiguration [here](https://github.com/cozystack/kilo/blob/main/manifests/peer-validation.yaml).
 
 ## Getting Started
 
 Apply the Service, the Deployment of the actual webserver, and the ValidatingWebhookConfiguration with:
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/blob/main/manifests/peer-validation.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/blob/main/manifests/peer-validation.yaml
 ```
 
 The Kubernetes API server will only talk to webhook servers via TLS so the Kilo-Peer-Validation server must be given a valid TLS certificate and key, and the API server must be told what certificate authority (CA) to trust.

docs/userspace-wireguard.md

@@ -18,8 +18,8 @@ This DaemonSet creates a WireGuard interface that Kilo will manage.
 An example configuration for a K3s cluster with [BoringTun] can be applied with:
 
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/crds.yaml
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/kilo-k3s-userspace.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/crds.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/kilo-k3s-userspace.yaml
 ```
 
 > **Note**: even if some nodes have the WireGuard kernel module, this configuration will cause all nodes to use the userspace implementation of WireGuard.
@@ -30,8 +30,8 @@ In a heterogeneous cluster where some nodes are missing the WireGuard kernel mod
 An example of such a configuration for a K3s cluster can by applied with:
 
 ```shell
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/crds.yaml
-kubectl apply -f https://raw.githubusercontent.com/squat/kilo/main/manifests/kilo-k3s-userspace-heterogeneous.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/crds.yaml
+kubectl apply -f https://raw.githubusercontent.com/cozystack/kilo/main/manifests/kilo-k3s-userspace-heterogeneous.yaml
 ```
 
 This configuration will deploy [nkml](https://github.com/leonnicolas/nkml) as a DaemonSet to label all nodes according to the presence of the WireGuard kernel module.

e2e/kilo-kind-userspace.yaml

@@ -101,7 +101,7 @@ spec:
       hostNetwork: true
       containers:
       - name: kilo
-        image: squat/kilo:test
+        image: ghcr.io/cozystack/cozystack/kilo:test
         imagePullPolicy: Never
         args:
         - --hostname=$(NODE_NAME)
@@ -149,7 +149,7 @@ spec:
           readOnly: false
       initContainers:
       - name: install-cni
-        image: squat/kilo:test
+        image: ghcr.io/cozystack/cozystack/kilo:test
         imagePullPolicy: Never
         command:
         - /bin/sh

go.mod

@@ -1,4 +1,4 @@
-module github.com/squat/kilo
+module github.com/cozystack/kilo
 
 go 1.18
 

manifests/kilo-bootkube-flannel.yaml

@@ -67,7 +67,7 @@ spec:
       hostNetwork: true
       containers:
       - name: kilo
-        image: squat/kilo:0.6.0
+        image: ghcr.io/cozystack/cozystack/kilo:v0.7.0
         args:
         - --kubeconfig=/etc/kubernetes/kubeconfig
         - --hostname=$(NODE_NAME)