fluxcd
/
source-controller
mirror of https://github.com/fluxcd/source-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Introduce more explicit Condition types 

This commit introduces new Condition types to the v1beta1 API,
facilitating easier observation of (potentially) problematic state for
end-users.

- `ArtifactUnavailableCondition`: indicates there is no artifact
  available for the resource. This Condition should be set by the
  reconciler as soon as it observes the absence of an artifact for a
  source.
- `CheckoutFailedCondition`: indicates a transient or persistent
  checkout failure. This Condition should be set by the reconciler as
  soon as it observes a Git checkout failure, including any
  prerequisites like the unavailability of the referenced Secret used
  for authentication. It should be deleted as soon as a successful
  checkout has been observed again.
- `SourceVerifiedCondition`: indicates the integrity of the source has
  been verified. The Condition should be set to True or False by the
  reconciler based on the result of the integrity check.
  If there is no verification mode and/or secret configured, the
  Condition should be removed.
- `IncludeUnavailableCondition`: indicates one of the referenced
  includes is not available. This Condition should for example be set
  by the reconciler when the include does not exist, or does not have
  an artifact. If the includes become available, it should be deleted.
- `ArtifactOutdatedCondition`: indicates the current artifact of the
  source is outdated. This Condition should for example be set by the
  reconciler when it notices there is a newer revision for an artifact,
  or the previously included artifacts differ from the current available
  ones. The Condition should be removed after writing a new artifact
  to the storage.

Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit is contained in:
Hidde Beydals 2021-07-30 11:17:22 +02:00
parent 273f8b155e
commit 48ebbcd64e
2 changed files with 44 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
api/v1beta1/gitrepository_types.go
View File

@ -32,6 +32,30 @@ const (
LibGit2Implementation = "libgit2"
)
const (
// ArtifactUnavailableCondition indicates there is no Artifact available for the Source.
// This is a "negative polarity" or "abnormal-true" type, and is only present on the resource if it is True.
ArtifactUnavailableCondition string = "ArtifactUnavailable"
// CheckoutFailedCondition indicates a transient or persistent checkout failure. If True, observations on the
// upstream Source revision are not possible, and the Artifact available for the Source may be outdated.
// This is a "negative polarity" or "abnormal-true" type, and is only present on the resource if it is True.
CheckoutFailedCondition string = "CheckoutFailed"
// SourceVerifiedCondition indicates the integrity of the Source has been verified. If True, the integrity check
// succeeded. If False, it failed. The Condition is only present on the resource if the integrity has been verified.
SourceVerifiedCondition string = "SourceVerified"
// IncludeUnavailableCondition indicates one of the includes is not available. For example, because it does not
// exist, or does not have an Artifact.
// This is a "negative polarity" or "abnormal-true" type, and is only present on the resource if it is True.
IncludeUnavailableCondition string = "IncludeUnavailable"
// ArtifactOutdatedCondition indicates the current Artifact of the Source is outdated.
// This is a "negative polarity" or "abnormal-true" type, and is only present on the resource if it is True.
ArtifactOutdatedCondition string = "ArtifactOutdated"
)
// GitRepositorySpec defines the desired state of a Git repository.
type GitRepositorySpec struct {
// The repository URL, can be a HTTP/S or SSH address.
@ -40,10 +64,8 @@ type GitRepositorySpec struct {
URL string `json:"url"`
// The secret name containing the Git credentials.
// For HTTPS repositories the secret must contain username and password
// fields.
// For SSH repositories the secret must contain identity, identity.pub and
// known_hosts fields.
// For HTTPS repositories the secret must contain username and password fields.
// For SSH repositories the secret must contain 'identity', 'identity.pub' and 'known_hosts' fields.
// +optional
SecretRef *meta.LocalObjectReference `json:"secretRef,omitempty"`
@ -61,16 +83,16 @@ type GitRepositorySpec struct {
// +optional
Reference *GitRepositoryRef `json:"ref,omitempty"`
// Verify OpenPGP signature for the Git commit HEAD points to.
// Verification defines the configuration to verify the OpenPGP signature for the Git commit HEAD points to.
// +optional
Verification *GitRepositoryVerification `json:"verify,omitempty"`
// Ignore overrides the set of excluded patterns in the .sourceignore format
// (which is the same as .gitignore). If not provided, a default will be used,
// consult the documentation for your version to find out what those are.
// Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same as .gitignore).
// If not provided, a default will be used, consult the documentation for your version to find out what those are.
// +optional
Ignore *string `json:"ignore,omitempty"`
// Suspend tells the controller to suspend the reconciliation of this source.
// This flag tells the controller to suspend the reconciliation of this source.
// +optional
Suspend bool `json:"suspend,omitempty"`
@ -82,13 +104,13 @@ type GitRepositorySpec struct {
// +optional
GitImplementation string `json:"gitImplementation,omitempty"`
// When enabled, after the clone is created, initializes all submodules within,
// using their default settings.
// When enabled, after the clone is created, initializes all submodules within, using their default settings.
// This option is available only when using the 'go-git' GitImplementation.
// +optional
RecurseSubmodules bool `json:"recurseSubmodules,omitempty"`
// Extra git repositories to map into the repository
// Include defines a list of GitRepository resources which artifacts should be included in the artifact produced for
// this resource.
Include []GitRepositoryInclude `json:"include,omitempty"`
}
@ -139,11 +161,11 @@ type GitRepositoryRef struct {
// GitRepositoryVerification defines the OpenPGP signature verification process.
type GitRepositoryVerification struct {
// Mode describes what git object should be verified, currently ('head').
// Mode describes what Git object should be verified, currently ('head').
// +kubebuilder:validation:Enum=head
Mode string `json:"mode"`
// The secret name containing the public keys of all trusted Git authors.
// SecretRef containing the public keys of all trusted Git authors.
SecretRef meta.LocalObjectReference `json:"secretRef,omitempty"`
}
@ -157,8 +179,7 @@ type GitRepositoryStatus struct {
// +optional
Conditions []metav1.Condition `json:"conditions,omitempty"`
// URL is the download link for the artifact output of the last repository
// sync.
// URL is the download link for the artifact output of the last repository sync.
// +optional
URL string `json:"url,omitempty"`
@ -174,12 +195,10 @@ type GitRepositoryStatus struct {
}
const (
// GitOperationSucceedReason represents the fact that the git clone, pull
// and checkout operations succeeded.
// GitOperationSucceedReason represents the fact that the git clone, pull and checkout operations succeeded.
GitOperationSucceedReason string = "GitOperationSucceed"
// GitOperationFailedReason represents the fact that the git clone, pull or
// checkout operations failed.
// GitOperationFailedReason represents the fact that the git clone, pull or checkout operations failed.
GitOperationFailedReason string = "GitOperationFailed"
)

12
config/crd/bases/source.toolkit.fluxcd.io_gitrepositories.yaml
View File

@ -58,7 +58,7 @@ spec:
description: Ignore overrides the set of excluded patterns in the .sourceignore format (which is the same as .gitignore). If not provided, a default will be used, consult the documentation for your version to find out what those are.
type: string
include:
description: Extra git repositories to map into the repository
description: Include defines a list of GitRepository resources which artifacts should be included in the artifact produced for this resource.
items:
description: GitRepositoryInclude defines a source with a from and to path.
properties:
@ -105,7 +105,7 @@ spec:
type: string
type: object
secretRef:
description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain username and password fields. For SSH repositories the secret must contain identity, identity.pub and known_hosts fields.
description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain username and password fields. For SSH repositories the secret must contain 'identity', 'identity.pub' and 'known_hosts' fields.
properties:
name:
description: Name of the referent
@ -114,7 +114,7 @@ spec:
- name
type: object
suspend:
description: This flag tells the controller to suspend the reconciliation of this source.
description: Suspend tells the controller to suspend the reconciliation of this source. This flag tells the controller to suspend the reconciliation of this source.
type: boolean
timeout:
default: 20s
@ -125,15 +125,15 @@ spec:
pattern: ^(http|https|ssh)://
type: string
verify:
description: Verify OpenPGP signature for the Git commit HEAD points to.
description: Verification defines the configuration to verify the OpenPGP signature for the Git commit HEAD points to.
properties:
mode:
description: Mode describes what git object should be verified, currently ('head').
description: Mode describes what Git object should be verified, currently ('head').
enum:
- head
type: string
secretRef:
description: The secret name containing the public keys of all trusted Git authors.
description: SecretRef containing the public keys of all trusted Git authors.
properties:
name:
description: Name of the referent