Remove deprecated Event error. Event error was used for scenarios where
an error should result in an event/notification. It was introduced as a
contextual error along with Stalling and Waiting errors but was later
replaced with Generic error which doesn't have any contextual meaning.
The Generic error provided error configuration which allowed defining
how the error should be handled. This replaced the contextual error
handling with error action handlers which behaved on the error
configuration of the errors.
The Generic error was first introduced to be used in GitRepository
reconciler and was used by new reconcilers like the OCIRepository
reconcilers. The old reconcilers bucket, helmrepository and helmchart
reconcilers were still using the deprecated Event error. This change
replaces the Event errors in these reconcilers with a Generic error.
It also fixes a bug in the Generic error constructor which configured
the error to be logged by default. This resulted in an error to be
logged by the result processor and the runtime, double logging. This
behavior has been changed to not log explicitly and allow the runtime to
log the error. Since the Generic error is based on defining the error
handling behavior in the error configuration, a generic error that needs
to be ignored (not returned to the runtime), but logged can enable the
logging behavior explicitly on the Generic error instance. This is done
in GitRepository reconciler for no-op reconciliations where an ignore
error is returned.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
This is a regression fix introduced in a302c71 which would wrongly check
for the type of the Secret specified in `.spec.secretRef` while
configuring TLS data.
Introduce `LegacyTLSClientConfigFromSecret` which does not check the
Secret type while constructing the TLS config.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Check the auth secret for the `ca.crt` key for CA certificate data.
`ca.crt` takes precdence over `caFile`.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Adopt Kubernetes TLS secrets API to check for TLS data in the Secret
referred to by `.spec.certSecretRef`, i.e. check for keys `tls.crt` and
`tls.key` for the certificate and private key. Use `ca.crt` for the CA
certificate.
Deprecate the usage of `caFile`, `certFile` and `keyFile` keys.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Adopt Kubernetes TLS secrets API to check for TLS data in the Secret
referred to by `.spec.certSecretRef`, i.e. check for keys `tls.crt` and
`tls.key` for the certificate and private key. Use `ca.crt` for the CA
certificate.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Update `github.com/fluxcd/pkg/oci` to v0.31.o which comes with support for Azure China and US Gov regions when pulling OCI artifacts.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Add support for verifying tags and optionally the commit object it
points to. Modify the reconciler to trigger a full reconciliation if the
object contains a verification configuration that implies that we need
to verify one (or more) Git objects that we haven't previosuly verified.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Add three new verification modes for `.spec.verify.mode`:
* `HEAD`: Verify the commit that the HEAD of the repo points to after
checking out to the ref specified in `.spec.ref`. Its the same as
`head`, which cannot be removed due to backwards compatibility
reasons and is converted to `HEAD` internally.
* `Tag`: Verify the tag referred to by `.spec.ref.tag`.
* `TagAndHEAD`: Verify the tag referred to by `.spec.ref.tag` and the
commit that the tag points to.
The default is `HEAD`, to ensure backwards compatibility.
Furthermore, add `.status.sourceVerificationMode` to record the last
successful verification mode used.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Move record suspend metrics next to readiness and duration metrics so
that it gets recorded along with others always at the end and the
metrics delete, which requires the knowledge of deleted finalizers,
applies to suspend too.
HelmRepository cache event metrics for a given helmrepo also continues
to be exported even after the object is deleted. This change deletes
the cache event metrics when the object is deleted.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
- github.com/distribution/distribution/v3 to v3.0.0-20230808081639-69fe1690134c
- github.com/sigstore/sigstore to v1.7.2
- google.golang.org/api to v0.136.0
- helm.sh/helm/v3 to v3.12.3
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Sunny