fluxcd
/
source-controller
mirror of https://github.com/fluxcd/source-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
The GitOps Toolkit source management component
1,487 Commits 26 Branches 282 Tags 18 MiB
Go 98.4%
Shell 0.7%
Makefile 0.5%
Smarty 0.3%
Go to file
Sanskar Jaiswal 47692530d7 libgit2: fix ssh host key verification regression 
Earlier, host key verification could potentially fail if there were
multiple entries in the known_hosts file and if the intended encryption
algorithm wasn't the first entry. This happened because we used the same
hasher object to compute the sum of all the public keys present in the
known_hosts file, which led to invalid hashes, resulting in a mismatch
when compared with the hash of the advertised public key. This is fixed,
by not creating the hasher ourselves and instead delegating that to the
function actually doing the matching, ensuring that a new hasher is used
for each comparison.

Regression introduced in v0.25.0 and reported in
https://github.com/fluxcd/image-automation-controller/issues/378

Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
 		2022-06-08 13:59:32 +05:30
.github/workflows Update GH Actions 2022-05-26 14:57:34 +01:00
api Update dependencies 2022-05-26 14:48:36 +01:00
config Release v0.25.4 2022-06-07 15:53:56 +01:00
controllers Fix repository cache regression 2022-06-06 13:15:10 +02:00
docs Add docs on managed identity for Azure Blob 2022-06-03 10:05:31 +01:00
hack [RFC 0002] Flux OCI support for Helm (#690) 2022-05-19 14:50:16 +02:00
internal Fix sorting semver from OCI repository tags 2022-06-07 22:20:36 +02:00
pkg libgit2: fix ssh host key verification regression 2022-06-08 13:59:32 +05:30
tests/fuzz Update libgit2 to 1.3.1 2022-04-14 09:59:01 +01:00
.dockerignore Download libgit2 libraries for fuzzing 2022-02-11 12:30:46 +00:00
.gitignore Update libgit2 to 1.1.1-6 2022-02-07 13:00:57 +00:00
.goreleaser.yaml Publish SBOM and sign release artifacts 2022-01-20 13:49:36 +02:00
ATTRIBUTIONS.md Update attributions 2022-04-14 09:59:02 +01:00
CHANGELOG.md Release v0.25.4 2022-06-07 15:53:56 +01:00
CODE_OF_CONDUCT.md Add governance files like DCO, MAINTAINERS, CoC 2020-04-12 23:54:35 +02:00
DCO Add governance files like DCO, MAINTAINERS, CoC 2020-04-12 23:54:35 +02:00
DEVELOPMENT.md build: let users pass test flags to `make test` 2022-04-28 06:31:45 +02:00
Dockerfile Update Alpine to v3.16 2022-05-27 10:59:41 +03:00
LICENSE Initial commit 2020-04-05 11:55:46 +03:00
MAINTAINERS Add pjbgf to Maintainers 2022-02-17 11:24:02 +00:00
Makefile tests: ignore proxy settings when running tests 2022-05-25 13:57:54 +01:00
PROJECT Introduce v1beta2 API package 2022-02-23 12:34:35 +01:00
README.md bump link to API spec 2022-06-07 10:38:16 +01:00
go.mod libgit2: fix ssh host key verification regression 2022-06-08 13:59:32 +05:30
go.sum libgit2: fix ssh host key verification regression 2022-06-08 13:59:32 +05:30
main.go fix docs, error handling and managed proxy auth 2022-05-27 14:01:23 +05:30

README.md

Source controller

CII Best Practices e2e report license release

The source-controller is a Kubernetes operator, specialised in artifacts acquisition from external sources such as Git, Helm repositories and S3 buckets. The source-controller implements the source.toolkit.fluxcd.io API and is a core component of the GitOps toolkit.

overview

Features:

  • authenticates to sources (SSH, user/password, API token)
  • validates source authenticity (PGP)
  • detects source changes based on update policies (semver)
  • fetches resources on-demand and on-a-schedule
  • packages the fetched resources into a well-known format (tar.gz, yaml)
  • makes the artifacts addressable by their source identifier (sha, version, ts)
  • makes the artifacts available in-cluster to interested 3rd parties
  • notifies interested 3rd parties of source changes and availability (status conditions, events, hooks)
  • reacts to Git push and Helm chart upload events (via notification-controller)