Commit Graph

1121 Commits

Author SHA1 Message Date
Hidde Beydals c4d7e46b90 Drop deprecated `io/ioutil`
The package has been deprecated since Go 1.16, see:
https://golang.org/doc/go1.16#ioutil

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-07-29 09:58:00 +02:00
Hidde Beydals be5d10eaac
Merge pull request #403 from fluxcd/bucket-revision-path
Take relative paths in account for Bucket revision
2021-07-26 14:01:44 +02:00
Hidde Beydals f5cb441a82 Take relative paths in account for Bucket revision
This commit changes the checksum method which is used to calculate the
revision of a Bucket source, so that the file paths are taken into
account and directory structure changes can be observed.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-07-26 10:54:39 +02:00
Hidde Beydals dbaf8bf458
Merge pull request #405 from darkowlzz/client-objectkeyfromobject
Use ObjectKeyFromObject instead of ObjectKey
2021-07-26 10:48:19 +02:00
Sunny 9825a60b74
Use ObjectKeyFromObject instead of ObjectKey
controller-runtime's client package provides ObjectKeyFromObject() to
extract NamespacedName from a given object. ObjectKey() in
internal/util package is a helper for the same. Replace the internal
helper with controller-runtime's helper for the same.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
2021-07-26 04:35:08 +05:30
Hidde Beydals 40a47670aa
Merge pull request #400 from fluxcd/update-deps
Update Helm to v3.6.3
2021-07-15 11:10:29 +02:00
Hidde Beydals 5e8e0ab65c Update Helm to v3.6.3
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-07-14 23:24:26 +02:00
Stefan Prodan c6ae5e779a
Merge pull request #396 from fluxcd/debug-e2e
Print pods status on e2e failures
2021-06-29 17:04:00 +03:00
Stefan Prodan 25a2428b80
Print pods status on e2e failures
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-06-29 16:40:15 +03:00
Stefan Prodan 5c170bfdc3
Merge pull request #395 from fluxcd/release-v0.15.3
Release v0.15.3
2021-06-29 13:37:28 +03:00
Stefan Prodan be9f05baf1
Release v0.15.3
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-06-29 12:27:52 +03:00
Stefan Prodan 887d2c5e50
Merge pull request #394 from bburky/libgit2-tag-checkout
Fix tag checkout with libgit2
2021-06-29 11:54:03 +03:00
Blake Burkhart 0df2b0e0f0 Fix tag checkout with libgit2
SetHeadDetached (git_repository_set_head_detached) only changes HEAD,
and does not actually checkout the files on disk. Use CheckoutHead with
the CheckoutForce Strategy to actually check the files out on disk.

Additionally add a test that validates the hash of a checked out file's
contents.

Previously, the hash of the desired tag was being reported as the
checked out revision by the GitRepository. However the wrong files were
checked out and an incorrect revision would be deployed by Flux.

Signed-off-by: Blake Burkhart <blake.burkhart@us.af.mil>
2021-06-28 20:03:11 -05:00
Hidde Beydals 76aa40d290
Merge pull request #392 from fluxcd/release-v0.15.2
Release v0.15.2
2021-06-22 14:22:51 +02:00
Hidde Beydals bec2d83c2b Release v0.15.2
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-22 14:05:36 +02:00
Hidde Beydals 221d0992ff
Merge pull request #391 from fluxcd/libgit2-unstable 2021-06-22 14:04:02 +02:00
Hidde Beydals 2c63246ede Change large-repo-* ref.branch to main
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-22 13:01:36 +02:00
Hidde Beydals fdb0a0b8c1 Use Debian Slim image in GitHub action
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-22 13:01:31 +02:00
Hidde Beydals c7e7b61e34 Use libgit2 from "unstable" / "sid"
We received reports from users no longer being able to clone Git
repositories using libgit2 because of errors during the cloning
attempt: `error: Failed to authenticate SSH session: Unable to extract
public key from private key.`

After an extensive scavenger hunt I was able to pinpoint the issue to
`libssh2` being linked against `libgcrypt` instead of `openssl`. The
problem with this is that the libgcrypt backend in libssh2 contains
a hand written slimmed down ASN.1 parser to read out keys, while the
OpenSSL backend in libssh2 uses OpenSSL, which supports a lot more
formats (and more specifically, most PKCS* formats).

As Debian's bullseye/testing repository has been frozen, and a
backport has not been made available yet, fetching the dependency from
"unstable" seems to be the best option for now, as this has `libssh2`
available including OpenSSL.

Ref: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668271

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-22 13:00:16 +02:00
Hidde Beydals 850157cc7a
Merge pull request #390 from fluxcd/release-v0.15.1
Release v0.15.1
2021-06-18 13:11:06 +02:00
Hidde Beydals 7013af77c5 Release v0.15.1
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-18 12:54:34 +02:00
Hidde Beydals 4a0ce41038
Merge pull request #388 from fluxcd/update-deps
Update Helm to v3.6.1
2021-06-18 12:48:49 +02:00
Hidde Beydals 1f27410b34 Update Helm to v3.6.1
v3.6.1 is a a security update from Helm, ensuring that credentials are
always only passed to the defined repository host.

Based on Helm user reports, disabling this behavior may be required for
some Helm repository solutions like Artifactory, and may be done by
setting `PassCredentials` in the `HelmRepositorySpec`.

For more information, see:
https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-18 12:31:23 +02:00
Stefan Prodan 1a75415103
Merge pull request #389 from fluxcd/release-v0.15.0
Release v0.15.0
2021-06-17 19:09:05 +03:00
Stefan Prodan 50c15b81b3
Release v0.15.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-06-17 18:51:09 +03:00
Hidde Beydals a1581ec185
Merge pull request #386 from fluxcd/armv7-goldlink-patch
Use Debian instead of Alpine for multi-arch builds
2021-06-17 16:28:39 +02:00
Hidde Beydals 44dd9d7e28
Merge pull request #387 from fluxcd/panic-non-nil-err
Panic on non-nil AddToScheme errors in main init
2021-06-17 16:14:41 +02:00
Hidde Beydals 7e6b88e91c Use Debian instead of Alpine in container image
This commit changes the base image for the build and controller
container images to Debian slim.

Reason for this is that it has proven to be hard to produce working
executables for AMD64, ARM64 and ARMv7 at all times using Alpine,
due to them being dynamically linked and compiled using CGO, and
Alpine having constraints like musl that create an extra barrier,
especially in combination with our exotic set of dependency
constraints.

There are a number of trade-offs we have to live with by doing this,
not limited to:

* An increased build time, the full release pipeline used to take 25-35
  minutes, based on the images we have build for testing purposes this
  seems to have become 35-40 minutes.
* An increased image size of roughly two times the (compressed) size of
  the Alpine based image.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-17 16:12:33 +02:00
Hidde Beydals 896489680e Panic on non-nil AddToScheme errors in main init
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-17 15:38:24 +02:00
Hidde Beydals 3af8962fd8
Merge pull request #382 from fluxcd/unpin-docker-dep
Unpin docker Go Module dependency
2021-06-10 17:57:36 +02:00
Hidde Beydals 2d8a540f0c Unpin docker Go Module dependency
No longer required as we do now depend on Helm v3.6.0, which no longer
pins the version.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-10 16:48:00 +02:00
Hidde Beydals 53ea50f1ba
Merge pull request #380 from fluxcd/patch-changelog
Patchup: add missing bit of text
2021-06-09 16:04:22 +02:00
Hidde Beydals 2e46791d2b Patchup: add missing bit of text
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-09 15:46:19 +02:00
Hidde Beydals d0d2c0e215
Merge pull request #379 from fluxcd/release-v0.14.0
Release v0.14.0
2021-06-09 15:25:23 +02:00
Hidde Beydals ffd018187d Release v0.14.0
This includes the `binutils-gold` patches required to make the Docker
images build properly.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-09 15:03:04 +02:00
Hidde Beydals 7f67fb7b86
Merge pull request #377 from fluxcd/armv7-gold-patch
Use `binutils-gold` in builder image
2021-06-09 14:58:43 +02:00
Hidde Beydals a0c0423acc
Merge pull request #378 from fluxcd/nightly-build-img-name 2021-06-09 13:01:16 +02:00
Hidde Beydals 827509e10f Use `binutils-gold` in builder image
There seems to have been a change in the dependencies that now causes
ARMv7 builds to fail:

```
    sigs.k8s.io/kustomize/kyaml/yaml/merge3=$WORK/b742/_pkg_.a
    sigs.k8s.io/kustomize/kyaml/yaml/internal/k8sgen/pkg/util/errors=$WORK/b678/_pkg_.a
    -importcfg $WORK/b001/importcfg.link -buildmode=exe
-buildid=YHfd11eGufJ7RVGSGz2z/H9JgY3lbjsdhQ8_r06Gz/HiYQEtSgCAIHJ7rrNYN6/YHfd11eGufJ7RVGSGz2z
-extld=gcc $WORK/b001/_pkg_.a
    exit status 1
    -c CGO_ENABLED=1 go build -x -o source-controller main.go]: exit
code: 2
```

After trying various things, including downgrading Go, using
packages from `edge`, using `gcc-go` to get a "grouped" version of
the dependencies, it seems that using `binutils-gold` solves the issue
and produces a working build for all our target architectures.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-09 12:59:20 +02:00
Hidde Beydals 8acb8cd688 Use `github.repository` property for image name
As the `github.event.repository.name` property is not always available,
for example when the action gets triggered by a cron job.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-09 11:49:20 +02:00
Stefan Prodan 39e9602ada
Merge pull request #376 from fluxcd/nightly-builds
Add nightly builds workflow
2021-06-08 20:58:47 +03:00
Stefan Prodan 203263fcfd
Add nightly builds workflow
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-06-08 19:42:46 +03:00
Hidde Beydals 1aa997cb3c
Merge pull request #375 from fluxcd/release-v0.14.0
Release v0.14.0
2021-06-08 14:48:37 +02:00
Hidde Beydals 3c1a27a7c3 Release v0.14.0
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-08 14:19:05 +02:00
Hidde Beydals 1c08b176f0
Merge pull request #374 from fluxcd/dep-update
Update K8s, controller-runtime and fluxcd/pkg deps
2021-06-08 14:06:47 +02:00
Hidde Beydals a76b10cebb Update K8s, controller-runtime and fluxcd/pkg deps
Controller-runtime has been updated to `v0.9.0`, K8s dependencies to
`v0.21.1`, and all `fluxcd/pkg` and other dependencies to the versions
that have matching dependencies and/or build constraints.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-08 13:41:34 +02:00
Stefan Prodan bfd72479a6
Merge pull request #372 from fluxcd/git-timeout
Reinstate Git cloning timeout
2021-06-02 17:59:06 +03:00
Stefan Prodan b8128cf58b
Reinstate Git cloning timeout
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2021-06-02 14:21:29 +03:00
Hidde Beydals 4087834e8e
Merge pull request #371 from fluxcd/release-v0.13.2
Release v0.13.2
2021-06-02 12:22:48 +02:00
Hidde Beydals bbbb3174cd Release v0.13.2
Signed-off-by: Hidde Beydals <hello@hidde.co>
2021-06-02 12:03:26 +02:00
Hidde Beydals c251785f69
Merge pull request #370 from fluxcd/go-git-patch 2021-06-02 12:02:26 +02:00