From 5a1087d12407aa10d897879d5c645ca18447afaa Mon Sep 17 00:00:00 2001
From: Nicolai Ort <info@nicolai-ort.com>
Date: Thu, 3 Jul 2025 19:42:07 +0200
Subject: [PATCH] fix: Respect readonly settings

---
 operator.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/operator.py b/operator.py
index 1ea3bf0..824867d 100644
--- a/operator.py
+++ b/operator.py
@@ -157,11 +157,11 @@ def delete_keys_by_title(self, repo, title):
         
         return keys_deleted
 
-    def create_key(self, repo, title, key):
+    def create_key(self, repo, title, key, read_only):
         """Create a new GitHub deploy key."""
         try:
             managed_title = f"k8s-operator:{title}"
-            return repo.create_key(managed_title, key, read_only=True)
+            return repo.create_key(managed_title, key, read_only)
         except github.GithubException as e:
             self.logger.error(f"Error creating key: {str(e)}")
             raise
@@ -240,13 +240,16 @@ def create_deploy_key(spec, logger, patch, **kwargs):
         # Get repository
         repo = github_manager.get_repository(spec['repository'])
         
+        #Extract readOnly setting
+        read_only = spec.get('readOnly', True)
+        
         # Handle existing keys
         title = spec.get('title', 'Kubernetes-managed deploy key')
         github_manager.delete_keys_by_title(repo, title)
         
         # Generate and create new key
         private_key, public_key = github_manager.generate_ssh_key()
-        key = github_manager.create_key(repo, title, public_key)
+        key = github_manager.create_key(repo, title, public_key, read_only)
         logger.info(f"Created new deploy key: {key.id}")
         
         if not github_manager.verify_key_exists(repo, key.id):