Commit Graph

193 Commits

Author SHA1 Message Date
Stefan Prodan d188195def
Release v0.20.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-02-01 10:01:01 +02:00
Stefan Prodan ea95f0c85c
Update source-controller/api to v0.21.1
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-31 12:07:33 +02:00
Stefan Prodan f353ba44a7
Introduce a dedicated manager for status updates to avoid conflicts
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-31 11:29:54 +02:00
Stefan Prodan 518c8a021b
Allow disabling cross-namespace references
Introduce the flag `--no-cross-namespace-refs` (defaults to false) for allowing cluster admins to disable cross-namespace references to sources.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-26 22:50:10 +02:00
Stefan Prodan 4ee01a2db0
Fix preflight validation
Validate that the resources built with kustomize conform to the Kubernetes API conventions before passing them to the server-side apply engine.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-21 13:05:40 +02:00
Soule BA c579e71430
add native support for sops decryption/encryption with Vault
If implemented, the kustomize controller will be able to retrieve a
secret containing a VAULT TOKEN and use it to decrypt the sops encrypted
master key. It will then use it to decrypt the data key and finally use the data
key to decrypt the final data.

Signed-off-by: Soule BA <bah.soule@gmail.com>
2022-01-19 21:59:10 +01:00
Stefan Prodan 57cf14430d
Release v0.19.1
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-13 19:54:39 +02:00
Stefan Prodan 02c6708362
Update fluxcd/pkg/ssa to exclude the status field from apply
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-13 18:50:56 +02:00
Stefan Prodan d4e13e5c0c
Release v0.19.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-10 15:29:01 +02:00
Stefan Prodan 9b0bb3dcf9
Fix HPA diff (upstream bug)
Update fluxcd/ssa to v0.8.0 that implements a workaround for a Kubernetes API server-side apply dry-run bug where the HPA custom metrics are duplicated.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-06 10:45:42 +02:00
Stefan Prodan 75b6130490
Restore runc and image-spec patches
Fix for CVE-2021-30465 and CVE-2021-41190

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-05 19:52:15 +02:00
Stefan Prodan 5466544f7f
Update source-controller/api to v0.20.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-01-05 17:33:47 +02:00
Aurel Canciu ec9fdb1550
Update flux pkg components
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
2021-12-20 14:50:41 +01:00
Aurel Canciu 57220f8c70
Update Go to v1.17
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
2021-12-16 14:23:15 +01:00
Stefan Prodan 5b95d1d667
Release v0.18.2
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-12-09 17:40:57 +02:00
Stefan Prodan 24bdda0c1c
Update dependencies
- fluxcd/pkg/ssa v0.6.0
- fluxcd/source-controller/api v0.19.1
- github.com/opencontainers/runc to v1.0.3 (fix CVE-2021-43784)

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-12-09 11:47:50 +02:00
Paulo Gomes 24ab11d820
Bump dependencies to patch security advisories
Advisories fixed:
golang.org/x/text GO-2021-0113

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
2021-12-09 09:16:06 +00:00
Stefan Prodan 6e2c38ce90
Release v0.18.1
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-11-23 15:42:33 +02:00
Stefan Prodan 5e9c75b847
Update source-controller/api to v0.19.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-11-23 14:43:21 +02:00
Stefan Prodan 1badc828b4
Replace deprecated dependencies
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-11-23 14:21:21 +02:00
Hidde Beydals 09d98b0baa Update opencontainers/{image-spec, runc}
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-11-22 12:36:06 +01:00
Stefan Prodan 5b0734b50f
Release v0.18.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-11-12 16:38:18 +02:00
Stefan Prodan e9c002cf62
Update source-controller/api to v0.18.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-11-12 15:32:38 +02:00
Stefan Prodan bbe9d9c36f
Update controller to kustomize v4.4.1
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-11-12 10:15:33 +02:00
Stefan Prodan 8eac59574f
Release v0.17.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-11-09 14:18:49 +02:00
Stefan Prodan f2715a74c8
Set delete propagation policy to background
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-11-08 15:02:12 +02:00
Aurel Canciu f03d2c9b05
Remove PGP passphrase prompt
We do not support encrypted PGP private keys hence the prompt function
logic can be reduced to signaling an error.

Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
2021-11-04 13:14:25 +01:00
Aurel Canciu 6712ece2c7
Update google.golang.org/grpc to v1.42.0
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
2021-11-04 12:57:06 +01:00
Aurel Canciu 1bfbd9add2
Update hashicorp/go-retryablehttp to v0.7.0
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
2021-11-04 12:56:28 +01:00
Stefan Prodan 76eb4833d2
Release v0.16.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-19 11:50:13 +03:00
Stefan Prodan 7a26305dc8
Fix cluster scope detection of applied objects
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-19 09:34:18 +03:00
Stefan Prodan 3a67da5d8e
Release v0.15.5
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-13 13:26:37 +03:00
Stefan Prodan c096414383
Improve drift detection
Update `github.com/fluxcd/pkg/ssa` to v0.1.0.
Remove server-side generated fields (metadata and status) before checking for semantic equality.
Removing the server generated fields means that we no longer have to look for `spec` to properly detect drift.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-13 12:16:52 +03:00
Stefan Prodan a596394fde
Release v0.15.4
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-12 12:12:41 +03:00
Stefan Prodan f133d2cb5f
Fix HPA v2beta1 validation
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-12 11:50:11 +03:00
Stefan Prodan aae8cbd684
Release v0.15.3
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-11 18:23:22 +03:00
Stefan Prodan a292f28699
Fix drift detection in Secrets and ConfigMaps
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-11 16:26:01 +03:00
Stefan Prodan 1edd9207fc
Release v0.15.2
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-10 15:48:24 +03:00
Stefan Prodan 7282308883
Fix SSA upstream bugs for Kubernetes < 1.22
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-10 15:28:12 +03:00
Stefan Prodan 481f8af7fa
Release v0.15.1
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-08 18:17:51 +03:00
Stefan Prodan 7c635c53fa
Release v0.15.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-08 13:49:28 +03:00
Stefan Prodan a2b816c3da
Update SSA to force apply RBAC
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-08 10:26:16 +03:00
Stefan Prodan 145b2389cf
Pin runc to fix CVE-2021-30465
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-07 21:42:30 +03:00
Sunny dd3935ce8e Replace envtest with testenv
testenv now supports provisioning users. Replace envtest with testenv.

Also, reorder the cleanup to stop the test environment before stopping
the file server to avoid anything in the cluster trying to connect to
the file server after it's stopped.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
2021-10-07 16:21:22 +05:30
Stefan Prodan 50c71354ab
Update kustomize to v4.4.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-04 14:47:45 +03:00
Stefan Prodan 6346591f02
Use ssa package from fluxcd/pkg
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-10-01 10:21:15 +03:00
Stefan Prodan 3a03d235c2
Add SSA resource manager
Package ssa contains utilities for managing Kubernetes resources using sever-side apply.
Package objectutil contains utilities for manipulating Kubernetes objects.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-09-30 18:33:26 +03:00
Stefan Prodan 14329c6fa0
Refactor tests
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-09-10 16:51:22 +03:00
Stefan Prodan 54efaca039
Release v0.14.1
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-09-09 15:21:36 +03:00
Stefan Prodan 053f68b8ff
Release v0.14.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-08-26 11:37:05 +03:00