fluxcd
/
source-controller
mirror of https://github.com/fluxcd/source-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,566 Commits 28 Branches 272 Tags 16 MiB
Commit Graph

157 Commits

Author SHA1 Message Date
Hidde Beydals 3257d222f1 Release v0.22.2 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2022-03-23 19:46:31 +01:00
Hidde Beydals ec6d2f42c2 Release v0.22.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2022-03-23 10:47:46 +01:00
Hidde Beydals 1711fcaed1 Release v0.22.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2022-03-17 18:32:00 +01:00
Stefan Prodan e3e9deb3fd
Release v0.21.2 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-02-07 11:50:32 +02:00
Hidde Beydals 01946f22a3 Release v0.21.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2022-01-27 11:16:21 +01:00
Stefan Prodan 2049246adf
Release v0.21.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-01-26 15:38:10 +02:00
Maksym Voitko 44836641a8 Fix the missing protocol for the first port in manager config 
Signed-off-by: Maksym Voitko <max.voitko@gmail.com>
 2022-01-25 00:43:35 +02:00
Paulo Gomes 9ba76a1f94
Enforce runAsNonRoot 
BREAKING CHANGE: the controller container is now executed under 65534:65534 (userid:groupid). This change may break deployments that hard-coded the user name 'controller' in their PodSecurityPolicy.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
 2022-01-19 14:57:26 +00:00
Paulo Gomes 7b04b44706
security: Drop capabilities and enable seccomp 
Further restricts the SecurityContext that the controller runs under, by enabling the default seccomp profile and dropping all linux capabilities.
This was set at container-level to ensure backwards compatibility with
use cases in which sidecars are injected into the source-controller pod
without setting less restrictive settings.

BREAKING CHANGE: The use of new seccomp API requires Kubernetes 1.19.

Co-authored-by: Sanskar Jaiswal <sanskar.jaiswal@weave.works>
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
 2022-01-19 14:57:25 +00:00
Stefan Prodan 9b6726cc19
Release v0.20.1 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-01-07 11:00:29 +02:00
Stefan Prodan c1ad3aade5
Release v0.20.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2022-01-05 16:30:03 +02:00
Hidde Beydals 981d457d97 Release v0.19.2 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-12-09 15:11:12 +01:00
Hidde Beydals 865523a077 Release v0.19.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-12-03 13:40:09 +01:00
Hidde Beydals 30ae5565cb Release v0.19.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-11-23 10:32:02 +01:00
Stefan Prodan f26ce87c0d
Release v0.18.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-11-12 14:51:44 +02:00
Sunny ede3295bd6 Release v0.17.2 
Signed-off-by: Sunny <darkowlzz@protonmail.com>
 2021-11-04 17:19:23 +05:30
Hidde Beydals d98cfaa815 Release v0.17.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-10-30 11:36:28 +02:00
Hidde Beydals 4d7812ea64 Release v0.17.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-10-28 15:11:58 +02:00
Hidde Beydals bef17ae851 Release v0.16.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-10-22 14:24:22 +02:00
Hidde Beydals 7cc6124a4e Release v0.16.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-10-08 12:00:03 +02:00
Hidde Beydals fd1b3ce0bb Release v0.15.4 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-08-05 13:45:07 +02:00
Stefan Prodan be9f05baf1
Release v0.15.3 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-06-29 12:27:52 +03:00
Hidde Beydals bec2d83c2b Release v0.15.2 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-06-22 14:05:36 +02:00
Hidde Beydals 7013af77c5 Release v0.15.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-06-18 12:54:34 +02:00
Stefan Prodan 50c15b81b3
Release v0.15.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-06-17 18:51:09 +03:00
Hidde Beydals 3c1a27a7c3 Release v0.14.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-06-08 14:19:05 +02:00
Hidde Beydals bbbb3174cd Release v0.13.2 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-06-02 12:03:26 +02:00
Stefan Prodan b3aa9548ec
Release v0.13.1 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-05-28 11:17:27 +03:00
Stefan Prodan 145a82a429
Release v0.13.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-05-26 14:45:14 +03:00
Hidde Beydals ba5bd31572 Release v0.12.2 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-05-10 16:14:52 +02:00
Hidde Beydals fe995a74bf Release v0.12.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-04-23 11:35:34 +02:00
Stefan Prodan bd0f1fdd19
Release v0.12.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-04-21 17:57:50 +03:00
Stefan Prodan 89c37039fb
Release v0.11.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-03-31 17:42:40 +03:00
Hidde Beydals 2c084ba825 Release v0.10.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-03-26 13:41:18 +01:00
Hidde Beydals 1a4b2662e6 Release v0.9.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-03-15 12:29:48 +01:00
Stefan Prodan f818317d39
Release v0.9.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-02-23 15:08:16 +02:00
Hidde Beydals f2dfa2d0cb Release v0.8.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-02-18 10:26:55 +01:00
Hidde Beydals cae8241e17 Release v0.8.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-02-12 12:07:28 +01:00
Stefan Prodan e1ee5104e3
Add fsGroup to pod security context 
Required for AWS IAM Role bindings

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-02-07 18:34:11 +02:00
Hidde Beydals 7ae5857e13 Release v0.7.4 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-02-03 12:53:00 +01:00
Hidde Beydals cfab200bf6 Release v0.7.3 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-02-02 12:16:53 +01:00
Hidde Beydals 16c6a07504 Use Recreate strategy for controller deployment 
- Prevents a deadlock in active-passive HA setups with multiple
  replicas and during upgrades that previously occurred. As the
  leader election would be held hostage by the previous replica
  set due to the rolling update strategy.
- Ensures backing persistent (RW) volumes can safely be used, as
  they can not be shared and will not become available to the next
  pod without recreating all.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-02-02 11:40:52 +01:00
Hidde Beydals 77d28a0ed0 Release v0.7.2 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-02-01 15:55:39 +01:00
Hidde Beydals c665907540 Use controller-runtime health probe for liveness 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-02-01 15:00:17 +01:00
Hidde Beydals 144754112b Release v0.7.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-01-25 23:02:05 +01:00
Hidde Beydals 2effa7c0b6 Release v0.7.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-01-21 17:43:57 +01:00
Hidde Beydals a050f6457c Release v0.6.3 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-01-19 11:21:38 +01:00
Stefan Prodan 057c134bfa
Release v0.6.2 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-01-16 15:12:56 +02:00
Hidde Beydals b979574454 Release v0.6.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-01-14 12:05:14 +01:00
Hidde Beydals fa257b13f3 Release v0.6.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-01-12 12:41:45 +01:00
Hidde Beydals fda481efe9 Upgrade controller-runtime to v0.7.0 
This commit upgrades the `controller-runtime` dependency to `v0.7.0`,
including all changes required to make all wiring work again.

- Upgrade `runtime` to v0.6.0 to include `controller-runtime` changes.
- Loggers have been removed from the reconcilers and are now retrieved
  from the `context.Context` passed to the `Reconcile` method and
  downwards functions.
- Logger configuration flags are now bound to the flag set using
  `BindFlags` from `runtime/logger`, ensuring the same contract across
  GitOps Toolkit controllers, and the `--log-json` flag has been
  deprecated in favour of the `--log-encoding=json` default.
- The `ChangePredicate` from `runtime` has changed to a
  `ReconcilateAtChangedPredicate`, and is now chained with the
  `GenerationChangedPredicate` from `controller-runtime` using
  `predicate.Or`.
- Signatures that made use of `runtime.Object` have changed to
  `client.Object`, removing the requirement to e.g. call
  `runtime.Object#Object`.
- The `client.MatchingField` function was deprecated, and has been
  replaced with `client.MatchingFields{}`.
- The `leader-election-role` was changed, as leader election now works
  via the `coordination/v1` API.

Other notable changes:

- `util.ObjectKey` was added to easily construct a `client.ObjectKey` /
  `types.NamespacedName` from a `metav1.Object`.
- The `SourceIndexKey` constant has been split out into
  `{GitRepository,HelmRepository,Bucket}IndexKey` constants.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-18 19:17:10 +01:00
Hidde Beydals 5286cb0f90 Release v0.5.6 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-18 11:32:12 +01:00
Hidde Beydals b46f32cd3f Release v0.5.5 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-16 15:50:00 +01:00
Stefan Prodan fd08e9f678
Release v0.5.4 
Fix for ARMv7

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-12-12 14:34:12 +02:00
Hidde Beydals 21a007e7eb Release v0.5.3 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-11 16:29:43 +01:00
Hidde Beydals 6520490c62 Release v0.5.2 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-11 14:33:22 +01:00
Hidde Beydals fa71f3269b Allow overwrite of advertised storage addr 
The added `--storage-adv-addr` flag allows overwriting the HTTP address
advertised in the status objects of the sources. This allows for finer
grain configuration in setups where a modified service is used, or where
the DNS resolution differs from the Kubernetes defaults.

When the flag is omitted, an attempt is made to determine the address
based on the configured `--storage-addr` and the `HOSTNAME`.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-11 14:07:27 +01:00
Hidde Beydals e8888e2896 Release v0.5.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-10 00:22:32 +01:00
Hidde Beydals 3fdd95713c Release v0.5.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-09 19:15:20 +01:00
Hidde Beydals 0e44d13870 Release v0.4.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-11-26 18:30:04 +01:00
Hidde Beydals e19bb4e62d Release v0.4.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-11-26 14:41:56 +01:00
Stefan Prodan 81d8830aa4
Release v0.3.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-19 19:07:56 +02:00
Stefan Prodan 33a693060b
Release v0.2.2 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-12 17:27:43 +02:00
Hidde Beydals 08c4254464 Release v0.2.1 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-10-30 19:59:21 +01:00
Hidde Beydals a3f7b1d5b2 Release v0.2.0 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-10-29 12:35:51 +01:00
Stefan Prodan 987e562922
Release v0.1.1 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-13 17:52:59 +03:00
Hidde Beydals c176dcf3a9 Release v0.1.0 2020-09-30 17:37:23 +02:00
stefanprodan 501b4ac6ab Release v0.0.18 2020-09-23 13:05:18 +03:00
stefanprodan 924e0124b4 Release v0.0.17 2020-09-18 16:44:59 +03:00
stefanprodan bdabea02ab Release v0.0.16 2020-09-12 10:36:17 +03:00
stefanprodan 800efe6664 Add watch all namespaces flag 2020-09-11 15:57:36 +03:00
Hidde Beydals 3e04d16292 Release v0.0.15 2020-09-11 13:52:32 +02:00
stefanprodan 86c8b0c9bd Configure manager logging and set level to info 2020-09-09 15:22:03 +03:00
stefanprodan 5126da855e Release v0.0.14 2020-09-04 15:41:12 +03:00
Hidde Beydals 91fa9acdc3 Release v0.0.13 2020-09-01 16:53:29 +02:00
Hidde Beydals c229af95b0 Release v0.0.12 2020-08-31 17:16:32 +02:00
stefanprodan f47eb995fe Release v0.0.10 2020-08-18 14:40:12 +03:00
Hidde Beydals 3a1894482c Release v0.0.9 2020-08-17 15:27:10 +02:00
stefanprodan 0a1cf8c4e3 Release v0.0.8 2020-08-12 17:20:25 +03:00
stefanprodan 3e76138806 Release v0.0.7 2020-07-31 09:22:16 +03:00
stefanprodan 7182d9f1f3 Release v0.0.6 2020-07-20 13:24:49 +03:00
stefanprodan 780b4388a3 Release v0.0.5 2020-07-13 16:35:22 +03:00
Hidde Beydals d98882462e Setup production logging 
For production the log format is JSON, the timestamps format is ISO8601
and stack traces are logged when the level is set to debug.
 2020-07-13 11:02:46 +02:00
stefanprodan d1052ffd8b Release v0.0.4 2020-07-10 16:19:29 +03:00
stefanprodan 4cee48c385 Release v0.0.3 2020-07-09 15:30:01 +03:00
stefanprodan 7140305620 Release v0.0.2 2020-07-03 10:27:42 +03:00
stefanprodan c9681ae949 Change ports: 8080 for metrics and 9090 for storage 2020-07-03 08:48:07 +03:00
Hidde Beydals 283c0a5275 Release v0.0.1 2020-06-24 16:17:39 +02:00
stefanprodan af2cb9c23e Release v0.0.1-beta.2 2020-06-10 11:09:36 +03:00
stefanprodan a45536adbc Release v0.0.1-beta.1 2020-05-29 18:01:03 +03:00
stefanprodan 937a665e4a Release v0.0.1-alpha.6 2020-05-06 10:48:34 +03:00
stefanprodan 913c2eec0d Release v0.0.1-alpha.5 2020-04-30 16:48:42 +03:00
stefanprodan 86117cf2eb Release v0.0.1-alpha.4 2020-04-28 14:58:04 +03:00
stefanprodan 4282189591 Release v0.0.1-alpha.3 2020-04-27 12:11:34 +03:00
Hidde Beydals 98cade9443 Release v0.0.1-alpha.2 2020-04-24 14:01:19 +02:00
stefanprodan 7ef9218de9 deploy: reusable config 2020-04-24 12:17:33 +03:00
Stefan Prodan f469418dcd
Merge pull request #38 from fluxcd/nonroot 
build: run controller as a non-root user
 2020-04-24 12:10:50 +03:00
stefanprodan a6a41eeec5 deploy: add liveness and readiness probes 2020-04-24 11:56:51 +03:00
stefanprodan d0cdb6b029 deploy: add container security context 
- deny privilege escalation
- set readonly root fs
- add tmp emptyDir volume
 2020-04-24 11:45:23 +03:00
stefanprodan eeab85c0cb controllers: add JSON logging cmd flag 2020-04-24 10:05:32 +03:00