cappyzawa 4b1ace618a Enforce TLS certificate verification in Helm/OCI Repository controllers ... Remove the insecure parameter from TLS configuration function calls to prevent InsecureSkipVerify from being set when using certificate-based authentication. This ensures TLS certificate verification is always performed when certificates are provided, aligning with our security policy. Updated pkg/runtime to v0.76.0 which no longer accepts the insecure parameter in TLS configuration functions. For OCIRepository, maintain backward compatibility by handling the specific case where no certificate is provided and insecure is explicitly set to true. This is the only allowed exception in Flux controllers. Signed-off-by: cappyzawa <cappyzawa@gmail.com>		2025-07-29 02:42:22 +09:00
..
cache	add cache exp test & cache delete test	2025-03-01 21:00:39 -06:00
controller	Enforce TLS certificate verification in Helm/OCI Repository controllers	2025-07-29 02:42:22 +09:00
digest	digest: register SHA1 digest algorithm	2023-02-14 12:48:36 +01:00
error	Sanitize URLs for bucket fetch error messages.	2024-04-04 15:22:21 +03:00
features	[RFC-0010] Introduce feature gate	2025-05-19 13:39:36 +01:00
fs	test: use `T.TempDir` to create temporary test directory	2022-04-29 23:01:39 +08:00
helm	Enforce TLS certificate verification in Helm/OCI Repository controllers	2025-07-29 02:42:22 +09:00
index	set NewDigester back	2025-05-08 19:19:08 -05:00
mock	misc: use `Err` prefix for errors	2023-10-09 14:59:58 +02:00
object	Promote GitRepository API to v1	2023-03-23 23:17:23 +02:00
oci	Promote OCIRepository API to v1 (GA)	2025-05-27 08:19:51 +03:00
predicates	Promote Helm APIs to v1 (GA)	2024-05-02 16:04:27 +03:00
reconcile	adding scenarions for processor_test.go	2025-06-07 08:39:34 -05:00
tls	helmrepo: fix Secret type check for TLS via `.spec.secretRef`	2023-09-06 00:27:45 +05:30
util	Refactor internal OCI package	2022-09-20 18:34:02 +03:00