Commit Graph

170 Commits

Author SHA1 Message Date
Sanskar Jaiswal c3511cc834 add support for checking out to Git refs
Add a new field `.spec.ref.name` which points to a Git reference which
enables checking out to a particular commit pointed to by the specified
reference.

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
2023-02-16 17:33:11 +05:30
Hidde Beydals eb4a38e421 spec: show RFC-0005 format and digest in examples
Signed-off-by: Hidde Beydals <hello@hidde.co>
2023-02-14 12:48:36 +01:00
Hidde Beydals 964b2d3f00 api: introduce `Digest` field to `Artifact`
As discussed in RFC-0005, this introduces a `Digest` field to the
`Artifact` in favor of the now deprecated `Checksum`.

Signed-off-by: Hidde Beydals <hello@hidde.co>
2023-02-10 20:30:59 +01:00
Kingdon Barrett 106f8aea42
Add a note about sourceignore recursion
Signed-off-by: Kingdon Barrett <kingdon@weave.works>
2023-01-30 09:47:52 -05:00
Christian Ihle 51bb596f08 Document support for bearer token authentication over https in gitrepositories
Signed-off-by: Christian Ihle <blurpy@gmail.com>
2023-01-24 16:00:14 +05:30
Sunny f707193e90 Update git dependencies for bearer token support
Also update API spec to mention bearer token field in git secret.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
2023-01-23 21:14:07 +05:30
Yohan Belléguic 2741d0a150 fix typo in helmRepo secretRef spec CRD
When using a TLS authentication, user can provide a custom certificate
by setting the caFile key in the secret, not caCert.

Signed-off-by: Yohan Belléguic <yohan.belleguic@arkea.com>
2023-01-16 19:52:06 +05:30
Sunny 197a03b989 update docs with progressive status
Signed-off-by: Sunny <darkowlzz@protonmail.com>
2023-01-10 00:30:40 +05:30
Paulo Gomes ce4ac58bff
libgit2: Update documentation
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
2022-12-12 15:34:30 +00:00
Paulo Gomes 5ffa6a5a68
libgit2: Remove references to libgit2 from code
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
2022-12-12 15:34:28 +00:00
Paulo Gomes 06e88f0789
docs: Improve Git implementation section
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
2022-11-17 15:03:02 +00:00
Paulo Gomes 331fd64952
gogit: Add new ForceGoGitImplementation FeatureGate
ForceGoGitImplementation ignores the value set for gitImplementation
and ensures that go-git is used for all GitRepository objects.
This can be used to confirm that Flux instances won't break if/when
the libgit2 implementation was to be deprecated.

When enabled, libgit2 won't be initialized, nor will any git2go cgo
code be called.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
2022-11-11 10:25:00 +00:00
Soule BA 06a55590a5
Fix verification condition
Delete a failed verification condition at the beginning of the source
reconciliation and set `SourceVerifiedCondition` to false approprietly.

Set the `BuildOptions.Verify` to true as long as Verify is enabled in the
API fields.

Signed-off-by: Soule BA <soule@weave.works>
2022-10-21 15:21:10 +02:00
Soule BA 5355fb3142
adding verfication section to HelmChart api doc
Signed-off-by: Soule BA <soule@weave.works>
2022-10-21 10:00:08 +02:00
Soule BA 0e97547eeb
implement Cosign verification for HelmCharts
If implemented, users will be able to enable chart verification for OCI
based helm charts.

Signed-off-by: Soule BA <soule@weave.works>
2022-10-21 10:00:08 +02:00
Sunny a6d7948667 Bucket: Add status.observedIgnore
Introduce status.observedIgnore in the Bucket API for consistency with
other sources with ignore.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
2022-10-10 23:06:02 +05:30
Sunny e996848555 GitRepo: Add observed content config in status
Replace content config checksum with explicit artifact content config
observations. It makes the observations of the controller more
transparent and easier to debug.

Introduces `observedIgnore`, `observedRecurseSubmodules` and
`observedInclude` status fields.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
2022-10-10 23:06:02 +05:30
Sunny 278a223bc6 OCIRepo: Add observed content config in status
Replace content config checksum with explicit artifact content config
observations. It makes the observations of the controller more
transparent and easier to debug.

Introduces `observedIgnore` and `observedLayerSelector` status fields.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
2022-10-10 23:06:02 +05:30
Somtochi Onyekwere 874714aed1 correct spacing
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2022-10-07 20:27:02 +01:00
Somtochi Onyekwere 5eeaa6455d List objects instead when checking if bucket exists in Azure
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2022-10-07 20:11:04 +01:00
Sunny f4aed8baf8
OCIRepoReconciler: no-op reconcile improvements
Introduce contentConfigChecksum in the OCIRepository status to store a
checksum of the values that affect the source artifact. It is used to
detect when to rebuild an artifact when the spec changes.

The considerations for this are similar to the GitRepository
reconciler no-op clone implementation. Both reconcileSource and
reconcileArtifact need to consider the source configuration change
when deciding if the artifact in the storage is up-to-date.

Adds tests for reconcileSource and reconcileArtifact for the noop
cases.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
2022-09-29 09:48:27 +03:00
Stefan Prodan 3f7d4630cc
Use the OCI artifact revision in status and events
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-09-26 13:30:28 +03:00
Stefan Prodan 4ec51ca306
Add option to copy the OCI layer to storage
Add on optional field to the `OCIRepository.spec.layerSelector` called `operation` that accepts one of the following values: `extract` or `copy`. When the operation is set to `copy`, instead of extracting the compressed layer, the controller copies the compressed blob as it is to storage, thus keeping the original content unaltered.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-09-23 19:00:30 +03:00
Stefan Prodan 082028e115
Refactor internal OCI package
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-09-20 18:34:02 +03:00
Stefan Prodan 21af88fbea
Document the Cosign verification procedure
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-09-20 14:07:11 +03:00
Furkan 697f260dba
Introduce Initial OCIRepository Source Verification
Fixes #863

Signed-off-by: Furkan <furkan.turkal@trendyol.com>
Co-authored-by: Batuhan <batuhan.apaydin@trendyol.com>
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
2022-09-20 14:07:10 +03:00
Stefan Prodan e1ad5a6fd3
Add `spec.insecure` to OCIRepository API
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-31 11:10:25 +03:00
Daniel Holbach 9669af1f38 update to new doc links structure
Signed-off-by: Daniel Holbach <daniel@weave.works>
2022-08-30 15:17:06 +02:00
Soule BA 6a8369f3b1
Add docker-registry secrets to OCI doc
A new statement is added to specify that docker-registry secrets are
accepted by OCI Helm repositories.

Signed-off-by: Soule BA <soule@weave.works>
2022-08-26 15:49:50 +02:00
Soule BA ad3eb5ca47
Enable contextual login for helm OCI
If implemented, this pr will enable user to use the auto login feature
in order to automatically login to their provider of choice's container
registry (i.e. aws, gcr, acr).

Signed-off-by: Soule BA <soule@weave.works>
2022-08-25 22:27:35 +02:00
Stefan Prodan e5cb32b0f2
Add OCI layer selector to API docs
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-24 12:46:04 +03:00
Stefan Prodan 11dc0a3bc7
Select layer by OCI media type
Allow specifying the media type of the layer which should be extracted from the OCI artifact.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-23 12:25:18 +03:00
Paulo Gomes 106d3fcd54
Merge branch 'main' into sas-key-azure-blob 2022-08-12 15:46:03 +01:00
Somtochi Onyekwere 35268638ba Add Support for SAS keys in Azure Blob
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2022-08-11 20:49:59 +01:00
Sunny c1723d4485
OCIRepo docs: auto-login setup details
Signed-off-by: Sunny <darkowlzz@protonmail.com>
2022-08-12 00:08:02 +05:30
Soule BA 0a390a0179
Document Auto-Login usage
If implemented, this provides examples on how to patch the
source-controller to enable auto-login.

Signed-off-by: Soule BA <soule@weave.works>
2022-08-11 13:25:05 +02:00
Stefan Prodan 94e98ee5ca
Add the opencontainers annotations to API docs
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-08 12:58:04 +03:00
Stefan Prodan 1a59935858
Add OCI failure reasons to API
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-05 13:24:06 +03:00
Stefan Prodan 196641147e
API docs improvements
Co-authored-by: Paulo Gomes <paulo.gomes@weave.works>
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-05 12:21:47 +03:00
Stefan Prodan 63c94397f7
Implement OCI auth for cloud providers
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-04 13:29:03 +03:00
Stefan Prodan 8cc8798e6e
Add the provider field to the OCIRepository API
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-02 13:28:50 +03:00
Stefan Prodan acc95d8c50
Add upstream source and revision to logs and events
Enrich the successful reconciliation event message with the upstream opencontainers annotations

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-02 13:11:15 +03:00
Stefan Prodan 05f9c0ee2b
Add the OCI metadata to the internal artifact
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-02 13:07:07 +03:00
Stefan Prodan ada42eeaa7
Remove `spec.verify` from the API
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-02 13:07:07 +03:00
Stefan Prodan 4b0729203b
Add OCIRepository API spec to docs
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-02 13:07:07 +03:00
Stefan Prodan 46fe7a389c
Add OCIRepository kind to v1beta2 API
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2022-08-02 13:07:05 +03:00
Sanskar Jaiswal 39fd59781b docs: remove managed transport section
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
2022-07-20 18:56:37 +05:30
Paulo Gomes 87fba45aa2
docs: Add password-protected SSH keys information
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
2022-07-01 11:19:41 +01:00
Somtochi Onyekwere bb7aa14538 Add docs on managed identity for Azure Blob
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2022-06-03 10:05:31 +01:00
Sanskar Jaiswal 04e167cd01 Release v0.25.0
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
2022-06-01 16:27:30 +05:30