codex-team
diff --git a/‎.github/workflows/test.yaml‎
Lines changed: 42 additions & 0 deletions b/‎.github/workflows/test.yaml‎
Lines changed: 42 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 0 deletions b/‎.gitignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎Dockerfile‎
Lines changed: 2 additions & 2 deletions b/‎Dockerfile‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎Makefile‎
Lines changed: 95 additions & 0 deletions b/‎Makefile‎
Lines changed: 95 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 16 additions & 15 deletions b/‎README.md‎
Lines changed: 16 additions & 15 deletions
diff --git a/‎chart/Chart.yaml‎
Lines changed: 3 additions & 3 deletions b/‎chart/Chart.yaml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎chart/templates/rbac.yaml‎
Lines changed: 1 addition & 0 deletions b/‎chart/templates/rbac.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎cmd/client.go‎
Lines changed: 19 additions & 4 deletions b/‎cmd/client.go‎
Lines changed: 19 additions & 4 deletions
diff --git a/‎cmd/config.go‎
Lines changed: 2 additions & 1 deletion b/‎cmd/config.go‎
Lines changed: 2 additions & 1 deletion
@@ -0,0 +1,42 @@
+name: Test
+
+on:
+  push:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+
+    - name: Set up Go
+      uses: actions/setup-go@v5
+      with:
+        go-version: '1.25.0'
+
+    - name: Cache Go modules
+      uses: actions/cache@v4
+      with:
+        path: ~/go/pkg/mod
+        key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+        restore-keys: |
+          ${{ runner.os }}-go-
+
+    - name: Download dependencies
+      run: go mod download
+
+    - name: Run tests
+      run: go test ./...
+
+    - name: Run go vet
+      run: go vet ./...
+
+    - name: Check formatting
+      run: |
+        if [ "$(gofmt -d .)" ]; then
+          echo "Code is not formatted. Please run 'go fmt ./...'"
+          gofmt -d .
+          exit 1
+        fi
@@ -0,0 +1,2 @@
+bin
+*.local.yaml
@@ -1,4 +1,4 @@
-FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.21 as builder
+FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:1.25 as builder
 
 ARG TARGETPLATFORM
 ARG BUILDPLATFORM
@@ -16,4 +16,4 @@ FROM --platform=${TARGETPLATFORM:-linux/amd64} scratch
 WORKDIR /app/
 COPY --from=builder /app/flux-webhook-authreconciler /app/flux-webhook-authreconciler
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
-ENTRYPOINT ["/app/flux-webhook-authreconciler"]
+ENTRYPOINT ["/app/flux-webhook-authreconciler"]
@@ -0,0 +1,95 @@
+.PHONY: build test test-verbose test-coverage clean fmt vet lint help run
+
+# Binary name
+BINARY_NAME=flux-webhook-autoreconciler
+# Build directory
+BUILD_DIR=bin
+# Main package path
+MAIN_PACKAGE=./cmd
+
+# Default target
+.DEFAULT_GOAL := help
+
+## build: Build the binary
+build:
+	@echo "Building $(BINARY_NAME)..."
+	@mkdir -p $(BUILD_DIR)
+	@go build -o $(BUILD_DIR)/$(BINARY_NAME) $(MAIN_PACKAGE)
+	@echo "Build complete: $(BUILD_DIR)/$(BINARY_NAME)"
+
+## test: Run tests
+test:
+	@echo "Running tests..."
+	@go test ./...
+
+## test-verbose: Run tests with verbose output
+test-verbose:
+	@echo "Running tests with verbose output..."
+	@go test -v ./...
+
+## test-coverage: Run tests with coverage report
+test-coverage:
+	@echo "Running tests with coverage..."
+	@go test -coverprofile=coverage.out ./...
+	@go tool cover -html=coverage.out -o coverage.html
+	@echo "Coverage report generated: coverage.html"
+
+## test-reconciler: Run reconciler tests specifically
+test-reconciler:
+	@echo "Running reconciler tests..."
+	@go test -v ./cmd -run TestReconcile
+
+## clean: Remove build artifacts
+clean:
+	@echo "Cleaning build artifacts..."
+	@rm -rf $(BUILD_DIR)
+	@rm -f coverage.out coverage.html
+	@echo "Clean complete"
+
+## fmt: Format Go code
+fmt:
+	@echo "Formatting code..."
+	@go fmt ./...
+	@echo "Format complete"
+
+## vet: Run go vet
+vet:
+	@echo "Running go vet..."
+	@go vet ./...
+	@echo "Vet complete"
+
+## lint: Run golangci-lint (if installed)
+lint:
+	@echo "Running linter..."
+	@if command -v golangci-lint >/dev/null 2>&1; then \
+		golangci-lint run ./...; \
+	else \
+		echo "golangci-lint not installed. Install it with: go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest"; \
+	fi
+
+## mod-tidy: Tidy go.mod and go.sum
+mod-tidy:
+	@echo "Tidying go.mod..."
+	@go mod tidy
+	@echo "Tidy complete"
+
+## mod-download: Download dependencies
+mod-download:
+	@echo "Downloading dependencies..."
+	@go mod download
+	@echo "Download complete"
+
+## run: Run the application (requires config file)
+run: build
+	@echo "Running $(BINARY_NAME)..."
+	@./$(BUILD_DIR)/$(BINARY_NAME) -config config/server.yaml
+
+## run-client: Run the application in client mode
+run-client: build
+	@echo "Running $(BINARY_NAME) in client mode..."
+	@./$(BUILD_DIR)/$(BINARY_NAME) -config config/client.yaml
+
+## help: Show this help message
+help:
+	@echo "Available targets:"
+	@sed -n 's/^##//p' ${MAKEFILE_LIST} | column -t -s ':' | sed -e 's/^/ /'
@@ -1,11 +1,11 @@
 # flux-webhook-autoreconciler
 
-This project aims to solve the problem of having to manually setup webhooks for each repository in a cluster to reconcile Flux sources. 
+This project aims to solve the problem of having to manually setup webhooks for each repository in a cluster to reconcile Flux sources.
 
-Normally, you'd need to set up a Receiver for each source, then a webhook for that receiver ([official docs](https://fluxcd.io/flux/guides/webhook-receivers/)). 
+Normally, you'd need to set up a Receiver for each source, then a webhook for that receiver ([official docs](https://fluxcd.io/flux/guides/webhook-receivers/)).
 This can get pretty annoying and it's easy to mess up, especially when you have tons of repos you want to deploy with Flux.
 
-This project tackles this by giving you a single webhook receiver. You hook it up to your entire GitHub organization, 
+This project tackles this by giving you a single webhook receiver. You hook it up to your entire GitHub organization,
 and it'll automatically keep the Flux sources in sync across all your repos.
 
 ## How it works
@@ -15,7 +15,7 @@ This project has two main parts:
 - `Server`: It gets the webhooks, reconciles the sources, and tells the clients about what happened.
 - `Client`: (Optional) It listens to the server and reconciles the sources. You can run just the server if you want, but having a client is handy if you have multiple clusters. You send one webhook to the server, and it’ll reconcile the sources in all your clusters through their clients.
 
-Basically, the server waits for webhooks on the `/webhook` endpoint, and the client connects to the server on the `/subscribe` endpoint using WebSockets. You can have as many clients as you want (like, one client for each Kubernetes cluster). Both the server and client take care of reconciling the sources. 
+Basically, the server waits for webhooks on the `/webhook` endpoint, and the client connects to the server on the `/subscribe` endpoint using WebSockets. You can have as many clients as you want (like, one client for each Kubernetes cluster). Both the server and client take care of reconciling the sources.
 
 To figure out which sources need reconciling when a webhook comes in, the reconciler takes the package name from the webhook data, checks out all the sources, and then matches it up with the package name in each source. If there's a match, that source gets reconciled.
 
@@ -25,7 +25,7 @@ There is helm chart available published as OCI artifact in GitHub Packages [here
 You can install it using [Helm CLI](https://helm.sh/docs/topics/registries/) or by using Flux itself:
 
 ```yaml
-apiVersion: source.toolkit.fluxcd.io/v1beta2
+apiVersion: source.toolkit.fluxcd.io/v1
 kind: HelmRepository
 metadata:
   name: flux-webhook-autoreconciler
@@ -34,7 +34,7 @@ spec:
   type: oci
   url: oci://ghcr.io/codex-team/flux-webhook-autoreconciler/chart
 ---
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
+apiVersion: helm.toolkit.fluxcd.io/v2
 kind: HelmRelease
 metadata:
   name: flux-webhook-autoreconciler
@@ -44,7 +44,7 @@ spec:
   chart:
     spec:
       chart: flux-webhook-autoreconciler
-      version: '1.0.0' # replace with the latest version from here https://github.com/codex-team/flux-webhook-autoreconciler/pkgs/container/flux-webhook-autoreconciler%2Fchart%2Fflux-webhook-autoreconciler
+      version: '2.0.0' # replace with the latest version from here https://github.com/codex-team/flux-webhook-autoreconciler/pkgs/container/flux-webhook-autoreconciler%2Fchart%2Fflux-webhook-autoreconciler
       sourceRef:
         kind: HelmRepository
         name: flux-webhook-autoreconciler
@@ -67,22 +67,23 @@ The configuration is done via YAML file that is passed to the container via `--c
 
 You can find the example configuration in [config](./config) folder both for `server` and `client` modes.
 
-You'll also need to set up a GitHub webhook. You have the choice to do this for your whole organization or on a per-repo basis. For the how-to, check out the [official docs](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks). 
+You'll also need to set up a GitHub webhook. You have the choice to do this for your whole organization or on a per-repo basis. For the how-to, check out the [official docs](https://docs.github.com/en/webhooks/using-webhooks/creating-webhooks).
 To get the webhook working, you'll need to sort out a few things:
 
 - Payload URL: `https://<your-domain>/webhook`
 - Content type: `application/json`
 - Secret (optional but recommended)
-- In the section "Which events would you like to trigger this webhook?", go for "Let me select individual events." and then tick the box for the "Registry packages" event.
+- In the section "Which events would you like to trigger this webhook?", go for "Let me select individual events." and then tick the boxes for the "Registry packages" and "Pushes" events.
 
-And that’s it! Now you can push a new package to your GitHub registry and it will be automatically reconciled by Flux.
+And that’s it! Now when you push a new package to your GitHub registry or push commits to a GitHub repository, the matching Flux `OCIRepository` and `GitRepository` resources will be automatically reconciled.
 
-## Todo
+## Limitations
 
-- [ ] Add support for other kinds of sources. Right now, it’s just `OCIRepository`.
-- [ ] Make it work with other types of webhook data. For now, it’s only set up for GitHub-like payloads.
-- [ ] Add different filtering abilities, like filtering by package name or repo labels.
+- It only supports GitHub webhooks.
+- It only supports `OCIRepository` and `GitRepository` resources.
+- It only supports `published` events for `OCIRepository` resources.
+- It only supports `push` events for `GitRepository` resources.
 
 # Contribute
 
-Feel free to contribute to this project by creating issues and pull requests.
+Feel free to contribute to this project by creating issues and pull requests.
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: flux-webhook-autoreconciler
-description: A Helm chart for Kubernetes
+description: A Helm chart for a Flux webhook auto-reconciler that exposes a single GitHub webhook endpoint and automatically reconciles matching Flux sources across clusters.
 type: application
-version: "1.0.0"
-appVersion: "v1.0.0"
+version: "2.0.0"
+appVersion: "v2.0.0"
@@ -9,6 +9,7 @@ rules:
       - source.toolkit.fluxcd.io
     resources:
       - ocirepositories
+      - gitrepositories
     verbs:
       - get
       - list
 
@@ -3,11 +3,12 @@ package main
 import (
 	"context"
 	"encoding/json"
+	"net/url"
+	"time"
+
 	"github.com/gorilla/websocket"
 	"github.com/prometheus/client_golang/prometheus"
 	"go.uber.org/zap"
-	"net/url"
-	"time"
 )
 
 const (
@@ -76,8 +77,22 @@ func (r *Client) Run(ctx context.Context) {
 					break
 				}
 
-				r.logger.Info("Received message", zap.String("ociUrl", payload.OciUrl), zap.String("tag", payload.Tag))
-				r.reconciler.ReconcileSources(payload.OciUrl, payload.Tag)
+				r.logger.Info("Received message",
+					zap.String("ociUrl", payload.OciUrl),
+					zap.String("tag", payload.Tag),
+					zap.String("gitRepo", payload.GitRepo),
+					zap.String("ref", payload.Ref),
+				)
+
+				// Reconcile OCI repositories when OCI info is present
+				if payload.OciUrl != "" && payload.Tag != "" {
+					r.reconciler.ReconcileOciSources(payload.OciUrl, payload.Tag)
+				}
+
+				// Reconcile GitRepository resources when both gitRepo and ref are present
+				if payload.GitRepo != "" && payload.Ref != "" {
+					r.reconciler.ReconcileGitRepositories(payload.GitRepo, payload.Ref)
+				}
 				processedMessages.With(prometheus.Labels{"status": "success"}).Inc()
 			}
 		}()
 
@@ -1,9 +1,10 @@
 package main
 
 import (
+	"os"
+
 	"github.com/go-playground/validator/v10"
 	"gopkg.in/yaml.v3"
-	"os"
 )
 
 type Config struct {