- Attempt short-circuiting clone only when the artifact is already in the
storage.
- A successful no-op clone need not return an error, but a partial
commit which contains only a hash + reference.
- On no-op clone, reconcileSource() populates the source build dir by
copying the existing artifact and lets the reconciliation continue.
- Reconciliation is not skipped to allow other subreconcilers to operate
on other parts of GitRepo object like include, ignore, etc, when
attributes associated with them change but the remote repo has not
changed.
- Add a function IsConcreteCommit() to differentiate between partial and
concrete commit.
- Update and simplify go-git and libgit2 no-op clone tests.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
OptimizedGitClones decreases resource utilization for GitRepository
reconciliations. It supports both go-git and libgit2 implementations
when cloning repositories using branches or tags.
This is an opt-out feature, which can be disabled by starting the
controller with the argument '--feature-gates=OptimizedGitClones=false'.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
"identity.pub" is referenced multiple times in CRDs and docs. This secret
is however never used in any place. Instead, the public key is derived from
the "identity" private key.
This commit/PR removes all traces of "identity.pub" from v1beta2 CRDs and
docs.
Signed-off-by: Alexander Block <ablock84@gmail.com>
Details about the source reference, reconcile strategy and artifact
revision value based on the reconcile strategy.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
Added Support for Google Cloud Storage with Workload Identity as
Source Provider. This enables the use of GCP without enabling S3
compatible access.
Signed-off-by: pa250194 <pa250194@ncr.com>
This commit adds a `ReconcileStrategy` field to the `HelmChart` resource, which
allows defining when a new chart should be packaged and/or published if it
originates from a `Bucket` or `GitRepository` resource.
The two available strategies are:
- `ChartVersion`: creates a new artifact when the version of the Helm chart as
defined in the `Chart.yaml` from the Source is different from the current
version.
- `Revision`: creates a new artifact when the revision of the Source is
different from the current revision.
For the `Revision` strategy, the (checksum part of the) revision of the
artifact the chart originatesfrom is added as SemVer metadata.
A chart from a `GitRepository` with Artifact revision
`main/f0faacd5164a875ebdbd9e3fab778f49c5aadbbc` and a chart with e.g. SemVer
`0.1.0` will be published as `0.1.0+f0faacd5164a875ebdbd9e3fab778f49c5aadbbc`.
A chart from a `Bucket` with Artifact revision
`f0faacd5164a875ebdbd9e3fab778f49c5aadbbc` and a chart with e.g. SemVer `0.1.0`
will be published as `0.1.0+f0faacd5164a875ebdbd9e3fab778f49c5aadbbc`.
Signed-off-by: Dylan Arbour <arbourd@users.noreply.github.com>
Added Support for Google Cloud Storage with Workload Identity as Source Provider. This enables the use of GCP without enabling S3 compatible access.
Signed-off-by: pa250194 <pa250194@ncr.com>
v3.6.1 is a a security update from Helm, ensuring that credentials are
always only passed to the defined repository host.
Based on Helm user reports, disabling this behavior may be required for
some Helm repository solutions like Artifactory, and may be done by
setting `PassCredentials` in the `HelmRepositorySpec`.
For more information, see:
https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf
Signed-off-by: Hidde Beydals <hello@hidde.co>
Sunny
Paulo Gomes
Alexander Block
Soule BA
Hidde Beydals
Stefan Prodan
pa250194
Dylan Arbour
Philip Laine
Sam Tavakoli
Jonathan Innis
Philip Laine
Tomas Virgl
Yiannis