fluxcd
/
source-controller
mirror of https://github.com/fluxcd/source-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,328 Commits 34 Branches 270 Tags 15 MiB
Commit Graph

2328 Commits

Author SHA1 Message Date
Sunny cf3735e2a2 Static helmrepository OCI 
Remove the HelmRepositoryOCI reconciler and make HelmRepository of type
OCI static. The existing HelmRepository OCI objects are migrated to
static object by removing their finalizers and status. New
HelmRepository OCI objects go through one time migration to remove the
status. These are not reconciled again, unless the type is changed to
default. On type switching from HelmRepository default to OCI, the
finalizer, status and artifact are removed to make the object static. On
switching from OCI to default, a complete reconciliation of
HelmRepository takes place to build artifact and add status and
finalizer.

The HelmRepository .spec.url has a new validation to check the URL
scheme. This is to add some validation to HelmRepository OCI since it's
not backed by a reconciler for full validation.

Add HelmRepositoryOCIMigrationPredicate predicate to detect and allow
reconciliation of HelmRepository OCI objects that need migration. The
other predicates that filtered the HelmRepository events based on the
type have been removed as all the HelmRepositories will now be
reconciled by a single reconciler. HelmRepositoryOCIMigrationPredicate
readily allows non-OCI objects and only checks if a migration is needed
for OCI type object.

Add controller tests for different migration scenarios.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
 2023-11-22 21:05:51 +05:30
Max Jonas Werner f54a59c60b
Merge pull request #1291 from fluxcd/dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.1 
build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1
 2023-11-22 11:46:17 +01:00
dependabot[bot] daa2166d6e
build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.0...v3.0.1)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-22 08:44:48 +00:00
Stefan Prodan 76c78b87a4
Merge pull request #1289 from fluxcd/generic-secret 
helmrepo: only configure tls login option when required
 2023-11-22 08:45:34 +02:00
Sanskar Jaiswal dfcede03f2
helmrepo: only configure tls login option when required 
Modify `GetHelmClientOpts()` to only configure the TLS login option when
an authentication login option is configured. This prevents the
reconciler from trying to authenticate against public registries.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-11-22 10:05:45 +05:30
Stefan Prodan 9ae35e98e5
Merge pull request #1286 from fluxcd/k8s-1.28 
Update dependencies to Kubernetes v1.28
 2023-11-21 10:29:41 +02:00
Stefan Prodan bfa59f5563
Update `tonistiigi/xx` to v1.3.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2023-11-21 10:17:12 +02:00
Stefan Prodan 2feec3198b
Build with Go 1.21 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2023-11-20 17:20:08 +02:00
Stefan Prodan 71806b51ed
Update sigstore/cosign to v2.2.1 
Fix CVE-2023-46737

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2023-11-20 17:04:45 +02:00
Stefan Prodan 58828350d5
Update dependencies to Kubernetes 1.28 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2023-11-20 16:50:44 +02:00
Max Jonas Werner af162947d5
Merge pull request #1285 from fluxcd/dependabot/github_actions/ci-4c0557044b 
build(deps): bump the ci group with 2 updates
 2023-11-20 08:08:47 +01:00
dependabot[bot] 9df76cf451
build(deps): bump the ci group with 2 updates 
Bumps the ci group with 2 updates: [docker/build-push-action](https://github.com/docker/build-push-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `docker/build-push-action` from 5.0.0 to 5.1.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](0565240e2d...4a13e500e5)

Updates `github/codeql-action` from 2.22.5 to 2.22.7
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](74483a38d3...66b90a5db1)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-20 02:50:35 +00:00
Max Jonas Werner bf2c30f472
Merge pull request #1281 from fluxcd/dependabot/github_actions/ci-da8bbba46e 
build(deps): bump the ci group with 2 updates
 2023-11-13 08:52:00 +01:00
dependabot[bot] 60c9a3319f
build(deps): bump the ci group with 2 updates 
Bumps the ci group with 2 updates: [korthout/backport-action](https://github.com/korthout/backport-action) and [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer).


Updates `korthout/backport-action` from 2.1.0 to 2.1.1
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](cb79e4e5f4...08bafb375e)

Updates `sigstore/cosign-installer` from 3.1.2 to 3.2.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](11086d2504...1fc5bd396d)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-13 02:37:22 +00:00
Max Jonas Werner 8b0eccd322
Merge pull request #1271 from fluxcd/upgrade-git-gogit 
Upgrade `go-git` to v5.10.0
 2023-11-09 12:10:17 +01:00
Max Jonas Werner bbfe866796
Upgrade pkg/{git,git/gogit} and go-git/go-git 
fixes #1239

Signed-off-by: Max Jonas Werner <mail@makk.es>
 2023-11-08 12:01:29 +01:00
Hidde Beydals 3ab56ae4c8
Merge pull request #1276 from fluxcd/default-file-perms 
storage: change default file permissions
 2023-11-06 12:46:10 +01:00
Hidde Beydals 57e829fe6f
Update `fluxcd/pkg` dependencies 
As this includes an update of ORAS compatible with newer versions of
`github.com/docker/docker`, we can unpin this dependency.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-11-06 12:36:03 +01:00
Hidde Beydals 646089e07e
storage: change default file permissions 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-11-06 12:22:40 +01:00
Max Jonas Werner db31688829
Merge pull request #1277 from fluxcd/dependabot/github_actions/ci-18c09be9f8 
build(deps): bump the ci group with 1 update
 2023-11-06 07:39:03 +01:00
dependabot[bot] 563ad1e6d8
build(deps): bump the ci group with 1 update 
Bumps the ci group with 1 update: [korthout/backport-action](https://github.com/korthout/backport-action).

- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](408fae11ed...cb79e4e5f4)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-06 02:32:30 +00:00
Sanskar Jaiswal a8a81965c7
Merge pull request #1250 from fluxcd/cosign-identity-matching 
cosign: allow identity matching for keyless verification
 2023-11-02 08:13:44 -07:00
Sanskar Jaiswal fcaf86e7eb
docs: add docs for cosign identity matching 
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-10-31 08:04:34 -07:00
Sanskar Jaiswal d855805b8f
cosign: allow identity matching for keyless verification 
Add `.spec.verify.matchOIDCIdentity` to OCIRepository and HelmChart.
It allows specifying regular expressions to match against the subject and
issuer of the certificate related to the artifact signature. Its used
only if the artifact was signed using Cosign keyless signing.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 2023-10-31 08:04:34 -07:00
Max Jonas Werner 8c63fba06b
Merge pull request #1272 from fluxcd/dependabot/github_actions/ci-266d728e8a 
build(deps): bump the ci group with 2 updates
 2023-10-30 08:58:33 +01:00
dependabot[bot] 6be8ac9a5b
build(deps): bump the ci group with 2 updates 
Bumps the ci group with 2 updates: [korthout/backport-action](https://github.com/korthout/backport-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `korthout/backport-action` from 1.4.0 to 2.0.0
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](bd68141f07...408fae11ed)

Updates `github/codeql-action` from 2.22.4 to 2.22.5
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](49abf0ba24...74483a38d3)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-30 02:38:11 +00:00
Hidde Beydals 19345b3789
Merge pull request #1269 from fluxcd/dependabot/go_modules/google.golang.org/grpc-1.57.1 
build(deps): bump google.golang.org/grpc from 1.57.0 to 1.57.1
 2023-10-26 00:14:16 +02:00
dependabot[bot] 20730e0719
build(deps): bump google.golang.org/grpc from 1.57.0 to 1.57.1 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.57.0 to 1.57.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.57.0...v1.57.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-25 21:24:54 +00:00
Max Jonas Werner c664afe632
Merge pull request #1266 from fluxcd/dependabot/github_actions/ci-ff180a8d58 
build(deps): bump the ci group with 2 updates
 2023-10-23 09:06:20 +02:00
dependabot[bot] b135c09d25
build(deps): bump the ci group with 2 updates 
Bumps the ci group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/checkout` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8ade135a41...b4ffde65f4)

Updates `github/codeql-action` from 2.22.3 to 2.22.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](0116bc2df5...49abf0ba24)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-23 02:10:22 +00:00
Stefan Prodan f2a1814aea
Merge pull request #1228 from fluxcd/bucket-prefix 
bucket: Add prefix filtering capability
 2023-10-17 15:24:11 +03:00
Stefan Prodan 674c287dbd
Bucket: add prefix support for GCP 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2023-10-17 15:10:33 +03:00
Stefan Prodan 6d4e654522
Document Bucket prefix field 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2023-10-17 14:36:16 +03:00
Stefan Prodan b655149786
bucket: Add prefix filtering capability 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2023-10-17 14:13:04 +03:00
Hidde Beydals 3073c2c261
Merge pull request #1265 from fluxcd/dependabot/github_actions/ci-24b5ea99f0 
build(deps): bump the ci group with 1 update
 2023-10-16 10:18:09 +02:00
dependabot[bot] 27ca7a8b98
build(deps): bump the ci group with 1 update 
Bumps the ci group with 1 update: [github/codeql-action](https://github.com/github/codeql-action).

- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2cb752a87e...0116bc2df5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-16 02:59:51 +00:00
Hidde Beydals 1b7a8e118a
Merge pull request #1260 from fluxcd/dependabot/go_modules/api/golang.org/x/net-0.17.0 
build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 in /api
 2023-10-12 09:11:52 +02:00
dependabot[bot] 5b642b12ac
build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 in /api 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.10.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.10.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-12 06:51:46 +00:00
Hidde Beydals a522e44768
Merge pull request #1261 from fluxcd/dependabot/go_modules/golang.org/x/net-0.17.0 
build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0
 2023-10-12 08:51:16 +02:00
dependabot[bot] 1dba5fb860
build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 23:14:27 +00:00
Max Jonas Werner 8ea2bb0ade
Merge pull request #1259 from fluxcd/pick-changelog-v1.1.2 
Add changelog entry for v1.1.2
 2023-10-11 16:09:36 +02:00
Max Jonas Werner 34f398586c
Add changelog entry for v1.1.2 
Signed-off-by: Max Jonas Werner <mail@makk.es>
(cherry picked from commit 01f4ebb1b5)
 2023-10-11 15:48:24 +02:00
Hidde Beydals fe1173f996
Merge pull request #1257 from fluxcd/tidy-nits 
Address miscellaneous issues throughout code base
 2023-10-11 11:21:12 +02:00
Hidde Beydals 09772bd092
misc: set TLS certificate files perms to `0o600` 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-10-11 11:03:56 +02:00
Hidde Beydals 04612b539b
misc: fix hypothetical implicit memory aliasing 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-10-11 11:03:56 +02:00
Hidde Beydals b0d94ce6d0
misc: do not capitalize err string and fix wording 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-10-11 11:03:56 +02:00
Hidde Beydals aba98008ac
misc: remove redundant nil check 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-10-11 11:03:55 +02:00
Hidde Beydals a70b3f37c0
misc: remove unused code 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-10-11 11:03:55 +02:00
Hidde Beydals cdb43f1999
misc: add test case for invalid tag signature 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-10-11 11:03:55 +02:00
Hidde Beydals 20230811e4
misc: address duplicate imports 
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
 2023-10-11 11:03:54 +02:00