Mirrors/flux2
1
0
Fork 0
mirror of synced 2026-03-29 20:36:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: enable bootstrap with custom CA locally

Browse Source 
When a user provided the `--ca-file` flag to the `bootstrap` command,
the given CA file wasn't taken into account for cloning the repository
locally. It was just passed along to the CR that is created so Flux
can make use of it when cloning the repository in-cluster.

However, users may not want to add a custom CA to their local host's
trust chain and may expect the `--ca-file` flag to be respected also
for cloning the repository locally. This is what this commit
accomplishes.

closes #1775

Signed-off-by: Max Jonas Werner <mail@makk.es>
This commit is contained in:
Max Jonas Werner
2021-09-01 15:33:43 +02:00
parent 06fa8f75c9
commit e98f1142a6
5 changed files with 37 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
internal/bootstrap/bootstrap_plain_git.go
View File

@@ -46,8 +46,9 @@ import (
)
type PlainGitBootstrapper struct {
url string
branch string
url string
branch string
caBundle []byte
author git.Author
commitMessageAppendix string
@@ -70,6 +71,16 @@ func WithRepositoryURL(url string) GitOption {
return repositoryURLOption(url)
}
func WithCABundle(b []byte) GitOption {
return caBundleOption(b)
}
type caBundleOption []byte
func (o caBundleOption) applyGit(b *PlainGitBootstrapper) {
b.caBundle = o
}
type repositoryURLOption string
func (o repositoryURLOption) applyGit(b *PlainGitBootstrapper) {
@@ -97,7 +108,7 @@ func NewPlainGitProvider(git git.Git, kube client.Client, opts ...GitOption) (*P
return b, nil
}
func (b *PlainGitBootstrapper) ReconcileComponents(ctx context.Context, manifestsBase string, options install.Options) error {
func (b *PlainGitBootstrapper) ReconcileComponents(ctx context.Context, manifestsBase string, options install.Options, secretOpts sourcesecret.Options) error {
// Clone if not already
if _, err := b.git.Status(); err != nil {
if err != git.ErrNoGitRepository {
@@ -107,7 +118,7 @@ func (b *PlainGitBootstrapper) ReconcileComponents(ctx context.Context, manifest
b.logger.Actionf("cloning branch %q from Git repository %q", b.branch, b.url)
var cloned bool
if err = retry(1, 2*time.Second, func() (err error) {
cloned, err = b.git.Clone(ctx, b.url, b.branch)
cloned, err = b.git.Clone(ctx, b.url, b.branch, b.caBundle)
return
}); err != nil {
return fmt.Errorf("failed to clone repository: %w", err)
@@ -145,7 +156,7 @@ func (b *PlainGitBootstrapper) ReconcileComponents(ctx context.Context, manifest
if err == nil {
b.logger.Successf("committed sync manifests to %q (%q)", b.branch, commit)
b.logger.Actionf("pushing component manifests to %q", b.url)
if err = b.git.Push(ctx); err != nil {
if err = b.git.Push(ctx, b.caBundle); err != nil {
return fmt.Errorf("failed to push manifests: %w", err)
}
} else {
@@ -260,7 +271,7 @@ func (b *PlainGitBootstrapper) ReconcileSyncConfig(ctx context.Context, options
b.logger.Actionf("cloning branch %q from Git repository %q", b.branch, b.url)
var cloned bool
if err = retry(1, 2*time.Second, func() (err error) {
cloned, err = b.git.Clone(ctx, b.url, b.branch)
cloned, err = b.git.Clone(ctx, b.url, b.branch, b.caBundle)
return
}); err != nil {
return fmt.Errorf("failed to clone repository: %w", err)
@@ -309,7 +320,7 @@ func (b *PlainGitBootstrapper) ReconcileSyncConfig(ctx context.Context, options
if err == nil {
b.logger.Successf("committed sync manifests to %q (%q)", b.branch, commit)
b.logger.Actionf("pushing sync manifests to %q", b.url)
if err = b.git.Push(ctx); err != nil {
if err = b.git.Push(ctx, b.caBundle); err != nil {
return fmt.Errorf("failed to push sync manifests: %w", err)
}
} else {