fluxcd
/
source-controller
mirror of https://github.com/fluxcd/source-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,260 Commits 28 Branches 272 Tags 16 MiB
Commit Graph

2260 Commits

Author SHA1 Message Date
Max Jonas Werner 9a74ea06e7
Release v1.1.2 
Signed-off-by: Max Jonas Werner <mail@makk.es>
 2023-10-11 12:34:48 +02:00
Max Jonas Werner c983b05381
Merge pull request #1256 from fluxcd/backport-1254-to-release/v1.1.x 
[release/v1.1.x] build(deps): bump the ci group with 1 update
 2023-10-09 11:39:48 +02:00
dependabot[bot] 8123d78cae
build(deps): bump the ci group with 1 update 
Bumps the ci group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).

- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](6a28655e3d...2cb752a87e)

Signed-off-by: Max Jonas Werner <mail@makk.es>

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 9d64b462b1)
 2023-10-09 11:08:56 +02:00
Stefan Prodan d174d9429b
Merge pull request #1255 from fluxcd/backport-1246-to-release/v1.1.x 
[release/v1.1.x] oci: Skip symlinks found in upstream artifacts
 2023-10-09 10:46:16 +03:00
Stefan Prodan bf5b907a29 oci: Skip symlinks found in upstream artifacts 
Do not error out when upstream artifacts contain symlinks in the content layer, instead skip all symlinks during decompression.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
(cherry picked from commit cdb412e7af)
 2023-10-09 07:14:22 +00:00
Stefan Prodan 516666a317 Update `pkg/tar` and `pkg/oci` 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
(cherry picked from commit 837d8077ec)
 2023-10-09 07:14:22 +00:00
Hidde Beydals c9f7e3b19e
Merge pull request #1237 from fluxcd/release-v1.1.1 
Release v1.1.1
 2023-09-18 15:50:37 +02:00
Hidde Beydals e6cc64c26e
Release v1.1.1 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-09-18 15:36:55 +02:00
Hidde Beydals 49e3ce75ca
Add changelog entry for v1.1.1 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-09-18 15:35:36 +02:00
Stefan Prodan eb9a3af810
Merge pull request #1236 from fluxcd/backport-1232-to-release/v1.1.x 
[release/v1.1.x] Upgrade github.com/fluxcd/pkg/{git,git/gogit}
 2023-09-18 11:22:51 +03:00
Max Jonas Werner dfbaa5a709 Upgrade github.com/fluxcd/pkg/{git,git/gogit} 
Signed-off-by: Max Jonas Werner <mail@makk.es>
(cherry picked from commit 7940640c8c)
 2023-09-18 07:46:18 +00:00
Max Jonas Werner 12220f7d48
Merge pull request #1235 from fluxcd/backport-1234-to-release/v1.1.x 
[release/v1.1.x] build(deps): bump the ci group with 7 updates
 2023-09-18 08:51:20 +02:00
dependabot[bot] bc75d799e9 build(deps): bump the ci group with 7 updates 
Bumps the ci group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `2.2.0` | `3.0.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2.10.0` | `3.0.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `4.2.1` | `5.0.0` |
| [docker/login-action](https://github.com/docker/login-action) | `2.2.0` | `3.0.0` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `4.6.0` | `5.0.0` |
| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `4.6.0` | `5.0.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `2.21.5` | `2.21.7` |

Updates `docker/setup-qemu-action` from 2.2.0 to 3.0.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](2b82ce82d5...68827325e0)

Updates `docker/setup-buildx-action` from 2.10.0 to 3.0.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](885d1462b8...f95db51fdd)

Updates `docker/build-push-action` from 4.2.1 to 5.0.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](0a97817b6a...0565240e2d)

Updates `docker/login-action` from 2.2.0 to 3.0.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](465a07811f...343f7c4344)

Updates `docker/metadata-action` from 4.6.0 to 5.0.0
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](818d4b7b91...96383f4557)

Updates `goreleaser/goreleaser-action` from 4.6.0 to 5.0.0
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](5fdedb94ab...7ec5c2b0c6)

Updates `github/codeql-action` from 2.21.5 to 2.21.7
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](00e563ead9...04daf014b5)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 13095f4900)
 2023-09-18 06:31:37 +00:00
Max Jonas Werner 419232f64a
Merge pull request #1230 from fluxcd/backport-1229-to-release/v1.1.x 
[release/v1.1.x] build(deps): bump the ci group with 3 updates
 2023-09-11 17:23:45 +02:00
dependabot[bot] 80f141a84b build(deps): bump the ci group with 3 updates 
Bumps the ci group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [docker/build-push-action](https://github.com/docker/build-push-action) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action).

Updates `actions/checkout` from 3.6.0 to 4.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](f43a0e5ff2...3df4ab11eb)

Updates `docker/build-push-action` from 4.1.1 to 4.2.1
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](2eb1c1961a...0a97817b6a)

Updates `goreleaser/goreleaser-action` from 4.4.0 to 4.6.0
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](3fa32b8bb5...5fdedb94ab)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 9ef9555c3b)
 2023-09-11 15:08:33 +00:00
Max Jonas Werner 433701a6ff
Merge pull request #1227 from fluxcd/backport-1226-to-release/v1.1.x 
[release/v1.1.x] build(deps): bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4
 2023-09-08 11:58:50 +02:00
dependabot[bot] d4ca0e336b build(deps): bump github.com/cyphar/filepath-securejoin 
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.3...v0.2.4)

---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit d96552b3e3)
 2023-09-08 07:27:58 +00:00
Stefan Prodan 123a087013
Merge pull request #1225 from fluxcd/backport-1220-to-release/v1.1.x 
[release/v1.1.x] helmrepo: fix Secret type check for TLS via `.spec.secretRef`
 2023-09-07 11:05:12 +03:00
Sanskar Jaiswal 4f0ad80139 helmrepo: fix Secret type check for TLS via `.spec.secretRef` 
This is a regression fix introduced in a302c71 which would wrongly check
for the type of the Secret specified in `.spec.secretRef` while
configuring TLS data.

Introduce `LegacyTLSClientConfigFromSecret` which does not check the
Secret type while constructing the TLS config.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
(cherry picked from commit f787fc7046)
 2023-09-07 07:48:52 +00:00
Max Jonas Werner c3769016ab
Merge pull request #1224 from fluxcd/backport-1223-to-release/v1.1.x 
[release/v1.1.x] build(deps): bump the ci group with 3 updates
 2023-09-04 10:10:39 +02:00
dependabot[bot] c00270be05 build(deps): bump the ci group with 3 updates 
Bumps the ci group with 3 updates: [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [github/codeql-action](https://github.com/github/codeql-action).

Updates `docker/setup-buildx-action` from 2.9.1 to 2.10.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](4c0219f9ac...885d1462b8)

Updates `sigstore/cosign-installer` from 3.1.1 to 3.1.2
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](6e04d228eb...11086d2504)

Updates `github/codeql-action` from 2.21.4 to 2.21.5
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](a09933a12a...00e563ead9)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 17bc07da49)
 2023-09-04 07:44:10 +00:00
Stefan Prodan 0720925a5a
Merge pull request #1222 from fluxcd/backport-1211-to-release/v1.1.x 
[release/v1.1.x] bucket: Use auto lookup type
 2023-08-31 14:59:30 +03:00
Zhiyu Wang ef9dbd17b8 Chore: use auto bucket lookup type 
Signed-off-by: Zhiyu Wang <zhiyuwang.newbis@gmail.com>
(cherry picked from commit 1ab089e19e)
 2023-08-31 11:05:57 +00:00
Stefan Prodan 5d68b5d417
Merge pull request #1216 from fluxcd/backport-1215-to-release/v1.1.x 
[release/v1.1.x] docs: Add missing pem-encoding reference
 2023-08-28 20:55:36 +03:00
Stéphane Este-Gracias 8ac043db14 docs: Add missing pem-encoding reference 
Signed-off-by: Stéphane Este-Gracias <sestegra@gmail.com>
(cherry picked from commit 0124126f6b)
 2023-08-28 16:57:34 +00:00
Stefan Prodan 577a091da2
Merge pull request #1213 from fluxcd/backport-1212-to-release/v1.1.x 
[release/v1.1.x] build(deps): bump the ci group with 2 updates
 2023-08-28 12:29:57 +03:00
dependabot[bot] 8d19469b79 build(deps): bump the ci group with 2 updates 
Bumps the ci group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator).

Updates `actions/checkout` from 3.5.3 to 3.6.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](c85c95e3d7...f43a0e5ff2)

Updates `slsa-framework/slsa-github-generator` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
(cherry picked from commit 6093a29c9d)
 2023-08-28 08:35:46 +00:00
Sanskar Jaiswal 0e47f7fa1a
Merge pull request #1209 from fluxcd/release-v1.1.0 
Release v1.1.0
 2023-08-23 16:18:18 +05:30
Sanskar Jaiswal e5a429a529
Release v1.1.0 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-23 15:59:00 +05:30
Sanskar Jaiswal 39676032d6
Add changelog entry for v1.1.0 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-23 15:58:58 +05:30
Stefan Prodan 052221c3d8
Merge pull request #1204 from somtochiama/doc-links 
Fix link ref in API docs
 2023-08-23 12:40:25 +03:00
Somtochi Onyekwere 47ff472d9e fix link 
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
 2023-08-23 10:31:35 +01:00
Stefan Prodan b3036f58b2
Merge pull request #1203 from somtochiama/fix-helm-path 
Preserve url encoded path in normalized helm repository URL
 2023-08-23 12:12:48 +03:00
Somtochi Onyekwere 64139e7ec1 preserve url encoded path in helm repo 
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
 2023-08-23 10:01:27 +01:00
Sanskar Jaiswal a302c71c57
Merge pull request #1194 from fluxcd/tls-secret 
Adopt Kubernetes style TLS Secrets
 2023-08-22 18:35:18 +05:30
Sanskar Jaiswal 2a7f67de48
gitrepo: add support for specifying CA data via `ca.crt` 
Check the auth secret for the `ca.crt` key for CA certificate data.
`ca.crt` takes precdence over `caFile`.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-22 18:23:05 +05:30
Sanskar Jaiswal 6fe3c96311
ocirepo: adopt Kubernetes style TLS secrets for .spec.certSecretRef 
Adopt Kubernetes TLS secrets API to check for TLS data in the Secret
referred to by `.spec.certSecretRef`, i.e. check for keys `tls.crt` and
`tls.key` for the certificate and private key. Use `ca.crt` for the CA
certificate.
Deprecate the usage of `caFile`, `certFile` and `keyFile` keys.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-22 18:23:05 +05:30
Sanskar Jaiswal 4bd6bcc9e9
helmrepo: adopt Kubernetes TLS secrets for `.spec.certSecretRef` 
Adopt Kubernetes TLS secrets API to check for TLS data in the Secret
referred to by `.spec.certSecretRef`, i.e. check for keys `tls.crt` and
`tls.key` for the certificate and private key. Use `ca.crt` for the CA
certificate.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-22 18:23:04 +05:30
Stefan Prodan de31a124f7
Merge pull request #1200 from kingdonb/fix-bad-links 
Fix links in API docs
 2023-08-22 14:43:00 +03:00
Kingdon Barrett 79eedb3ebf
Fix links in API docs 
Signed-off-by: Kingdon Barrett <kingdon@weave.works>
 2023-08-22 07:28:47 -04:00
Stefan Prodan 36eb804999
Merge pull request #1202 from fluxcd/oci-0.31.0 
Update dependencies
 2023-08-22 14:15:03 +03:00
Stefan Prodan fb1f72e772
Update dependencies 
Update `github.com/fluxcd/pkg/oci` to v0.31.o which comes with support for Azure China and US Gov regions when pulling OCI artifacts.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2023-08-22 13:58:27 +03:00
Sanskar Jaiswal 38f6724703
Merge pull request #1187 from fluxcd/tag-verification 
gitrepo: add support for Git tag verification
 2023-08-22 13:28:18 +05:30
Sanskar Jaiswal 51d842c708
gitrepo: add docs for tag verification 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-22 13:00:18 +05:30
Sanskar Jaiswal 035d514af3
gitrepo: add tests for verifying tag signatures 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-22 13:00:18 +05:30
Sanskar Jaiswal 59898cd86b
gitrepo: add support for verifying tags 
Add support for verifying tags and optionally the commit object it
points to. Modify the reconciler to trigger a full reconciliation if the
object contains a verification configuration that implies that we need
to verify one (or more) Git objects that we haven't previosuly verified.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-22 13:00:15 +05:30
Sanskar Jaiswal 6002ef51a6
gitrepo: add HEAD, Tag, TagAndHEAD as verification modes 
Add three new verification modes for `.spec.verify.mode`:
* `HEAD`: Verify the commit that the HEAD of the repo points to after
  checking out to the ref specified in `.spec.ref`. Its the same as
  `head`, which cannot be removed due to backwards compatibility
  reasons and is converted to `HEAD` internally.
* `Tag`: Verify the tag referred to by `.spec.ref.tag`.
* `TagAndHEAD`: Verify the tag referred to by `.spec.ref.tag` and the
  commit that the tag points to.

The default is `HEAD`, to ensure backwards compatibility.

Furthermore, add `.status.sourceVerificationMode` to record the last
successful verification mode used.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-08-21 21:33:15 +05:30
Max Jonas Werner e84295795b
Merge pull request #1201 from fluxcd/dependabot/github_actions/ci-71339bc865 
build(deps): bump the ci group with 2 updates
 2023-08-21 11:09:37 +02:00
dependabot[bot] 6f5836f0f2
build(deps): bump the ci group with 2 updates 
Bumps the ci group with 2 updates: [korthout/backport-action](https://github.com/korthout/backport-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `korthout/backport-action` from 1.3.1 to 1.4.0
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](bf5fdd624b...bd68141f07)

Updates `github/codeql-action` from 2.21.3 to 2.21.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](5b6282e01c...a09933a12a)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-21 02:13:30 +00:00
Stefan Prodan aa370f284d
Merge pull request #1167 from somtochiama/azure-docs 
Update docs on Azure identity
 2023-08-15 14:50:08 +03:00