29a40bc195
build(deps): bump the ci group across 1 directory with 3 updates
...
Bumps the ci group with 3 updates in the / directory: [korthout/backport-action](https://github.com/korthout/backport-action ), [anchore/sbom-action](https://github.com/anchore/sbom-action ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `korthout/backport-action` from 3.0.2 to 3.1.0
- [Release notes](https://github.com/korthout/backport-action/releases )
- [Commits](bd410d37cd...be567af183https://github.com/anchore/sbom-action/releases )
- [Commits](ab9d16d4b4...61119d458ahttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](429e197704...f0f3afee80
2024-08-22 11:55:56 +00:00
74e82d2467
Merge pull request #1585 from fluxcd/bucket-sts-endpoint-ldap
...
Add LDAP provider for Bucket STS API
2024-08-22 08:50:09 -03:00
10ac11314d
Add LDAP provider for Bucket STS API
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-08-22 08:41:23 -03:00
7c4fdd5f36
Merge pull request #1536 from matheuscscp/ocirepo-proxy
...
Add proxy support for OCIRepository API
2024-08-15 11:11:07 -03:00
03a118a94c
Add proxy support for OCIRepository API
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-08-15 10:29:57 -03:00
145ed4a0bb
Merge pull request #1583 from fluxcd/cosign-v2.4.0
...
Update cosign to v2.4.0
2024-08-15 12:12:51 +03:00
cfccdb5491
Update cosign to v2.4.0
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2024-08-15 11:18:32 +03:00
5b980f1d02
Merge pull request #1579 from fluxcd/dependabot/github_actions/ci-392b9cf7da
...
build(deps): bump github/codeql-action from 3.26.1 to 3.26.2 in the ci group
2024-08-15 10:34:30 +03:00
da32ec205f
build(deps): bump github/codeql-action in the ci group
...
Bumps the ci group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.26.1 to 3.26.2
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29d86d22a3...429e197704
2024-08-15 07:05:30 +00:00
164e1a7c7d
Merge pull request #1582 from fluxcd/go-1.23
...
Build with Go 1.23
2024-08-15 10:03:29 +03:00
4eaedd54b8
Build with Go 1.23
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2024-08-15 09:52:45 +03:00
d39592f7d9
Merge pull request #1578 from fluxcd/k8s-1.31
...
Update dependencies to Kubernetes v1.31.0
2024-08-15 09:48:34 +03:00
93ad04b6c8
Update dependencies to Kubernetes v1.31.0
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2024-08-14 21:40:29 +03:00
20c9d7f296
Merge pull request #1576 from fluxcd/dependabot/github_actions/ci-da4bee5f54
...
build(deps): bump the ci group across 1 directory with 9 updates
2024-08-14 21:04:59 +03:00
87c564e1f0
build(deps): bump the ci group across 1 directory with 9 updates
...
Bumps the ci group with 9 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout ) | `4.1.6` | `4.1.7` |
| [actions/setup-go](https://github.com/actions/setup-go ) | `5.0.1` | `5.0.2` |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) | `3.0.0` | `3.2.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) | `3.3.0` | `3.6.1` |
| [docker/build-push-action](https://github.com/docker/build-push-action ) | `5.4.0` | `6.7.0` |
| [docker/login-action](https://github.com/docker/login-action ) | `3.2.0` | `3.3.0` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) | `3.5.0` | `3.6.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action ) | `0.16.0` | `0.17.1` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.25.8` | `3.26.1` |
Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9https://github.com/actions/setup-go/releases )
- [Commits](cdcb360436...0a12ed9d6ahttps://github.com/docker/setup-qemu-action/releases )
- [Commits](68827325e0...49b3bc8e6bhttps://github.com/docker/setup-buildx-action/releases )
- [Commits](d70bba72b1...988b5a0280https://github.com/docker/build-push-action/releases )
- [Commits](ca052bb54a...5cd11c3a4chttps://github.com/docker/login-action/releases )
- [Commits](0d4c9c5ea7...9780b0c442https://github.com/sigstore/cosign-installer/releases )
- [Commits](59acb6260d...4959ce089chttps://github.com/anchore/sbom-action/releases )
- [Commits](e8d2a6937e...ab9d16d4b4https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2e230e8fe0...29d86d22a3
2024-08-14 02:39:26 +00:00
e1ff038fca
Merge pull request #1568 from fluxcd/bucket-aws-proxy
...
Add proxy support for AWS S3 buckets
2024-08-11 21:51:52 +01:00
08fff6500a
Merge pull request #1567 from fluxcd/bucket-azure-proxy
...
Add proxy support for Azure buckets
2024-08-11 21:34:12 +01:00
625e672c7a
Add proxy support for AWS S3 buckets
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-08-09 22:26:53 +01:00
b6bd2abe2d
Add proxy support for Azure buckets
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-08-09 22:17:06 +01:00
f494cf8574
Merge pull request #1574 from fluxcd/az-blob-int-visitobjects
...
azure-blob: Fix VisitObjects() in integration test
2024-08-10 00:43:20 +05:30
0618f54717
azure-blob: Fix VisitObjects() in integration test
...
Signed-off-by: Sunny <github@darkowlzz.space>
2024-08-09 18:58:17 +00:00
67f6cba19d
Merge pull request #1565 from matheuscscp/bucket-gcp-proxy
...
Add proxy support for GCS buckets
2024-08-09 19:15:28 +01:00
31ed900a90
Add proxy support for GCS buckets
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-08-09 19:05:10 +01:00
c41c2d6f09
Merge pull request #1552 from matheuscscp/bucket-sts-endpoint
...
Add support for AWS STS endpoint in the Bucket API
2024-08-08 22:20:36 +01:00
7536ab4b02
Add support for AWS STS endpoint in the Bucket API
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-08-08 16:35:01 +01:00
218af573a3
Merge pull request #1516 from bb-Ricardo/main
...
Fix Helm index validation for Artifactory
2024-07-22 19:45:05 +05:30
a65f6fda92
mitigate issue with chart validation in Helm 3.14 #1515
...
Signed-off-by: ricardo.bartels@telekom.de <ricardo.bartels@telekom.de>
2024-07-19 20:07:29 +02:00
58b4e6d719
Merge pull request #1550 from matheuscscp/fix-bucket-err-msg
...
Improve invalid proxy error message for Bucket API
2024-07-16 18:05:00 +05:30
8d19782683
Improve invalid proxy error message for Bucket API
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-07-16 09:57:31 +01:00
54cb2d8fd9
Merge pull request #1539 from matheuscscp/debug-dup-subcharts
...
Fix HelmChart local dependency resolution for name-based path
2024-07-10 15:01:30 +01:00
d941101697
Fix HelmChart local dependency resolution for name-based path
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-07-10 12:09:59 +01:00
8d8e7cc982
Merge pull request #1529 from octo/fix-conditions-usage
...
Fix incorrect use of format strings with the `conditions` package.
2024-07-05 17:14:46 +03:00
277e5c1d55
Prefer `%s` over `%v` when formatting errors.
...
Signed-off-by: Florian Forster <fforster@gitlab.com>
2024-07-05 15:55:33 +02:00
fa3022443c
fix: Print `strings.Builder` by calling `String()` explicitly.
...
The `String()` method is only defined for the pointer receiver.
Signed-off-by: Florian Forster <fforster@gitlab.com>
2024-07-05 15:55:32 +02:00
8be37ef1d2
Fix incorrect use of format strings with the `conditions` package.
...
Many of the functions in the `conditions` package accept a format string and
(optional) arguments, just like `fmt.Printf` and friends.
In many places, the code passed an error message as the format string, causing
it to be interpreted by the `fmt` package. This leads to issues when the
message contains percent signs, e.g. URL-encoded values.
Consider the following code:
```go
// internal/controller/ocirepository_controller.go
revision, err := r.getRevision(ref, opts)
if err != nil {
e := serror.NewGeneric(
fmt.Errorf("failed to determine artifact digest: %w", err),
ociv1.OCIPullFailedReason,
)
conditions.MarkTrue(obj, sourcev1.FetchFailedCondition, e.Reason, e.Err.Error())
return sreconcile.ResultEmpty, e
}
```
Since `getRevision()` includes the URL in the error message and the error
message is used as a format string, the resulting condition reads:
```
failed to determine artifact digest: GET https://gitlab.com/jwt/auth?scope=repository%!A(MISSING)fforster%!F(MISSING) <REDACTED>%!F(MISSING)k8s-resource-manifests%!A(MISSING)pull&service=container_registry: DENIED: access forbidden
```
This adds an explicit format string and shortens `e.Error()` and
`e.Err.Error()` to `e`, which yields the same output.
To the best of my knowledge, Go is safe from format string attacks. I **don't**
think this is a security vulnerability, but I'm also not a security expert.
Signed-off-by: Florian Forster <fforster@gitlab.com>
2024-07-05 15:55:31 +02:00
3c0dda47d3
Merge pull request #1535 from matheuscscp/matheuscscp-maintainer
...
Add matheuscscp as maintainer
2024-07-05 09:30:10 +03:00
b5d881357f
Add matheuscscp as maintainer
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-07-03 15:33:53 +01:00
c7e8330442
Merge pull request #1500 from matheuscscp/bucket-generic-proxy
...
Add support for `.spec.proxySecretRef` for generic provider of Bucket API
2024-07-03 17:20:11 +03:00
4d9c87cf3f
Add support for .spec.proxySecretRef for generic provider of Bucket API
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-07-03 15:10:47 +01:00
59ad5a72ee
Merge pull request #1512 from fluxcd/gha-arm64
...
Run ARM64 tests on GitHub runners
2024-06-14 12:13:29 +03:00
7e70497c6c
Run ARM64 tests on GitHub runners
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2024-06-14 11:41:44 +03:00
09575db5ca
Merge pull request #1490 from fluxcd/fix-1485
...
helm: Use the default transport pool to preserve proxy settings
2024-06-14 09:01:56 +02:00
b310a851c7
Use the transport pool
...
If implemented, A transport from the pool with safe defaults will be used when creating an oci registry client.
This will enable using the proxy configuration.
Signed-off-by: Soule BA <bah.soule@gmail.com>
2024-06-14 08:50:33 +02:00
7e69f0835b
Merge pull request #1507 from fluxcd/dependabot/github_actions/ci-e906b6679e
...
build(deps): bump the ci group across 1 directory with 7 updates
2024-06-11 09:44:20 +03:00
dc4b1c0ea9
Adapt config to GoRelease v2
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2024-06-11 09:35:42 +03:00
c3be752254
build(deps): bump the ci group across 1 directory with 7 updates
...
Bumps the ci group with 7 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout ) | `4.1.4` | `4.1.6` |
| [korthout/backport-action](https://github.com/korthout/backport-action ) | `2.5.0` | `3.0.2` |
| [docker/build-push-action](https://github.com/docker/build-push-action ) | `5.3.0` | `5.4.0` |
| [docker/login-action](https://github.com/docker/login-action ) | `3.1.0` | `3.2.0` |
| [anchore/sbom-action](https://github.com/anchore/sbom-action ) | `0.15.11` | `0.16.0` |
| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) | `5.0.0` | `6.0.0` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.25.3` | `3.25.8` |
Updates `actions/checkout` from 4.1.4 to 4.1.6
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...a5ac7e51b4https://github.com/korthout/backport-action/releases )
- [Commits](ef20d86abc...bd410d37cdhttps://github.com/docker/build-push-action/releases )
- [Commits](2cdde995de...ca052bb54ahttps://github.com/docker/login-action/releases )
- [Commits](e92390c5fb...0d4c9c5ea7https://github.com/anchore/sbom-action/releases )
- [Commits](7ccf588e3c...e8d2a6937ehttps://github.com/goreleaser/goreleaser-action/releases )
- [Commits](7ec5c2b0c6...286f3b13b1https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d39d31e687...2e230e8fe0
2024-06-11 02:34:11 +00:00
81b4dd0ea4
Merge pull request #1475 from matheuscscp/bucket-cert-secret
...
Add `.spec.certSecretRef` to Bucket API
2024-05-22 15:55:54 +03:00
bc16734391
Add .certSecretRef for Bucket API
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-05-15 19:44:05 +01:00
b41c6532a7
Merge pull request #1479 from matheuscscp/new-release-label
...
Add 1.3.x release label
2024-05-08 17:07:07 +03:00
22ac6b2abc
Add 1.3.x release label
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2024-05-08 14:27:28 +01:00
dependabot[bot]
Matheus Pimenta
Stefan Prodan
Sunny
Sunny
ricardo.bartels@telekom.de
Florian Forster
souleb