diff --git a/README.md b/README.md
index cb03afd..488c932 100644
--- a/README.md
+++ b/README.md
@@ -92,29 +92,29 @@ you must first add your GitHub repository to [github-repositories-terraform](htt
### Inputs
-| Name | Description | Required | Default |
-| ------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | -------------------------------------- |
-| `ACR_NAME` | Name of the Azure Container Registry to push to. | no | `containerregistryelvia` |
-| `ACR_SUBSCRIPTION_ID` | Subscription ID of the Azure Container Registry to push to. | no | `9edbf217-b7c1-4f6a-ae76-d046cf932ff0` |
-| `AZURE_CLIENT_ID` | ClientId of a service principal that can push to Azure Container Registry. | no | |
-| `AZURE_TENANT_ID` | TenantId of a service principal that can push to Azure Container Registry. | no | `2186a6ec-c227-4291-9806-d95340bf439d` |
-| `checkout` | If `true`, the action will check out the repository. If `false`, the action will assume the repository has already been checked out. | no | `true` |
-| `csproj-file` | :warning: **DEPRECATED**: _Please use `project-file` instead, which is a drop-in replacement. `csproj-file` will be removed in the future._ :warning:
Path to a csproj-file, e.g. `src/my-app/my-app.csproj`. | no | |
-| `docker-additional-tags` | Comma-separated list of additional tags to add to the image. | no | |
-| `docker-build-context` | Docker build context, which is the working directory needed to build the Docker image. This is relative to the root of the repository. Defaults to the directory of `project-file`. | no | |
-| `docker-cache-tag` | Tag used for getting build cache from registry. This tag is also pushed on every build, together with `github.sha-github.run_number`. This action will not push a `latest` tag; if you want a `latest` tag, you can use this input or `docker-additional-tags`. | no | `latest-cache` |
-| `docker-include-dirs` | Comma-separated list of directories to copy into the Docker image. | no | |
-| `docker-include-files` | Comma-separated list of files to copy into the Docker image. | no | |
-| `dockerfile` | :warning: **DEPRECATED**: _Please use `project-file` instead, which is a drop-in replacement. `dockerfile` will be removed in the future._ :warning:
Path to a Dockerfile, e.g. `src/Dockerfile`. | no | |
-| `go-main-package-dir` | Where the main package directory for Go projects is located, e.g. `./cmd/my-app`. Defaults to `./cmd/inputs.name`. | no | |
-| `name` | Name of application. This will be used as the image name. For Elvia applications, do not include the namespace. | yes | |
-| `namespace` | Namespace or system of the application. This is only relevant for Elvia applications. | no | |
-| `project-file` | Path to a `.csproj`-file for .NET, a `go.mod` file for Go or a Dockerfile for any other project. E.g. `applications/my-app/my-app.csproj`, `pkg/my-app/go.mod` or `src/Dockerfile`. If you require files outside the directory of the `project-file` to build your application, you will need to set `docker-build-context`. | no | |
-| `registry` | What container registry to use, either `acr` or `ghcr`. If set to `acr`, credentials for Azure Container Registry will default to Elvia values. You can also set these explictly to point to your own ACR. Using ACR requires the permissions `id-token: write` to access the registry using OIDC. If set to `ghcr`, the action will use the GitHub Container Registry. Using GHCR requires the `packages: write` permission to push to the registry. | no | `acr` |
-| `severity` | Severity levels to scan for. See [Trivy documentation](https://github.com/aquasecurity/trivy-action?tab=readme-ov-file#inputs) for more information. | no | `CRITICAL` |
-| `trivy-cve-ignores` | Comma-separated list of CVEs for Trivy to ignore. See [Trivy documentation](https://aquasecurity.github.io/trivy/v0.49/docs/configuration/filtering/#trivyignore) for syntax. | no | |
-| `trivy-post-comment` | If `true`, the action will post a comment to the PR with the Trivy scan results. The comment will only be posted if the action is ran on a pull request. This action requires the permission `pull-requests: write` to be set for the job. | no | `false` |
-| `trivy-upload-report` | If `true`, the action will upload Trivy scan results to GitHub Advanced Security. This actions requires GitHub Advanced Security to be enabled for the repository, and the permissions `actions: read` and `security-events: write` to be set for the job. | no | `false` |
+| Name | Description | Required | Default |
+| ------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | -------------- |
+| `ACR_NAME` | Name of the Azure Container Registry to push to. Only required if using your own ACR. | no | |
+| `AZURE_CLIENT_ID` | Client ID of a service principal that can push to Azure Container Registry. | no | |
+| `AZURE_TENANT_ID` | Tenant ID of the Azure Container Registry to push to. Only required if using your own ACR. | no | |
+| `GC_PROJECT_ID` | Project ID of the Google Cloud project to push to. Only required if using GCR. | no | |
+| `checkout` | If `true`, the action will check out the repository. If `false`, the action will assume the repository has already been checked out. | no | `true` |
+| `csproj-file` | :warning: **DEPRECATED**: _Please use `project-file` instead, which is a drop-in replacement. `csproj-file` will be removed in the future._ :warning:
Path to a csproj-file, e.g. `src/my-app/my-app.csproj`. | no | |
+| `docker-additional-tags` | Comma-separated list of additional tags to add to the image. | no | |
+| `docker-build-context` | Docker build context, which is the working directory needed to build the Docker image. This is relative to the root of the repository. Defaults to the directory of `project-file`. | no | |
+| `docker-cache-tag` | Tag used for getting build cache from registry. This tag is also pushed on every build, together with `github.sha-github.run_number`. This action will not push a `latest` tag; if you want a `latest` tag, you can use this input or `docker-additional-tags`. | no | `latest-cache` |
+| `docker-include-dirs` | Comma-separated list of directories to copy into the Docker image. | no | |
+| `docker-include-files` | Comma-separated list of files to copy into the Docker image. | no | |
+| `dockerfile` | :warning: **DEPRECATED**: _Please use `project-file` instead, which is a drop-in replacement. `dockerfile` will be removed in the future._ :warning:
Path to a Dockerfile, e.g. `src/Dockerfile`. | no | |
+| `go-main-package-dir` | Where the main package directory for Go projects is located, e.g. `./cmd/my-app`. Defaults to `./cmd/inputs.name`. | no | |
+| `name` | Name of application. This will be used as the image name. For Elvia applications, do not include the namespace. | yes | |
+| `namespace` | Namespace or system of the application. Required for Elvia applications. | no | |
+| `project-file` | Path to a `.csproj`-file for .NET, a `go.mod` file for Go or a Dockerfile for any other project. E.g. `applications/my-app/my-app.csproj`, `pkg/my-app/go.mod` or `src/Dockerfile`. If you require files outside the directory of the `project-file` to build your application, you will need to set `docker-build-context`. | no | |
+| `registry` | What container registry to use, we support Azure Container Registry (ACR), Google Container Registry (GCR) and GitHub Container Registry (GHCR). You should set this to the URL of the registry you want to use, e.g. `ghcr.io/3lvia` or `myregistry.azurecr.io`. The action will authenticate with the registry depending on the value of the URL, i.e. if the URL contains `azurecr.io`, `gcr.io` or `ghcr.io`. If set to an ACR registry, Elvia's private Azure Container Registry will be used by default. You can also set these explictly to point to your own ACR. Using ACR requires the permissions `id-token: write` to access the registry using OIDC. If set to a GCR registry, the action will use the Google Container Registry of the Google Cloud project. Using GCR requires the permissions `id-token: write` to access the registry using OIDC. If set to a GHCR registry, the action will push to the GitHub Container Registry of the repository. Using GHCR requires the `packages: write` permission to push to the registry. | no | |
+| `severity` | Severity levels to scan for. See [Trivy documentation](https://github.com/aquasecurity/trivy-action?tab=readme-ov-file#inputs) for more information. | no | `CRITICAL` |
+| `trivy-cve-ignores` | Comma-separated list of CVEs for Trivy to ignore. See [Trivy documentation](https://aquasecurity.github.io/trivy/v0.49/docs/configuration/filtering/#trivyignore) for syntax. | no | |
+| `trivy-post-comment` | If `true`, the action will post a comment to the PR with the Trivy scan results. The comment will only be posted if the action is ran on a pull request. This action requires the permission `pull-requests: write` to be set for the job. | no | `false` |
+| `trivy-upload-report` | If `true`, the action will upload Trivy scan results to GitHub Advanced Security. This actions requires GitHub Advanced Security to be enabled for the repository, and the permissions `actions: read` and `security-events: write` to be set for the job. | no | `false` |
### Permissions
@@ -132,27 +132,24 @@ More permissions might be required depending on the inputs set, see the actions
uses: 3lvia/core-github-actions-templates/build@trunk
with:
ACR_NAME:
- # Name of the Azure Container Registry to push to.
+ # Name of the Azure Container Registry to push to. Only required if using your own ACR.
#
# Required: no
- # Default: 'containerregistryelvia'
- ACR_SUBSCRIPTION_ID:
- # Subscription ID of the Azure Container Registry to push to.
+ AZURE_CLIENT_ID:
+ # Client ID of a service principal that can push to Azure Container Registry.
#
# Required: no
- # Default: '9edbf217-b7c1-4f6a-ae76-d046cf932ff0'
- AZURE_CLIENT_ID:
- # ClientId of a service principal that can push to Azure Container Registry.
+ AZURE_TENANT_ID:
+ # Tenant ID of the Azure Container Registry to push to. Only required if using your own ACR.
#
# Required: no
- AZURE_TENANT_ID:
- # TenantId of a service principal that can push to Azure Container Registry.
+ GC_PROJECT_ID:
+ # Project ID of the Google Cloud project to push to. Only required if using GCR.
#
# Required: no
- # Default: '2186a6ec-c227-4291-9806-d95340bf439d'
checkout:
# If `true`, the action will check out the repository. If `false`, the action will assume the repository has already been checked out.
@@ -196,7 +193,7 @@ More permissions might be required depending on the inputs set, see the actions
# Required: yes
namespace:
- # Namespace or system of the application. This is only relevant for Elvia applications.
+ # Namespace or system of the application. Required for Elvia applications.
#
# Required: no
@@ -206,10 +203,9 @@ More permissions might be required depending on the inputs set, see the actions
# Required: no
registry:
- # What container registry to use, either `acr` or `ghcr`. If set to `acr`, credentials for Azure Container Registry will default to Elvia values. You can also set these explictly to point to your own ACR. Using ACR requires the permissions `id-token: write` to access the registry using OIDC. If set to `ghcr`, the action will use the GitHub Container Registry. Using GHCR requires the `packages: write` permission to push to the registry.
+ # What container registry to use, we support Azure Container Registry (ACR), Google Container Registry (GCR) and GitHub Container Registry (GHCR). You should set this to the URL of the registry you want to use, e.g. `ghcr.io/3lvia` or `myregistry.azurecr.io`. The action will authenticate with the registry depending on the value of the URL, i.e. if the URL contains `azurecr.io`, `gcr.io` or `ghcr.io`. If set to an ACR registry, Elvia's private Azure Container Registry will be used by default. You can also set these explictly to point to your own ACR. Using ACR requires the permissions `id-token: write` to access the registry using OIDC. If set to a GCR registry, the action will use the Google Container Registry of the Google Cloud project. Using GCR requires the permissions `id-token: write` to access the registry using OIDC. If set to a GHCR registry, the action will push to the GitHub Container Registry of the repository. Using GHCR requires the `packages: write` permission to push to the registry.
#
# Required: no
- # Default: 'acr'
severity:
# Severity levels to scan for. See [Trivy documentation](https://github.com/aquasecurity/trivy-action?tab=readme-ov-file#inputs) for more information.
@@ -248,26 +244,26 @@ you must first add your Github repository to [github-repositories-terraform](htt
### Inputs
-| Name | Description | Required | Default |
-| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | -------- | -------------------------------------- |
-| `AKS_CLUSTER_NAME` | Name of the AKS cluster to deploy to. Defaults to Elvias normal clusters. | no | |
-| `AKS_RESOURCE_GROUP` | Resource group of the AKS cluster to deploy to. Defaults to Elvias normal clusters. | no | |
-| `AKS_SUBSCRIPTION_ID` | Subscription ID of AKS to deploy to. Defaults to Elvias normal clusters. | no | |
-| `AZURE_CLIENT_ID` | Client ID of a service principal that has access to AKS. Only required for deploying to AKS. | no | |
-| `AZURE_TENANT_ID` | Tenant ID of a service principal that has access to AKS. | no | `2186a6ec-c227-4291-9806-d95340bf439d` |
-| `GC_SERVICE_ACCOUNT` | Service account to use for deploying to GKE. Only required for deploying to GKE. | no | |
-| `GC_WORKLOAD_IDENTITY_PROVIDER` | Workload identity provider to use for deploying to GKE. Only required for deploying to GKE. | no | |
-| `GKE_CLUSTER_LOCATION` | Location of the GKE cluster to deploy to. | no | `europe-west1` |
-| `GKE_CLUSTER_NAME` | Name of the GKE cluster to deploy to. Defaults to Elvias normal clusters. | no | |
-| `GKE_PROJECT_ID` | Project ID of GKE to deploy to. Defaults to Elvias normal clusters. | no | |
-| `checkout` | If `true`, the action will check out the repository. If `false`, the action will assume the repository has already been checked out. | no | `true` |
-| `environment` | Environment to deploy to. | yes | |
-| `helm-values-path` | Path to Helm values file, relative to the root of the repository. | no | `.github/deploy/values.yml` |
-| `name` | Name of application. Do not include namespace. | yes | |
-| `namespace` | Namespace or system of the application. | yes | |
-| `runtime-cloud-provider` | Kubernetes cloud provider to deploy to: `AKS` or `GKE`. | no | `AKS` |
-| `slack-channel` | Slack channel to notify on failure. Leave empty to disable notifications. | no | `` |
-| `workload-type` | The type of workload to deploy to kubernetes. Must be `deployment` or `statefulset`. | no | `deployment` |
+| Name | Description | Required | Default |
+| ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | -------- | --------------------------- |
+| `AKS_CLUSTER_NAME` | Name of the AKS cluster to deploy to. Defaults to Elvias normal clusters. | no | |
+| `AKS_RESOURCE_GROUP` | Resource group of the AKS cluster to deploy to. Defaults to Elvias normal clusters. | no | |
+| `AKS_SUBSCRIPTION_ID` | Subscription ID of AKS to deploy to. Defaults to Elvias normal clusters. | no | |
+| `AZURE_CLIENT_ID` | Client ID of a service principal that has access to AKS. Only required for deploying to AKS. | no | |
+| `AZURE_TENANT_ID` | Tenant ID of AKS to deploy to. Defaults to Elvias normal clusters. | no | |
+| `GC_SERVICE_ACCOUNT` | Service account to use for deploying to GKE. Only required for deploying to GKE. | no | |
+| `GC_WORKLOAD_IDENTITY_PROVIDER` | Workload identity provider to use for deploying to GKE. Only required for deploying to GKE. | no | |
+| `GKE_CLUSTER_LOCATION` | Location of the GKE cluster to deploy to. | no | `europe-west1` |
+| `GKE_CLUSTER_NAME` | Name of the GKE cluster to deploy to. Defaults to Elvias normal clusters. | no | |
+| `GKE_PROJECT_ID` | Project ID of GKE to deploy to. Defaults to Elvias normal clusters. | no | |
+| `checkout` | If `true`, the action will check out the repository. If `false`, the action will assume the repository has already been checked out. | no | `true` |
+| `environment` | Environment to deploy to. | yes | |
+| `helm-values-path` | Path to Helm values file, relative to the root of the repository. | no | `.github/deploy/values.yml` |
+| `name` | Name of application. Do not include namespace. | yes | |
+| `namespace` | Namespace or system of the application. | yes | |
+| `runtime-cloud-provider` | Kubernetes cloud provider to deploy to: `AKS` or `GKE`. | no | `AKS` |
+| `slack-channel` | Slack channel to notify on failure. Leave empty to disable notifications. | no | `` |
+| `workload-type` | The type of workload to deploy to kubernetes. Must be `deployment` or `statefulset`. | no | `deployment` |
### Permissions
@@ -305,10 +301,9 @@ More permissions might be required depending on the inputs set, see the actions
# Required: no
AZURE_TENANT_ID:
- # Tenant ID of a service principal that has access to AKS.
+ # Tenant ID of AKS to deploy to. Defaults to Elvias normal clusters.
#
# Required: no
- # Default: '2186a6ec-c227-4291-9806-d95340bf439d'
GC_SERVICE_ACCOUNT:
# Service account to use for deploying to GKE. Only required for deploying to GKE.