Commit Graph

284 Commits

Author SHA1 Message Date
Hidde Beydals 776e1825d9 Use patched go-git version
To work around `object not found` errors due to a newly introduced bug
in go-git v5.4.0.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-05-31 16:34:30 +02:00
Hidde Beydals 0ad5d28ec4
Merge pull request #171 from fluxcd/release-v0.10.0
Release v0.10.0
2021-05-26 15:34:55 +02:00
Hidde Beydals 8ef62fabd9 Release v0.10.0
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-05-26 15:21:47 +02:00
Hidde Beydals 0d71be87f4
Merge pull request #170 from fluxcd/update-api-deps
Update source-controller/api to v0.13.0
2021-05-26 15:16:48 +02:00
Hidde Beydals aad03ca025 Update source-controller/api to v0.13.0
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-05-26 15:04:20 +02:00
Hidde Beydals e641607028
Merge pull request #169 from fluxcd/update-deps 2021-05-26 15:00:08 +02:00
Hidde Beydals 3a1f6026b8 Switch to `github.com/ProtonMail/go-crypto/openpgp`
As `golang.org/x/crypto/openpgp` has been deprecated (see
https://github.com/golang/go/issues/44226 for details), and this is the
most active/used fork.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-05-26 14:47:27 +02:00
Hidde Beydals d976c904ae Update source-controller to v0.13.0
To pull in Git package changes from
https://github.com/fluxcd/source-controller/pull/365.

Ref: https://github.com/fluxcd/flux2/issues/1443

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-05-26 14:33:24 +02:00
Stefan Prodan b6d767a204
Merge pull request #163 from fluxcd/release-v0.9.1
Release v0.9.1
2021-05-06 16:36:58 +03:00
Stefan Prodan c71ea97d62
Release v0.9.1
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-05-06 16:26:03 +03:00
Stefan Prodan 473e003a71
Merge pull request #162 from fluxcd/fix-image-name-marker
Fix image name marker
2021-05-06 16:02:31 +03:00
Aurel Canciu c3fe4e0a77
Fix resolving image name for marker name attribute
The image name was incorrectly extracted from the given reference,
yielding a trimmed version of the string and breaking the resulting
replacement value.

Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
2021-05-06 15:40:29 +03:00
Aurel Canciu 7ad4047319
Switch to kube-openapi/spec flavor
Upgraded kyaml to v0.10.19

Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
2021-05-06 14:03:49 +03:00
Hidde Beydals 9280bb05ff
Merge pull request #156 from fluxcd/spec-v1alpha2-change-table
spec: formatting `v1alpha1` -> `v1alpha2` table
2021-04-22 12:30:31 +02:00
Hidde Beydals 4a71491565 spec: formatting `v1alpha1` -> `v1alpha2` table
The previous format seems to have been a mixture of the format accepted
by most Markdown parsers, and the format Org Mode for Emacs likes.

Anyhow, we breathe Markdown.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-04-22 12:15:37 +02:00
Hidde Beydals a5958f289d
Merge pull request #155 from fluxcd/release-0.9.0 2021-04-22 10:52:52 +02:00
Hidde Beydals 5b5da6ba39 Add report, license and release badges to README
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-04-22 10:37:29 +02:00
Hidde Beydals bad04cfbd9 Release v0.9.0
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-04-22 10:35:48 +02:00
Stefan Prodan c7d35e4fac
Merge pull request #154 from fluxcd/source-controller-v0.12.0
Update source-controller/api to v0.12.0
2021-04-22 11:18:48 +03:00
Stefan Prodan 9e7111be0f
Update source-controller/api to v0.12.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-04-22 10:59:47 +03:00
Stefan Prodan 4068372e2a
Merge pull request #153 from fluxcd/image-policy-v1alpha2
Move to ImagePolicy v1alpha2
2021-04-22 10:20:44 +03:00
Stefan Prodan 833b50fdee
Move to ImagePolicy v1alpha2
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-04-22 10:03:22 +03:00
Stefan Prodan 7c39649434
Merge pull request #139 from fluxcd/v1alpha2-api
Add v1alpha2 API version
2021-04-22 09:45:51 +03:00
Michael Bridgen f746a110c2 Add guide to migrating to v1alpha2
This commit adds a step-by-step guide to rewriting specs for v1alpha2.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-13 11:01:45 +01:00
Michael Bridgen b0fc4155fe Write a specification explainer for v1alpha2
This mostly adapts the material in the v1alpha1 spec explainer doc to
the different structure of the v1alpha2 types.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-13 11:01:45 +01:00
Michael Bridgen 1c33a2d45f Generate docs for v1alpha2
This switches the API doc generation from v1alpha1, to v1alpha2.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-13 11:01:45 +01:00
Michael Bridgen ebb2d6abea Use sourcev1.GitRepositoryRef
This changes the API so that the checkout field has a ref, the same as
GItRepository. This means you can check out a branch or a tag or a
particular commit. Most of these won't work unless you supply a branch
to push to as well.

An addtional change is that you can leave out the checkout altogether,
and the ref will default to that given in the GitRepository, or its
default. In the latter case, again you will need to provide a push
branch.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-13 11:01:42 +01:00
Michael Bridgen b28c5ccc04 Split author email and name into separate fields
This is a bit neater to read and write, and since I'm making breaking
changes anyway.

The name is now optional; an email is enough.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-13 10:50:01 +01:00
Michael Bridgen cd8a2e97b8 Flip the controller and tests to API v1alpha2
This finishes the v1alpha2 API, and rewrites everything needed so that
the controller supports it and the tests pass. For the most part, that
is just changing the location of fields. However, there's a few
notable extras:

 - check that the `sourceRef` is a git repo (that's the default), and
   that a `.spec.git` is supplied;

 - change a test that blindly patched an update object, so that it
   first gets the object it's patching. Previously, it succeeded
   because it was OK to patch everything to empty strings, but that's
   no longer the case since SourceReference.Kind is an enum.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-13 10:45:58 +01:00
Michael Bridgen f28a0c40ff Add v1alpha2 API version
This adds a v1alpha2 API, without changing the controller or tests to
use it (yet). The new API has roughly the desired shape, per
https://github.com/fluxcd/flux2/discussions/1124, but supporting only
things that the controller supports now.

It's necessary to give the v1alpha1 type a `storageversion` marker so
that 1. code generation keeps working, and 2. tests still work, since
they still expect v1alphav1 types. v1alpha1 will be removed once the
controller and tests are ported to v1alpha2.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-13 10:30:51 +01:00
Stefan Prodan 448a3135ab
Merge pull request #147 from dholbach/add-cii
add CII badge
2021-04-08 13:58:54 +03:00
Daniel Holbach e0cf208eda add CII badge
ref: https://bestpractices.coreinfrastructure.org/en/projects/4789

Signed-off-by: Daniel Holbach <daniel@weave.works>
2021-04-08 12:22:42 +02:00
Stefan Prodan 3919d11a6b
Merge pull request #145 from fluxcd/release-v0.8.0
Release v0.8.0
2021-04-06 18:43:50 +03:00
Stefan Prodan 1332f65372
Release v0.8.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-04-06 17:27:40 +03:00
Michael Bridgen 2a48f6d3a3
Merge pull request #144 from fluxcd/images-in-templates
Ensure that an unchanged image is not in update result
2021-04-06 12:18:54 +01:00
Michael Bridgen 018e9e8a59 Simplify callback bookkeeping
This commit removes an unnecessary indirection through a closure.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-06 10:04:08 +01:00
Michael Bridgen c5cfe9170e Reimplement kyaml filter to record only changes
The update procedure is obliged to return a Result struct with all the
objects that were changed, for filling in the commit template. At
present, the result is collated by running each setter on each object
and seeing if the setter is used. This uses the `Set` from kyaml, with
a small amount of glue.

It doesn't quite work, however, because a setter may be used for a
field without changing the value. The result gets an entry for each
policy _mentioned_, whether or not it had a new value. There is no way
to see whether a setter actually changed a field from the outside,
other than by comparing a copy of the object before using the setter
with the object after (which yaml.v3 does not make easy).

A better approach is to get the setter to record whether it changed
anything, since it is there doing the changing. This means
reimplementing kyaml's `Set`. I have stripped it down to the parts
needed for image updates -- so e.g., only field values are examined.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-06 10:04:08 +01:00
Michael Bridgen 9caa3b42f1 Test that an unchanged image is not in result
With reference to

    https://github.com/fluxcd/image-automation-controller/issues/133

this commit adapts the update->result test so that it checks an
additional case: that a field with an update marker that _does_
correspond to a policy, but _doesn't_ get changed, is not included in
the results.

This test fails at present, because the method for determining the
result is to count which setters are referenced, rather than which
fields were changed.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-06 10:04:08 +01:00
Michael Bridgen f6ad224216
Merge pull request #142 from fluxcd/narrow-commit-scope
Ignore broken symlinks and outside path, in commit
2021-04-06 10:03:32 +01:00
Michael Bridgen cd895637b5 Ignore broken symlinks in commit
There is a bug in go-git which leads to it reporting broken, absolute
symlinks as modified whether they are or not:

    https://github.com/go-git/go-git/issues/253

To date, the controller checks whether the repo it has run an update
on is Clean, and as a consequence will run into the bug above if a
broken symlink is in the repo. The result is that it makes and pushes
an empty commit every interval.

To work around the problem, this commit adds a more careful check of
the repo status. Each file reported as modified is validated by
checking specifically that it's not a broken symlink: if `os.Lstat`
says it's a symlink and `os.Stat` reports the (target) file is
missing, it can be ignored. (Why not just ignore any missing file?
Because a missing file might indicate some other problem, so better to
let it fail).

For convenience, I have moved a few procedures around so they can be
used more readily by go tests.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-05 11:43:15 +01:00
Michael Bridgen 8478fd9778
Merge pull request #143 from fluxcd/push-branch-second-commit
Fix problem with pushing further commits to a "push branch"
2021-04-05 09:08:03 +01:00
Michael Bridgen 40fb66a217 Fetch remote branch before switching to it
For the "push to branch" feature, the controller must either switch to
the branch given, or create it starting at the checked-out HEAD. The
func `switchBranch` encapsulates this decision -- but it assumes that
if the branch exists at the remote, it will have been fetched when
cloning, and this is not always true. In particular, cloning with
go-git avoids fetching all refs:

    https://github.com/fluxcd/source-controller/blob/v0.11.0/pkg/git/gogit/checkout.go

This commit adds a step to fetch the remote branch to a local branch,
before attempting to switch to the local branch. This makes
`switchBranch` a little simpler, and doesn't rely on any refs having
been fetched ahead of time.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-03 15:11:20 +01:00
Michael Bridgen ddd0a8d8ed Watch ImagePolicy objects
Prior to #27, controller indexed the automation objects against image
policies, since an automation could depend on a specific image
policy. That PR removed the references and the watch; however,
automation objects still depend on image policy objects, just
indirectly through the git repo.

This commit reinstates the watch, and makes sure the generation change
/ reconcile request predicate applies only to the watch on automation
object themselves.

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-02 20:12:13 +01:00
Michael Bridgen cc3bd7e1da Test further commits to push branch
This adds a test to check that should there be a further update to
make, another commit is pushed to the "push branch". In this case, the
image policy gets a new latest image.

The test fails at present because the controller is not watching image
policies (and will not run again on the long interval specified).

Signed-off-by: Michael Bridgen <michael@weave.works>
2021-04-02 19:45:37 +01:00
Stefan Prodan 89733c608e
Merge pull request #141 from fluxcd/kyaml-v0.10.16
Update kyaml to v0.10.16
2021-03-31 15:16:58 +03:00
Stefan Prodan d6d2b55525
Update kyaml to v0.10.16
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-03-31 15:00:19 +03:00
Michael Bridgen a4f5b8f38a
Merge pull request #136 from LWJ/commit_signing
Enable GPG Signing of Commits
2021-03-30 13:55:29 +01:00
LWJ b63b5b2771 Catch OpenPGP failures in test
Signed-off-by: LWJ <lwjames1996@gmail.com>
2021-03-30 13:42:12 +01:00
LWJ d1cfabf793 Fix nil pointer dereference and minor refactor
Signed-off-by: LWJ <lwjames1996@gmail.com>
2021-03-29 18:16:37 +01:00
Luke 610bb14a2b
Merge branch 'main' into commit_signing 2021-03-25 15:18:14 +00:00