kustomize-controller

Commit Graph

Author	SHA1	Message	Date
Stefan Prodan	5329f56881	Add ExternalArtifact feature gate Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-09-05 23:45:26 +03:00
Stefan Prodan	049a805992	Implement ExternalArtifact reconciliation Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-09-05 00:02:43 +03:00
Stefan Prodan	3d6179cc99	Import ExternalArtifact CRD Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-09-04 21:31:21 +03:00
Stefan Prodan	e722bbbf50	Implement reconciliation history tracking Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-09-01 10:35:39 +03:00
cappyzawa	c5f0efdced	[RFC-0010] Add multi-tenancy lockdown for decryption and kubeconfig Adds two new controller flags to enforce ServiceAccount usage in multi-tenant clusters where administrators need to lock down workload identity access: - --default-decryption-service-account - --default-kubeconfig-service-account These flags complement the existing --default-service-account flag to provide complete multi-tenancy lockdown coverage for all three classes of ServiceAccount fields in the Kustomization API. Signed-off-by: cappyzawa <cappyzawa@gmail.com>	2025-08-17 17:11:50 +09:00
Stefan Prodan	fd63b520d5	controller: Move manager to a dedicated file Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-07-22 20:43:14 +03:00
Stefan Prodan	e0e6e22272	controller: Implement CEL evaluation for dependency checks Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-07-22 20:23:58 +03:00
Stefan Prodan	c2754dd5de	controller: Add `AdditiveCELDependencyCheck` feature gate Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-07-22 12:57:52 +03:00
Matheus Pimenta	2dcec193bb	Introduce label selector for watching ConfigMaps and Secrets Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-07-17 10:29:26 +01:00
Matheus Pimenta	2fb1482f71	[RFC-0010] Introduce workload identity auth for remote clusters Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-07-14 16:47:26 +01:00
Stefan Prodan	1476042b1e	Refactor reconciler to use `ssa.ApplyAllStaged` Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-07-08 19:42:12 +03:00
Matheus Pimenta	30275f2615	Introduce global decryption for SOPS age keys Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-07-06 19:24:22 +01:00
Matheus Pimenta	4623a38989	Fix regression in STS endpoint for SOPS decryption with AWS KMS in US Gov partition Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-07-03 17:39:11 +01:00
cappyzawa	8479377cd7	Add regression test for multiple patch delete in strategic merge patches This test ensures that the controller properly handles multiple $patch: delete directives in strategic merge patches, which was causing panic errors in kustomize v5.6.0 but is now fixed in v5.7.0. The test includes two scenarios: - Multiple delete directives in a single patch (the main fix) - Multiple delete directives in separate patches (previously a workaround) Signed-off-by: cappyzawa <cappyzawa@gmail.com>	2025-06-29 15:38:51 +09:00
Stefan Prodan	ff76a91987	Update controller to OCIRepository v1 (GA) Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-05-28 13:24:44 +03:00
Stefan Prodan	55be958932	Merge pull request #1444 from fluxcd/gc-wait-for-termination Implement `WaitForTermination` deletion policy	2025-05-23 12:29:21 +02:00
Matheus Pimenta	0d6ab9f762	[RFC-0010] Introduce feature gate Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-05-19 14:18:35 +01:00
Stefan Prodan	413118e9a7	Document The `WaitForTermination` policy Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-05-13 16:31:33 +03:00
Stefan Prodan	98adddbf2e	Implement waiting for termination at finalization Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-05-13 13:36:54 +03:00
Matheus Pimenta	ac963f92f4	[RFC-0010] Introduce KMS provider decryption with service account Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-05-07 17:43:35 +01:00
Matheus Pimenta	361a28eed9	Fix performance regression due to using client without cache Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-04-29 13:48:31 +01:00
Stefan Prodan	3ac784dbc8	Update to Kubernetes 1.33.0 and Go 1.24.0 Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-04-28 14:12:22 +03:00
Stefan Prodan	60afb73327	Merge pull request #1396 from norman-zon/suspension-event-log Skip emitting events for suspended Kustomizations	2025-04-15 10:26:35 +03:00
Norman Stetter	2d89eb6010	feat: prevent no-op reconciles There are edge cases where a reonciliation can be triggered on a suspended Kustomization, mainly through changes in a source. In these cases a "no-op" reconciliation occurs, which can be confusing for the user. This returns early if the Kustomization ist suspended. Signed-off-by: Norman Stetter <85173861+norman-zon@users.noreply.github.com>	2025-04-15 08:47:28 +02:00
Matheus Pimenta	cb67f6f015	Fix decryption test due to SOPS breaking change Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-03-31 05:16:08 +01:00
Matheus Pimenta	42b9036bf3	Update `fluxcd/pkg/runtime` to v0.58.0 Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-03-27 11:35:53 +00:00
Stefan Prodan	12b3acbaaa	Add test for RESTMapper with CRD/CR Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-02-25 13:34:57 +02:00
Stefan Prodan	8b6f4bc6e9	Use lazy restmapper vendored from controller-runtime v0.19 Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2025-02-25 09:30:03 +02:00
Matheus Pimenta	a7e4927fed	Fix secret value showing up in logs Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-02-24 15:22:35 +00:00
Daniel Brown	230b55fde5	chore: add GroupChangeLog feature gate to fix es indexing cardinality Signed-off-by: Daniel Brown <daniel.brown2@sainsburys.co.uk>	2025-02-14 09:48:55 +00:00
Matheus Pimenta	6455cfec59	[RFC-0009] Add CEL custom healthchecks Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-01-31 14:27:31 +00:00
Matheus Pimenta	eccdbad35a	Add OCI revision to events Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>	2025-01-22 08:03:14 +00:00
Erik Godding Boye	c38ebabf1b	Allow control of finalization garbage collection Signed-off-by: Erik Godding Boye <egboye@gmail.com> Co-authored-by: Stefan Prodan <stefan.prodan@gmail.com> Co-authored-by: Amund Tenstad <github@amund.io>	2024-12-18 13:30:59 +01:00
hasithsen	d36aa14d77	feat: Remove deprecated object metrics from controllers fluxcd/flux2#5083 Signed-off-by: hasithsen <sen.hasith@gmail.com>	2024-12-11 23:41:43 +05:30
Yuriy	49770ea4cc	Added decryption of patches and components. Cleaned SOPS tests. Signed-off-by: Yuriy <yuriy@vlasov.pro>	2024-12-04 10:06:19 +02:00
Yuriy	681573b3e6	Added sops encryped .env in component test data Signed-off-by: Yuriy <yuriy@vlasov.pro>	2024-11-10 20:51:54 +02:00
Yuriy Vlasov	443c96a788	Fixed decryption in components. Signed-off-by: Yuriy <yuriy@vlasov.pro>	2024-11-08 14:30:42 +02:00
Sunny	3d87349536	Update Bucket API to v1 Signed-off-by: Sunny <github@darkowlzz.space>	2024-09-27 13:29:44 +00:00
Stefan Prodan	2b44187c23	Allow cross-shard dependency check Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-09-25 11:45:10 +03:00
Stefan Prodan	5d30ea57d1	Update dependencies to Kubernetes v1.31.0 Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-08-15 09:47:16 +03:00
Stefan Prodan	937837b36e	Use SOPS DefaultDecryptionOrder Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-08-01 19:51:54 +03:00
Stefan Prodan	a21e977cad	Update SOPS to v3.9.0 Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-07-28 11:51:11 +03:00
Florian Forster	ad38b1cb84	Fix incorrect use of format strings with the `conditions` package. The `Mark…` functions in the `conditions` package accept a format string and (optional) arguments, just like `fmt.Printf` and friends. In many places, the code passed an error message as the format string, causing it to be interpreted as a format string by the `fmt` package. This leads to issues when the message contains percent signs, e.g. URL-encoded values. This PR adds a format string and shortens `err.Error()` to `err`, which yields the same output. This change is identical in principle to https://github.com/fluxcd/source-controller/pull/1529. Signed-off-by: Florian Forster <fforster@gitlab.com>	2024-07-08 08:27:13 +02:00
gdasson	3fded0b0e4	Refer condition type constants from pkg Signed-off-by: gdasson <gaurav.dasson@gmail.com>	2024-04-23 09:56:16 -05:00
Stefan Prodan	73b1b4b032	Implement name prefix/suffix transformers Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-04-09 15:01:35 +03:00
Stefan Prodan	b810013ab5	Add envsubst test for `$${var}` Ref: https://github.com/fluxcd/kustomize-controller/issues/1082 Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-04-09 10:11:54 +03:00
Stefan Prodan	76cc820d31	Add envsubst test for unknown escape character fix Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-04-09 10:02:46 +03:00
Stefan Prodan	4f471c7dab	Add `StrictPostBuildSubstitutions` feature flag Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-04-08 19:08:33 +03:00
Stefan Prodan	45c50c7894	Add test for int and bool post build substitution Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-04-06 13:49:08 +03:00
Stefan Prodan	e70c61c2f7	Revert SOPS module to Apache 2.0 Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>	2024-03-14 20:46:30 +02:00

1 2 3 4

168 Commits