Merge pull request #44 from XenitAB/readme-improvements

bittrance · web-flow · commit e6079e76c671 · 2022-03-09T11:51:39.000+01:00
Readme improvements
diff --git a/README.md b/README.md
@@ -2,20 +2,20 @@
 
 [![Go Report Card](https://goreportcard.com/badge/github.com/XenitAB/git-auth-proxy)](https://goreportcard.com/report/github.com/XenitAB/git-auth-proxy)
 
-Proxy to allow multi tenant sharing of GitHub and Azure DevOps credentials in Kubernetes.
+Proxy to allow multi-tenant sharing of GitHub and Azure DevOps credentials in Kubernetes.
 
-Most Git providers offer mutliple ways of authenticating when cloning repositories and communicating with their API. These authentication methods are usually tied to a specific user and in the best
-case offer the ability to scope the permissions. The lack of organization API keys leads to solutions like GitHubs soltution to [create a machine user](https://docs.github.com/en/developers/overview/managing-deploy-keys#machine-users)
+Most Git providers offer multiple ways of authenticating when cloning repositories and communicating with their API. These authentication methods are usually tied to a specific user and in the best
+case offer the ability to scope the permissions. The lack of organization API keys leads to solutions like GitHubs solution to [create a machine user](https://docs.github.com/en/developers/overview/managing-deploy-keys#machine-users)
 that has limited permissions. The need for machine user accounts is especially important for GitOps deployment flows with projects like [Flux](https://docs.github.com/en/developers/overview/managing-deploy-keys#machine-users)
 and [ArgoCD](https://github.com/argoproj/argo-cd). These tools need an authentication method that supports accessing multiple repositories, without sharing the global credentials with all users.
 
 <p align="center">
   <img src="./assets/architecture.png">
 </p>
 
-Git Auth Proxy attemps to solve this problem by implementing its own authentication and authorization layer inbetween the client and the Git provider. It works by generating static tokens that are
+Git Auth Proxy attempts to solve this problem by implementing its own authentication and authorization layer in between the client and the Git provider. It works by generating static tokens that are
 specific to a Git repository. These tokens are then written to a Kubernetes secret in the Kubernetes namespaces which should have access to the repositories. When a repository is cloned through the
-proxy, the token will be checked agains the repository cloned, and if valid it will be replaced with the correct credentials. The request will be denied if a token is used to clone any other
+proxy, the token will be checked against the repository cloned, and if valid it will be replaced with the correct credentials. The request will be denied if a token is used to clone any other
 repository which is does not have access to.
 
 ## How To
@@ -50,7 +50,7 @@ configured for Git Auth Proxy to append to authorized requests. Note that organi
 }
 ```
 
-When using GitHub a [GitHub Application](https://docs.github.com/en/developers/apps) has to be created and installed. The PEM key needs to be extracted and passed as a base64 endoded string in the
+When using GitHub a [GitHub Application](https://docs.github.com/en/developers/apps) has to be created and installed. The PEM key needs to be extracted and passed as a base64 encoded string in the
 configuration file. Note that the project field is not required when using GitHub as projects do not exists in GitHub.
 
 ```json
@@ -60,8 +60,8 @@ configuration file. Note that the project field is not required when using GitHu
       "provider": "github",
       "github": {
         "appID": 123,
-        "installationID: 123,
-        "privateKey: "<BASE64>"
+        "installationID": 123,
+        "privateKey": "<BASE64>"
       },
       "host": "github.com",
       "name": "xenitab",
@@ -83,15 +83,15 @@ Add the Helm repository and install the chart, be sure to set the config content
 
 ```shell
 helm repo add https://xenitab.github.io/git-auth-proxy/
-helm install git-auth-proxy --set config=<config>
+helm install git-auth-proxy --set config=<config-json>
 ```
 
 There should now be a `git-auth-proxy` Deployment and Service in the cluster, ready to proxy traffic.
 
 ### Git
 
 Cloning a repository through the proxy is not too different from doing so directly from GitHub or Azure DevOps. The only limitation is that it is not possible to clone through ssh, as Git Auth Proxy
-only proxies HTTP traffic. To clone the repository `repo-1` [get the clone URL from the repository page](https://docs.microsoft.com/en-us/azure/devops/repos/git/clone?view=azure-devops&tabs=visual-studio#get-the-clone-url-to-your-repo).
+only proxies HTTP(S) traffic. To clone the repository `repo-1` [get the clone URL from the repository page](https://docs.microsoft.com/en-us/azure/devops/repos/git/clone?view=azure-devops&tabs=visual-studio#get-the-clone-url-to-your-repo).
 Then replace the host part of the URL with `git-auth-proxy` and add the token as a basic auth parameter. The result should be similar to below.
 
 ```shell
@@ -113,7 +113,7 @@ to the host `api.github.com`.
 Execute the following command to list all pull requests in the repository `repo-1` using the local token to authenticate to the proxy.
 
 ```shell
-curl http://<token-1>@git-auth-proxy/org/proj/_apis/git/repositories/repo-1/pullrequests?api-version=5.1
+curl https://<token-1>@git-auth-proxy/org/proj/_apis/git/repositories/repo-1/pullrequests?api-version=5.1
 ```
 
 > :warning: **If you intend on using a language specific API**: Please read this!
