11d629af4b
build(deps): bump helm/kind-action from 1.5.0 to 1.7.0
...
Bumps [helm/kind-action](https://github.com/helm/kind-action ) from 1.5.0 to 1.7.0.
- [Release notes](https://github.com/helm/kind-action/releases )
- [Commits](d8ccf8fb62...fa81e57adf
2023-05-22 03:05:26 +00:00
2678c75894
Merge pull request #1095 from fluxcd/release-v1.0.0-rc.3
...
Release v1.0.0-rc.3
2023-05-12 12:09:47 +02:00
96bf87261e
Release v1.0.0-rc.3
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2023-05-12 11:53:59 +02:00
1d5f118b5a
Merge pull request #1091 from ajhall/gitrepository-bearer-token-docs
...
docs: Add note about bearer token auth with popular Git servers
2023-05-12 11:37:49 +02:00
420a8e6526
Add note about bearer token auth with Git servers
...
Clarify that some popular Git servers require the bearer token to be
provided as basic auth credentials instead of in the Authorization
header.
Signed-off-by: Andy Hall <andy@ajhall.us>
2023-05-12 11:26:12 +02:00
fcc6ec36b7
Merge pull request #1094 from rashedkvm/executable-permission
...
storage: set `0o744` for files with exec mode set
2023-05-12 11:05:29 +02:00
2736b748e6
storage: set `0o744` for files with exec mode set
...
This commit ensures that files with exec permissions set continue to be
executable by the user extracting the archive.
This is not of use to any of Flux itself, but does help downstream
dependents making use of the controller to facilitate artifact
acquisitions for their (CI/CD) software suite.
Co-authored-by: Hidde Beydals <hidde@hhh.computer>
Signed-off-by: Rashed Kamal <krashed@vmware.com>
2023-05-12 10:11:08 +02:00
8d9b0f4645
Merge pull request #1092 from fluxcd/dependabot/go_modules/github.com/cloudflare/circl-1.3.3
...
build(deps): bump github.com/cloudflare/circl from 1.3.2 to 1.3.3
2023-05-12 10:02:29 +03:00
b185a0b74f
build(deps): bump github.com/cloudflare/circl from 1.3.2 to 1.3.3
...
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl ) from 1.3.2 to 1.3.3.
- [Release notes](https://github.com/cloudflare/circl/releases )
- [Commits](https://github.com/cloudflare/circl/compare/v1.3.2...v1.3.3 )
---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-12 05:31:52 +00:00
1c6cda510c
Merge pull request #1093 from fluxcd/dependabot/go_modules/github.com/docker/distribution-2.8.2incompatible
...
build(deps): bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible
2023-05-12 08:29:54 +03:00
909387deda
build(deps): bump github.com/docker/distribution
...
Bumps [github.com/docker/distribution](https://github.com/docker/distribution ) from 2.8.1+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases )
- [Commits](https://github.com/docker/distribution/compare/v2.8.1...v2.8.2 )
---
updated-dependencies:
- dependency-name: github.com/docker/distribution
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-11 20:50:27 +00:00
5c5b8222c0
Merge pull request #1088 from fluxcd/verify-storage-digest
...
Verify digest of artifact in storage
2023-05-10 17:31:40 +02:00
6f762c7ef6
storage: change methods to value receiver
...
Given:
- None of the methods of the `Storage` are mutating the storage
itself.
- It must be instantiated to be usable, as there is a strict
reliance on values.
- The struct itself is light.
This seems to be more fitting.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2023-05-10 17:09:48 +02:00
3c87ad64e4
controller: verify digest of artifact in storage
...
This commits adds verification of the digest of the artifact in storage
to all reconcilers which manage artifacts.
When the artifact does not have a digest or if it mismatches with the
file in storage, the file is removed from the storage and status of the
object.
This hardens the storage against potential tampering, in addition to
resolving an issue where users upgrading from a (much) older version of
the controller would run into an error after the checksum field was
removed from the API.
This would cause the controller to not advertise any checksum at all,
while not producing a new one until a new revision was detected.
Resulting in fetch failures for consumers while they would try to
verify the digest of the advertised artifact.
While not strictly part of this exercise, some of the tests were
altered to prepare the storage used in test cases to become isolated
by strictly using the `storage` provided via the callback. Actually
isolating this has however been left as a task at a later moment.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2023-05-10 17:09:47 +02:00
67e9c94abf
storage: add VerifyArtifact method
...
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2023-05-10 17:09:47 +02:00
62fd433e79
Merge pull request #1089 from onedr0p/patch-1
2023-05-10 17:05:04 +02:00
24ed99506f
Update Alpine to 3.18
...
This change would be nice to get in because MUSL finally implements TCP DNS requests as a fallback.
https://www.alpinelinux.org/posts/Alpine-3.18.0-released.html
Signed-off-by: Devin Buhl <onedr0p@users.noreply.github.com>
2023-05-10 09:25:35 -04:00
5887114d3c
Merge pull request #1087 from fluxcd/release-v1.0.0-rc.2
...
Release v1.0.0-rc.2
2023-05-09 11:49:06 +03:00
0cb211ac9f
Release v1.0.0-rc.2
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2023-05-09 11:34:54 +03:00
1724624977
Merge pull request #1086 from fluxcd/update-deps
...
Update dependencies
2023-05-09 11:23:35 +03:00
161d1d0c8b
Update dependencies
...
- github.com/fluxcd/pkg/oci v0.23.0
- github.com/fluxcd/pkg/untar v0.3.0
- github.com/google/go-containerregistry v0.15.1
- github.com/minio/minio-go/v7 v7.0.52
- github.com/prometheus/client_golang v1.15.1
- golang.org/x/crypto v0.9.0
- golang.org/x/sync v0.2.0
- google.golang.org/api v0.121.0
- helm.sh/helm/v3 v3.11.3
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2023-05-09 11:01:46 +03:00
745de281a7
Merge pull request #1084 from fluxcd/dependabot/github_actions/github/codeql-action-2.3.3
...
build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
2023-05-08 15:03:30 +02:00
857040abfc
build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5e
2023-05-08 06:24:26 +00:00
811792e03d
Merge pull request #1085 from fluxcd/dependabot/github_actions/anchore/sbom-action-0.14.2
...
build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2
2023-05-08 08:23:44 +02:00
e1ae3ad52e
build(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](422cb34a0f...4d571ad103
2023-05-08 03:05:32 +00:00
1d3236420d
Merge pull request #1076 from fluxcd/internal-controller
...
Move controllers to internal/controller
2023-05-03 15:50:44 +05:30
e16d6ebde8
Move controllers to internal/controller
...
Make the controller implementations private.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
2023-05-03 15:35:45 +05:30
eaa25b9a36
Merge pull request #1081 from fluxcd/dependabot/github_actions/github/codeql-action-2.3.2
...
build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
2023-05-01 10:56:01 +02:00
02f5c0d137
build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...f3feb00acb
2023-05-01 08:41:10 +00:00
6a0388286d
Merge pull request #1073 from fluxcd/dependabot/github_actions/actions/checkout-3.5.2
...
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
2023-05-01 10:40:29 +02:00
5672cdd0e3
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8f4b7f8486...8e5e7e5ab8
2023-05-01 08:10:36 +00:00
9042ea2c98
Merge pull request #1078 from fluxcd/dependabot/github_actions/docker/metadata-action-4.4.0
...
build(deps): bump docker/metadata-action from 4.3.0 to 4.4.0
2023-05-01 10:04:34 +02:00
153f571d6d
build(deps): bump docker/metadata-action from 4.3.0 to 4.4.0
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](507c2f2dc5...c4ee3adeed
2023-05-01 07:49:22 +00:00
3edd41a20f
Merge pull request #1082 from fluxcd/dependabot/github_actions/sigstore/cosign-installer-3.0.3
...
build(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3
2023-05-01 09:48:41 +02:00
e99c01a264
build(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](9e9de2292d...204a51a57a
2023-05-01 03:12:11 +00:00
ddb74e3aca
Merge pull request #1079 from fluxcd/dependabot/github_actions/github/codeql-action-2.3.0
...
build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
2023-04-24 10:08:00 +02:00
628ca23918
build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2
2023-04-24 03:07:41 +00:00
37f6fb1049
Merge pull request #1077 from fluxcd/global-recover
...
globally set RecoverPanic across controllers
2023-04-20 14:42:30 +02:00
27eac7a2ed
globally set RecoverPanic across controllers
...
This way we don't have to remember to set it individually in each
controller.
Signed-off-by: Max Jonas Werner <mail@makk.es>
2023-04-20 14:11:16 +02:00
9d1133faaa
Merge pull request #1074 from fluxcd/dependabot/github_actions/github/codeql-action-2.2.12
...
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
2023-04-17 11:41:10 +02:00
66395149f1
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d186a2a36c...7df0ce3489
2023-04-17 03:06:57 +00:00
906b12fd72
Merge pull request #1070 from fluxcd/dependabot/github_actions/sigstore/cosign-installer-3.0.2
...
build(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.2
2023-04-10 11:15:15 +03:00
2692bcdca1
build(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.2
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](c3667d9942...9e9de2292d
2023-04-10 07:49:17 +00:00
2f81ee9f7b
Merge pull request #1069 from fluxcd/dependabot/github_actions/github/codeql-action-2.2.11
...
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
2023-04-10 10:48:35 +03:00
758e9dc764
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...d186a2a36c
2023-04-10 03:08:30 +00:00
decbd9fd12
Merge pull request #1067 from fluxcd/dependabot/github_actions/anchore/sbom-action-0.14.1
...
build(deps): bump anchore/sbom-action from 0.13.4 to 0.14.1
2023-04-03 10:03:28 +03:00
0d79f4b775
build(deps): bump anchore/sbom-action from 0.13.4 to 0.14.1
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.13.4 to 0.14.1.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](448520c4f1...422cb34a0f
2023-04-03 03:05:32 +00:00
7433863b92
Merge pull request #1065 from fluxcd/release-v1.0.0-rc.1
...
Release v1.0.0-rc.1
2023-03-30 16:35:42 +03:00
4764353da2
Release v1.0.0-rc.1
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2023-03-30 16:25:03 +03:00
d836b68f4a
Merge pull request #1064 from fluxcd/ci-remove-darwin
...
ci: Remove the macOS runner
2023-03-30 14:32:23 +03:00
dependabot[bot]
Hidde Beydals
Hidde Beydals
Andy Hall
Rashed Kamal
Stefan Prodan
Devin Buhl
Max Jonas Werner
Sunny
Max Jonas Werner