fluxcd
/
source-controller
mirror of https://github.com/fluxcd/source-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
source-controller/internal/controller
History
cappyzawa 4b1ace618a
Enforce TLS certificate verification in Helm/OCI Repository controllers 
Remove the insecure parameter from TLS configuration function calls to prevent
InsecureSkipVerify from being set when using certificate-based authentication.
This ensures TLS certificate verification is always performed when certificates
are provided, aligning with our security policy.

Updated pkg/runtime to v0.76.0 which no longer accepts the insecure parameter
in TLS configuration functions. For OCIRepository, maintain backward compatibility
by handling the specific case where no certificate is provided and insecure is
explicitly set to true. This is the only allowed exception in Flux controllers.

Signed-off-by: cappyzawa <cappyzawa@gmail.com>
 		2025-07-29 02:42:22 +09:00
..
testdata Renew testdata TLS certs 2025-04-22 10:12:10 +03:00
artifact.go Move controllers to internal/controller 2023-05-03 15:35:45 +05:30
artifact_matchers_test.go Move controllers to internal/controller 2023-05-03 15:35:45 +05:30
artifact_test.go Move controllers to internal/controller 2023-05-03 15:35:45 +05:30
bucket_controller.go Promote OCIRepository API to v1 (GA) 2025-05-27 08:19:51 +03:00
bucket_controller_fetch_test.go Promote Bucket API to v1 2024-08-23 13:25:57 +03:00
bucket_controller_test.go Promote Bucket API to v1 2024-08-23 13:25:57 +03:00
common_test.go Move controllers to internal/controller 2023-05-03 15:35:45 +05:30
gitrepository_controller.go Upgrade Kubernetes to 1.33.2 2025-07-14 18:33:46 +01:00
gitrepository_controller_fuzz_test.go update dependencies and switch to `go-git/go-git` 2023-05-26 13:46:48 +05:30
gitrepository_controller_test.go Upgrade Kubernetes to 1.33.2 2025-07-14 18:33:46 +01:00
helmchart_controller.go [RFC-0010] Introduce object-level workload identity for container registry APIs 2025-05-07 18:33:59 +01:00
helmchart_controller_test.go migrate HelmRepository to AuthMethodsFromSecret API 2025-07-18 21:29:37 +09:00
helmrepository_controller.go Update to Kubernetes 1.33.0 and Go 1.24.0 2025-04-28 14:10:47 +03:00
helmrepository_controller_test.go Enforce TLS certificate verification in Helm/OCI Repository controllers 2025-07-29 02:42:22 +09:00
ocirepository_controller.go Enforce TLS certificate verification in Helm/OCI Repository controllers 2025-07-29 02:42:22 +09:00
ocirepository_controller_test.go Migrate OCIRepository controller to runtime/secrets 2025-07-22 00:39:59 +09:00
source_predicate.go Move controllers to internal/controller 2023-05-03 15:35:45 +05:30
storage.go storage: change default file permissions 2023-11-06 12:22:40 +01:00
storage_test.go update dependencies and switch to `go-git/go-git` 2023-05-26 13:46:48 +05:30
suite_test.go Remove deprecated status fields from OCIRepository v1 2025-05-27 08:29:44 +03:00