df06de9b65
refactor: eliminate hidden mutations in HelmRepository client opts
...
Replace hidden mutation functions with explicit configuration
pattern to eliminate side effects where ClientOpts was modified
through configuration functions. Adds CertsTempDir field to ClientOpts struct.
Signed-off-by: cappyzawa <cappyzawa@gmail.com>
2025-07-25 13:38:36 +09:00
a0b4969dc9
Merge pull request #1851 from cappyzawa/feat/oci-repository-runtime-secrets-migration
...
Migrate OCIRepository controller to runtime/secrets
2025-07-21 18:58:14 +01:00
b2993a76bc
Fix missing TLS ServerName in HelmRepository
...
Add ServerName configuration to TLS config in HelmRepository client
options to ensure proper SNI (Server Name Indication) support for
virtual hosting environments. This addresses the regression introduced
when migrating from internal/tls to runtime/secrets, where ServerName
was not being set automatically.
Without ServerName, TLS handshakes fail with certificate mismatch
errors when connecting to Helm repositories using virtual hosting
where multiple repositories are hosted on the same IP address.
Signed-off-by: cappyzawa <cappyzawa@gmail.com>
2025-07-22 00:39:59 +09:00
74242e5d8a
Migrate OCIRepository controller to runtime/secrets
...
Migrates the OCIRepository controller's authentication handling from
internal implementations to the unified runtime/secrets API package.
The migration moves TLS configuration from internal/tls to
runtime/secrets.TLSConfigFromSecretRef and ServiceAccount processing
to secrets.PullSecretsFromServiceAccountRef, providing consistent
authentication handling across all source-controller components.
This change eliminates duplicate secret fetching logic and aligns
the OCIRepository controller with the standardized authentication
patterns used by other controllers in the GitOps Toolkit.
Signed-off-by: cappyzawa <cappyzawa@gmail.com>
2025-07-22 00:39:59 +09:00
173a1cccc5
Merge pull request #1849 from cappyzawa/feat/helm-repository-runtime-secrets-migration
...
Migrate HelmRepository to runtime/secrets
2025-07-18 13:40:13 +01:00
9950f56d26
migrate HelmRepository to AuthMethodsFromSecret API
...
This commit upgrades pkg/runtime to v0.73.0 and adopts the unified
AuthMethodsFromSecret API for HelmRepository authentication handling.
The change replaces complex manual authentication detection with a
single API call and improves error handling consistency.
Breaking Changes:
- TLS certificate validation is now strictly enforced. Invalid CA
certificates will cause authentication failures even for public
repositories, where they were previously ignored.
- Empty TLS certificate secrets now trigger validation errors instead
of being silently ignored. This affects certSecretRef with empty
Data map - previously ignored, now causes proper error.
Signed-off-by: cappyzawa <cappyzawa@gmail.com>
2025-07-18 21:29:37 +09:00
274a6699cc
refactor: improve HelmRepository controller test structure for runtime/secrets migration
...
Signed-off-by: cappyzawa <cappyzawa@gmail.com>
2025-07-18 03:37:02 +09:00
114a702490
Merge pull request #1844 from fluxcd/dependabot/go_modules/github.com/go-viper/mapstructure/v2-2.3.0
...
build(deps): bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0
2025-07-15 01:11:39 +03:00
8c951e3019
build(deps): bump github.com/go-viper/mapstructure/v2
...
Bumps [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure ) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/go-viper/mapstructure/releases )
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md )
- [Commits](https://github.com/go-viper/mapstructure/compare/v2.2.1...v2.3.0 )
---
updated-dependencies:
- dependency-name: github.com/go-viper/mapstructure/v2
dependency-version: 2.3.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-07-14 21:10:27 +00:00
508f4ff38d
Merge pull request #1850 from fluxcd/upgrade-deps
...
Upgrade Kubernetes to 1.33.2
2025-07-15 00:08:34 +03:00
e3abd39417
Upgrade Kubernetes to 1.33.2
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-07-14 18:33:46 +01:00
21e3a02f99
Merge pull request #1848 from cappyzawa/refactor/transport-to-pkg
...
refactor: replace internal/transport with pkg/http/transport
2025-07-09 14:18:21 +03:00
d5920fee85
refactor: replace internal/transport with pkg/http/transport
...
Signed-off-by: cappyzawa <cappyzawa@gmail.com>
2025-07-09 19:28:36 +09:00
8f77ed4981
Merge pull request #1808 from TerryHowe/harden-blob-test
...
fix: blob test cores if no error
2025-07-01 14:34:26 +01:00
9c8d8c95e2
fix: blob test cores if no error
...
Co-authored-by: Matheus Pimenta <matheuscscp@gmail.com>
Signed-off-by: Terry Howe <terrylhowe@gmail.com>
2025-06-30 05:57:55 -06:00
32967c32c3
Merge pull request #1843 from fluxcd/pick-changelog-v1.6.2
...
Add changelog entry for v1.6.2
2025-06-27 11:21:54 +01:00
5ff9de8bb9
Add changelog entry for v1.6.2
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
(cherry picked from commit 55b45275a1
2025-06-27 11:04:25 +01:00
4dec4c28c0
Merge pull request #1839 from fluxcd/fix-ssh-host-key-sha2
...
Fix: Prioritize sha2-512 and sha2-256 for ssh-rsa host keys
2025-06-27 11:44:19 +03:00
07ab3461dc
Fix: Prioritize sha2-512 and sha2-256 for ssh-rsa host keys
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2025-06-27 11:26:54 +03:00
e37bd89d5e
Merge pull request #1835 from cappyzawa/refactor/simplify-oci-auth-error-handling
...
refactor: cleanup GetArtifactRegistryCredentials error handling
2025-06-21 14:32:50 +01:00
738fb2b3a8
refactor: simplify OCI auth error handling
...
Update fluxcd/pkg/auth to v0.18.0 and remove unnecessary authenticator
nil check in Helm OCI repository authentication.
With fluxcd/pkg/auth v0.18.0, GetArtifactRegistryCredentials() returns
valid authenticator when error is nil, making the nil check redundant.
Signed-off-by: cappyzawa <cappyzawa@gmail.com>
2025-06-21 22:21:51 +09:00
97c995b8c8
Merge pull request #1833 from fluxcd/pick-changelog-v1.6.1
...
Add changelog entry for v1.6.1
2025-06-13 17:21:04 +01:00
bcc0b84bd4
Add changelog entry for v1.6.1
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
(cherry picked from commit 7922d124e7
2025-06-13 17:11:57 +01:00
a5e476fce3
Merge pull request #1829 from fluxcd/fix-host-keys
...
Fix `knownhosts key mismatch` regression bug
2025-06-12 18:54:35 +01:00
5d5943fff0
Upgrade dependencies
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-06-12 18:02:44 +01:00
829b6a2104
Merge pull request #1825 from fluxcd/upgrade-auth
...
Upgrade dependencies
2025-06-09 17:43:41 +01:00
575d936c9b
Upgrade dependencies
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-06-09 17:07:52 +01:00
483dd69d1e
Merge pull request #1823 from zhaque44/update-reconciliation-tests
...
chore: adding more scenarios for processor_test.go
2025-06-07 14:49:14 +01:00
8a92986d5e
adding scenarions for processor_test.go
...
Signed-off-by: zhaque44 <haque.zubair@gmail.com>
chg imports to be like main
Signed-off-by: zhaque44 <haque.zubair@gmail.com>
2025-06-07 08:39:34 -05:00
71e6ca6b0a
Merge pull request #1819 from fluxcd/dependabot-up
...
Update dependabot config
2025-05-28 16:18:05 +03:00
7fabea8f02
Update dependabot config
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2025-05-28 16:01:43 +03:00
f2eaf74120
Merge pull request #1816 from fluxcd/update-labels
...
Add 1.6.x release label
2025-05-27 15:08:10 +01:00
1106cddce4
Add 1.6.x release label
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-05-27 14:16:49 +01:00
536ad96fab
Merge pull request #1814 from fluxcd/release/v1.6.x
...
Release/v1.6.x
2025-05-27 14:14:56 +01:00
83cb98615d
Merge pull request #1813 from fluxcd/release-v1.6.0
...
Release v1.6.0
2025-05-27 13:48:27 +01:00
465741e97a
Release v1.6.0
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-05-27 12:41:16 +01:00
ac4afb3779
Add changelog entry for v1.6.0
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-05-27 12:39:52 +01:00
359d50d77e
Merge pull request #1811 from fluxcd/rfc-0010-docs
...
[RFC-0010] Link workload identity docs to complete guide
2025-05-27 09:46:26 +01:00
d5552220a5
[RFC-0010] Link workload identity docs to complete guide
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-05-27 09:38:15 +01:00
fdc84c7efa
Merge pull request #1812 from fluxcd/containerd-v1.7.27
...
Update containerd v1.7.27
2025-05-27 09:33:17 +01:00
71aa99e934
Fix flaky test
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-05-27 09:24:01 +01:00
36e0d0dfca
Update containerd v1.7.27
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2025-05-27 09:16:15 +03:00
e98b89a5a0
Merge pull request #1794 from fluxcd/ocirepository-v1
...
Promote OCIRepository API to v1 (GA)
2025-05-27 08:42:21 +03:00
aadaf1c0aa
Remove deprecated status fields from OCIRepository v1
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2025-05-27 08:29:44 +03:00
34bb9862e6
Promote OCIRepository API to v1 (GA)
...
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2025-05-27 08:19:51 +03:00
220044db74
Merge pull request #1800 from fluxcd/dependabot/github_actions/ci-b758b462f2
...
build(deps): bump the ci group across 1 directory with 4 updates
2025-05-26 10:05:22 +03:00
d205bd310f
build(deps): bump the ci group across 1 directory with 4 updates
...
Bumps the ci group with 4 updates in the / directory: [actions/setup-go](https://github.com/actions/setup-go ), [docker/build-push-action](https://github.com/docker/build-push-action ), [anchore/sbom-action](https://github.com/anchore/sbom-action ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/setup-go` from 5.4.0 to 5.5.0
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0aaccfd150...d35c59abb0https://github.com/docker/build-push-action/releases )
- [Commits](14487ce63c...1dc7386353https://github.com/anchore/sbom-action/releases )
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md )
- [Commits](9f73021414...e11c554f70https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28deaeda66...60168efe1c
2025-05-26 02:25:31 +00:00
7f83d3c049
Merge pull request #1810 from fluxcd/upgrade-deps
...
Update dependencies
2025-05-25 14:50:12 +01:00
15e2448578
Update dependencies
...
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
2025-05-25 14:39:20 +01:00
4aa31dcc21
Merge pull request #1806 from fluxcd/update-deps-1.6.0
...
Update dependencies
2025-05-23 16:47:29 +02:00
cappyzawa
Matheus Pimenta
Stefan Prodan
dependabot[bot]
Terry Howe
zhaque44