diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 940ce55a..593446bb 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -183,7 +183,7 @@ jobs: /tmp/flux push artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \ --path="./manifests" \ --source="${{ github.repositoryUrl }}" \ - --revision="${{ github.ref }}/${{ github.sha }}" + --revision="${{ github.ref }}@sha1:${{ github.sha }}" /tmp/flux tag artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \ --tag latest /tmp/flux list artifacts oci://localhost:5000/fluxcd/flux diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index cb719637..75cf6205 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -120,7 +120,7 @@ jobs: oci://ghcr.io/fluxcd/flux-manifests:${{ steps.prep.outputs.VERSION }} \ --path="./flux-system" \ --source=${{ github.repositoryUrl }} \ - --revision="${{ github.ref_name }}/${{ github.sha }}" + --revision="${{ github.ref_name }}@sha1:${{ github.sha }}" - name: Push manifests to DockerHub run: | mkdir -p ./docker.io/flux-system @@ -132,7 +132,7 @@ jobs: oci://docker.io/fluxcd/flux-manifests:${{ steps.prep.outputs.VERSION }} \ --path="./flux-system" \ --source=${{ github.repositoryUrl }} \ - --revision="${{ github.ref_name }}/${{ github.sha }}" + --revision="${{ github.ref_name }}@sha1:${{ github.sha }}" - uses: sigstore/cosign-installer@9becc617647dfa20ae7b1151972e9b3a2c338a2b # v2.8.1 - name: Sign manifests env: diff --git a/action/README.md b/action/README.md index 5301c8c1..ba094484 100644 --- a/action/README.md +++ b/action/README.md @@ -132,7 +132,7 @@ jobs: flux push artifact $OCI_REPO:$(git rev-parse --short HEAD) \ --path="./deploy" \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git branch --show-current)/$(git rev-parse HEAD)" + --revision="$(git branch --show-current)@sha1:$(git rev-parse HEAD)" - name: Deploy manifests to staging run: | flux tag artifact $OCI_REPO:$(git rev-parse --short HEAD) --tag staging @@ -180,7 +180,7 @@ jobs: $OCI_REPO:$(git rev-parse --short HEAD) \ --path="./manifests" \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git branch --show-current)/$(git rev-parse HEAD)" |\ + --revision="$(git branch --show-current)@sha1:$(git rev-parse HEAD)" |\ jq -r '. | .repository + "@" + .digest') cosign sign $digest_url diff --git a/cmd/flux/push_artifact.go b/cmd/flux/push_artifact.go index 6664c201..badea6a9 100644 --- a/cmd/flux/push_artifact.go +++ b/cmd/flux/push_artifact.go @@ -41,13 +41,13 @@ The command can read the credentials from '~/.docker/config.json' but they can a flux push artifact oci://ghcr.io/org/config/app:$(git rev-parse --short HEAD) \ --path="./path/to/local/manifests" \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git branch --show-current)/$(git rev-parse HEAD)" + --revision="$(git branch --show-current)@sha1:$(git rev-parse HEAD)" # Push and sign artifact with cosign digest_url = $(flux push artifact \ oci://ghcr.io/org/config/app:$(git rev-parse --short HEAD) \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git branch --show-current)/$(git rev-parse HEAD)" \ + --revision="$(git branch --show-current)@sha1:$(git rev-parse HEAD)" \ --path="./path/to/local/manifest.yaml" \ --output json | \ jq -r '. | .repository + "@" + .digest') @@ -56,21 +56,21 @@ The command can read the credentials from '~/.docker/config.json' but they can a # Push manifests passed into stdin to GHCR kustomize build . | flux push artifact oci://ghcr.io/org/config/app:$(git rev-parse --short HEAD) -p - \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git branch --show-current)/$(git rev-parse HEAD)" + --revision="$(git branch --show-current)@sha1:$(git rev-parse HEAD)" # Push single manifest file to GHCR using the short Git SHA as the OCI artifact tag echo $GITHUB_PAT | docker login ghcr.io --username flux --password-stdin flux push artifact oci://ghcr.io/org/config/app:$(git rev-parse --short HEAD) \ --path="./path/to/local/manifest.yaml" \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git branch --show-current)/$(git rev-parse HEAD)" + --revision="$(git branch --show-current)@sha1:$(git rev-parse HEAD)" # Push manifests to Docker Hub using the Git tag as the OCI artifact tag echo $DOCKER_PAT | docker login --username flux --password-stdin flux push artifact oci://docker.io/org/app-config:$(git tag --points-at HEAD) \ --path="./path/to/local/manifests" \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git tag --points-at HEAD)/$(git rev-parse HEAD)" + --revision="$(git tag --points-at HEAD)@sha1:$(git rev-parse HEAD)" # Login directly to the registry provider # You might need to export the following variable if you use local config files for AWS: @@ -78,14 +78,14 @@ The command can read the credentials from '~/.docker/config.json' but they can a flux push artifact oci://.dkr.ecr..amazonaws.com/foo:v1:$(git tag --points-at HEAD) \ --path="./path/to/local/manifests" \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git tag --points-at HEAD)/$(git rev-parse HEAD)" \ + --revision="$(git tag --points-at HEAD)@sha1:$(git rev-parse HEAD)" \ --provider aws # Or pass credentials directly flux push artifact oci://docker.io/org/app-config:$(git tag --points-at HEAD) \ --path="./path/to/local/manifests" \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git tag --points-at HEAD)/$(git rev-parse HEAD)" \ + --revision="$(git tag --points-at HEAD)@sha1:$(git rev-parse HEAD)" \ --creds flux:$DOCKER_PAT `, RunE: pushArtifactCmdRun, @@ -112,7 +112,7 @@ func newPushArtifactFlags() pushArtifactFlags { func init() { pushArtifactCmd.Flags().StringVar(&pushArtifactArgs.path, "path", "", "path to the directory where the Kubernetes manifests are located") pushArtifactCmd.Flags().StringVar(&pushArtifactArgs.source, "source", "", "the source address, e.g. the Git URL") - pushArtifactCmd.Flags().StringVar(&pushArtifactArgs.revision, "revision", "", "the source revision in the format '/'") + pushArtifactCmd.Flags().StringVar(&pushArtifactArgs.revision, "revision", "", "the source revision in the format '@sha1:'") pushArtifactCmd.Flags().StringVar(&pushArtifactArgs.creds, "creds", "", "credentials for OCI registry in the format [:] if --provider is generic") pushArtifactCmd.Flags().Var(&pushArtifactArgs.provider, "provider", pushArtifactArgs.provider.Description()) pushArtifactCmd.Flags().StringSliceVar(&pushArtifactArgs.ignorePaths, "ignore-paths", excludeOCI, "set paths to ignore in .gitignore format") diff --git a/cmd/flux/testdata/helmrelease/create_source_git.golden b/cmd/flux/testdata/helmrelease/create_source_git.golden index e7db754b..61d4d7c8 100644 --- a/cmd/flux/testdata/helmrelease/create_source_git.golden +++ b/cmd/flux/testdata/helmrelease/create_source_git.golden @@ -3,4 +3,4 @@ ✔ GitRepository source created ◎ waiting for GitRepository source reconciliation ✔ GitRepository source reconciliation completed -✔ fetched revision: 6.0.0/627d5c4bb67b77185f37e31d734b085019ff2951 +✔ fetched revision: 6.0.0@sha1:627d5c4bb67b77185f37e31d734b085019ff2951 diff --git a/cmd/flux/testdata/helmrelease/reconcile_helmrelease_from_git.golden b/cmd/flux/testdata/helmrelease/reconcile_helmrelease_from_git.golden index a1cf24b4..968c220b 100644 --- a/cmd/flux/testdata/helmrelease/reconcile_helmrelease_from_git.golden +++ b/cmd/flux/testdata/helmrelease/reconcile_helmrelease_from_git.golden @@ -1,7 +1,7 @@ ► annotating GitRepository thrfg in {{ .ns }} namespace ✔ GitRepository annotated ◎ waiting for GitRepository reconciliation -✔ fetched revision 6.0.0/627d5c4bb67b77185f37e31d734b085019ff2951 +✔ fetched revision 6.0.0@sha1:627d5c4bb67b77185f37e31d734b085019ff2951 ► annotating HelmRelease thrfg in {{ .ns }} namespace ✔ HelmRelease annotated ◎ waiting for HelmRelease reconciliation diff --git a/cmd/flux/testdata/kustomization/create_kustomization_from_git.golden b/cmd/flux/testdata/kustomization/create_kustomization_from_git.golden index 82fa5938..814b8802 100644 --- a/cmd/flux/testdata/kustomization/create_kustomization_from_git.golden +++ b/cmd/flux/testdata/kustomization/create_kustomization_from_git.golden @@ -3,4 +3,4 @@ ✔ Kustomization created ◎ waiting for Kustomization reconciliation ✔ Kustomization tkfg is ready -✔ applied revision 6.0.0/627d5c4bb67b77185f37e31d734b085019ff2951 +✔ applied revision 6.0.0@sha1:627d5c4bb67b77185f37e31d734b085019ff2951 diff --git a/cmd/flux/testdata/kustomization/create_source_git.golden b/cmd/flux/testdata/kustomization/create_source_git.golden index e7db754b..61d4d7c8 100644 --- a/cmd/flux/testdata/kustomization/create_source_git.golden +++ b/cmd/flux/testdata/kustomization/create_source_git.golden @@ -3,4 +3,4 @@ ✔ GitRepository source created ◎ waiting for GitRepository source reconciliation ✔ GitRepository source reconciliation completed -✔ fetched revision: 6.0.0/627d5c4bb67b77185f37e31d734b085019ff2951 +✔ fetched revision: 6.0.0@sha1:627d5c4bb67b77185f37e31d734b085019ff2951 diff --git a/cmd/flux/testdata/kustomization/get_kustomization_from_git.golden b/cmd/flux/testdata/kustomization/get_kustomization_from_git.golden index 8aa32cc6..55d327c2 100644 --- a/cmd/flux/testdata/kustomization/get_kustomization_from_git.golden +++ b/cmd/flux/testdata/kustomization/get_kustomization_from_git.golden @@ -1,2 +1,2 @@ -NAME REVISION SUSPENDED READY MESSAGE -tkfg 6.0.0/627d5c4b False True Applied revision: 6.0.0/627d5c4b +NAME REVISION SUSPENDED READY MESSAGE +tkfg 6.0.0@sha1:627d5c4b False True Applied revision: 6.0.0@sha1:627d5c4b diff --git a/cmd/flux/testdata/kustomization/reconcile_kustomization_from_git.golden b/cmd/flux/testdata/kustomization/reconcile_kustomization_from_git.golden index e87dc391..41cbb716 100644 --- a/cmd/flux/testdata/kustomization/reconcile_kustomization_from_git.golden +++ b/cmd/flux/testdata/kustomization/reconcile_kustomization_from_git.golden @@ -1,8 +1,8 @@ ► annotating GitRepository tkfg in {{ .ns }} namespace ✔ GitRepository annotated ◎ waiting for GitRepository reconciliation -✔ fetched revision 6.0.0/627d5c4bb67b77185f37e31d734b085019ff2951 +✔ fetched revision 6.0.0@sha1:627d5c4bb67b77185f37e31d734b085019ff2951 ► annotating Kustomization tkfg in {{ .ns }} namespace ✔ Kustomization annotated ◎ waiting for Kustomization reconciliation -✔ applied revision 6.0.0/627d5c4bb67b77185f37e31d734b085019ff2951 +✔ applied revision 6.0.0@sha1:627d5c4bb67b77185f37e31d734b085019ff2951 diff --git a/cmd/flux/testdata/kustomization/resume_kustomization_from_git.golden b/cmd/flux/testdata/kustomization/resume_kustomization_from_git.golden index a59e904d..c9a4b67f 100644 --- a/cmd/flux/testdata/kustomization/resume_kustomization_from_git.golden +++ b/cmd/flux/testdata/kustomization/resume_kustomization_from_git.golden @@ -2,4 +2,4 @@ ✔ kustomization resumed ◎ waiting for Kustomization reconciliation ✔ Kustomization reconciliation completed -✔ applied revision 6.0.0/627d5c4bb67b77185f37e31d734b085019ff2951 +✔ applied revision 6.0.0@sha1:627d5c4bb67b77185f37e31d734b085019ff2951 diff --git a/cmd/flux/testdata/oci/create_source_oci.golden b/cmd/flux/testdata/oci/create_source_oci.golden index b2c2d3a3..f7e8afa2 100644 --- a/cmd/flux/testdata/oci/create_source_oci.golden +++ b/cmd/flux/testdata/oci/create_source_oci.golden @@ -2,4 +2,4 @@ ✔ OCIRepository created ◎ waiting for OCIRepository reconciliation ✔ OCIRepository reconciliation completed -✔ fetched revision: 6.1.6/dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 +✔ fetched revision: 6.1.6@sha256:dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 diff --git a/cmd/flux/testdata/oci/get_oci.golden b/cmd/flux/testdata/oci/get_oci.golden index 153ebd0d..ecd3a5b2 100644 --- a/cmd/flux/testdata/oci/get_oci.golden +++ b/cmd/flux/testdata/oci/get_oci.golden @@ -1,2 +1,2 @@ -NAME REVISION SUSPENDED READY MESSAGE -thrfg 6.1.6/dbdb1097 False True stored artifact for digest '6.1.6/dbdb1097' +NAME REVISION SUSPENDED READY MESSAGE +thrfg 6.1.6@sha256:dbdb1097 False True stored artifact for digest '6.1.6@sha256:dbdb1097' diff --git a/cmd/flux/testdata/oci/reconcile_oci.golden b/cmd/flux/testdata/oci/reconcile_oci.golden index 6f095770..c1501f87 100644 --- a/cmd/flux/testdata/oci/reconcile_oci.golden +++ b/cmd/flux/testdata/oci/reconcile_oci.golden @@ -1,4 +1,4 @@ ► annotating OCIRepository thrfg in {{ .ns }} namespace ✔ OCIRepository annotated ◎ waiting for OCIRepository reconciliation -✔ fetched revision 6.1.6/dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 +✔ fetched revision 6.1.6@sha256:dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 diff --git a/cmd/flux/testdata/oci/resume_oci.golden b/cmd/flux/testdata/oci/resume_oci.golden index 4b022bad..fe6531d7 100644 --- a/cmd/flux/testdata/oci/resume_oci.golden +++ b/cmd/flux/testdata/oci/resume_oci.golden @@ -2,4 +2,4 @@ ✔ source oci resumed ◎ waiting for OCIRepository reconciliation ✔ OCIRepository reconciliation completed -✔ fetched revision 6.1.6/dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 +✔ fetched revision 6.1.6@sha256:dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 diff --git a/cmd/flux/testdata/trace/deployment.golden b/cmd/flux/testdata/trace/deployment.golden index d02e8a56..b567388a 100644 --- a/cmd/flux/testdata/trace/deployment.golden +++ b/cmd/flux/testdata/trace/deployment.golden @@ -20,6 +20,6 @@ Message: Fetched revision: 6.0.0 HelmRepository: podinfo Namespace: {{ .fluxns }} URL: https://stefanprodan.github.io/podinfo -Revision: 8411f23d07d3701f0e96e7d9e503b7936d7e1d56 +Revision: sha1:8411f23d07d3701f0e96e7d9e503b7936d7e1d56 Status: Last reconciled at {{ .helmRepositoryLastReconcile }} -Message: Fetched revision: 8411f23d07d3701f0e96e7d9e503b7936d7e1d56 +Message: Fetched revision: main@sha1:8411f23d07d3701f0e96e7d9e503b7936d7e1d56 diff --git a/cmd/flux/testdata/trace/deployment.yaml b/cmd/flux/testdata/trace/deployment.yaml index 4ea81141..11d947ce 100644 --- a/cmd/flux/testdata/trace/deployment.yaml +++ b/cmd/flux/testdata/trace/deployment.yaml @@ -106,12 +106,12 @@ status: artifact: checksum: 8411f23d07d3701f0e96e7d9e503b7936d7e1d56 lastUpdateTime: "2021-07-11T00:25:46Z" - revision: 8411f23d07d3701f0e96e7d9e503b7936d7e1d56 + revision: sha1:8411f23d07d3701f0e96e7d9e503b7936d7e1d56 path: "example" url: "example" conditions: - lastTransitionTime: "2021-07-11T00:25:46Z" - message: 'Fetched revision: 8411f23d07d3701f0e96e7d9e503b7936d7e1d56' + message: 'Fetched revision: main@sha1:8411f23d07d3701f0e96e7d9e503b7936d7e1d56' reason: IndexationSucceed status: "True" type: Ready @@ -132,7 +132,7 @@ spec: status: conditions: - lastTransitionTime: "2021-08-01T04:52:56Z" - message: 'Applied revision: main/696f056df216eea4f9401adbee0ff744d4df390f' + message: 'Applied revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f' reason: ReconciliationSucceeded status: "True" type: Ready diff --git a/cmd/flux/testdata/trace/helmrelease-oci.golden b/cmd/flux/testdata/trace/helmrelease-oci.golden index 768c4616..01b314da 100644 --- a/cmd/flux/testdata/trace/helmrelease-oci.golden +++ b/cmd/flux/testdata/trace/helmrelease-oci.golden @@ -6,16 +6,16 @@ Status: Managed by Flux Kustomization: infrastructure Namespace: {{ .fluxns }} Path: ./infrastructure -Revision: main/696f056df216eea4f9401adbee0ff744d4df390f +Revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f Status: Last reconciled at {{ .kustomizationLastReconcile }} -Message: Applied revision: main/696f056df216eea4f9401adbee0ff744d4df390f +Message: Applied revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f --- OCIRepository: flux-system Namespace: {{ .fluxns }} URL: oci://ghcr.io/example/repo Tag: 1.2.3 -Revision: dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 -Origin Revision: 6.1.6/450796ddb2ab6724ee1cc32a4be56da032d1cca0 +Revision: sha256:dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 +Origin Revision: 6.1.6@sha1:450796ddb2ab6724ee1cc32a4be56da032d1cca0 Origin Source: https://github.com/stefanprodan/podinfo.git Status: Last reconciled at {{ .ociRepositoryLastReconcile }} -Message: stored artifact for digest 'dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3' +Message: stored artifact for digest 'sha256:dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3' diff --git a/cmd/flux/testdata/trace/helmrelease-oci.yaml b/cmd/flux/testdata/trace/helmrelease-oci.yaml index 7c3fa2da..bc2f5fef 100644 --- a/cmd/flux/testdata/trace/helmrelease-oci.yaml +++ b/cmd/flux/testdata/trace/helmrelease-oci.yaml @@ -54,11 +54,11 @@ spec: status: conditions: - lastTransitionTime: "2021-08-01T04:52:56Z" - message: 'Applied revision: main/696f056df216eea4f9401adbee0ff744d4df390f' + message: 'Applied revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f' reason: ReconciliationSucceeded status: "True" type: Ready - lastAppliedRevision: main/696f056df216eea4f9401adbee0ff744d4df390f + lastAppliedRevision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f --- apiVersion: source.toolkit.fluxcd.io/v1beta2 kind: OCIRepository @@ -79,14 +79,14 @@ status: artifact: lastUpdateTime: "2022-08-10T10:07:59Z" metadata: - org.opencontainers.image.revision: 6.1.6/450796ddb2ab6724ee1cc32a4be56da032d1cca0 + org.opencontainers.image.revision: 6.1.6@sha1:450796ddb2ab6724ee1cc32a4be56da032d1cca0 org.opencontainers.image.source: https://github.com/stefanprodan/podinfo.git path: "example" - revision: dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 + revision: sha256:dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3 url: "example" conditions: - lastTransitionTime: "2021-07-20T00:48:16Z" - message: "stored artifact for digest 'dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3'" + message: "stored artifact for digest 'sha256:dbdb109711ffb3be77504d2670dbe13c24dd63d8d7f1fb489d350e5bfe930dd3'" reason: Succeed status: "True" type: Ready diff --git a/cmd/flux/testdata/trace/helmrelease.golden b/cmd/flux/testdata/trace/helmrelease.golden index 310d2192..384e2181 100644 --- a/cmd/flux/testdata/trace/helmrelease.golden +++ b/cmd/flux/testdata/trace/helmrelease.golden @@ -6,14 +6,14 @@ Status: Managed by Flux Kustomization: infrastructure Namespace: {{ .fluxns }} Path: ./infrastructure -Revision: main/696f056df216eea4f9401adbee0ff744d4df390f +Revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f Status: Last reconciled at {{ .kustomizationLastReconcile }} -Message: Applied revision: main/696f056df216eea4f9401adbee0ff744d4df390f +Message: Applied revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f --- GitRepository: flux-system Namespace: {{ .fluxns }} URL: ssh://git@github.com/example/repo Branch: main -Revision: main/696f056df216eea4f9401adbee0ff744d4df390f +Revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f Status: Last reconciled at {{ .gitRepositoryLastReconcile }} -Message: Fetched revision: main/696f056df216eea4f9401adbee0ff744d4df390f +Message: Fetched revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f diff --git a/cmd/flux/testdata/trace/helmrelease.yaml b/cmd/flux/testdata/trace/helmrelease.yaml index 80a8b8f9..a30663b0 100644 --- a/cmd/flux/testdata/trace/helmrelease.yaml +++ b/cmd/flux/testdata/trace/helmrelease.yaml @@ -54,11 +54,11 @@ spec: status: conditions: - lastTransitionTime: "2021-08-01T04:52:56Z" - message: 'Applied revision: main/696f056df216eea4f9401adbee0ff744d4df390f' + message: 'Applied revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f' reason: ReconciliationSucceeded status: "True" type: Ready - lastAppliedRevision: main/696f056df216eea4f9401adbee0ff744d4df390f + lastAppliedRevision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f --- apiVersion: source.toolkit.fluxcd.io/v1beta1 kind: GitRepository @@ -79,12 +79,12 @@ spec: status: artifact: lastUpdateTime: "2021-08-01T04:28:42Z" - revision: main/696f056df216eea4f9401adbee0ff744d4df390f + revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f path: "example" url: "example" conditions: - lastTransitionTime: "2021-07-20T00:48:16Z" - message: 'Fetched revision: main/696f056df216eea4f9401adbee0ff744d4df390f' + message: 'Fetched revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f' reason: GitOperationSucceed status: "True" type: Ready diff --git a/cmd/flux/testdata/tree/kustomizations.yaml b/cmd/flux/testdata/tree/kustomizations.yaml index 45055da2..3c471b20 100644 --- a/cmd/flux/testdata/tree/kustomizations.yaml +++ b/cmd/flux/testdata/tree/kustomizations.yaml @@ -19,7 +19,7 @@ spec: status: conditions: - lastTransitionTime: "2021-08-01T04:52:56Z" - message: 'Applied revision: main/696f056df216eea4f9401adbee0ff744d4df390f' + message: 'Applied revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f' reason: ReconciliationSucceeded status: "True" type: Ready @@ -55,7 +55,7 @@ spec: status: conditions: - lastTransitionTime: "2021-08-01T04:52:56Z" - message: 'Applied revision: main/696f056df216eea4f9401adbee0ff744d4df390f' + message: 'Applied revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f' reason: ReconciliationSucceeded status: "True" type: Ready @@ -81,7 +81,7 @@ spec: status: conditions: - lastTransitionTime: "2021-08-01T04:52:56Z" - message: 'Applied revision: main/696f056df216eea4f9401adbee0ff744d4df390f' + message: 'Applied revision: main@sha1:696f056df216eea4f9401adbee0ff744d4df390f' reason: ReconciliationSucceeded status: "True" type: Ready diff --git a/go.mod b/go.mod index c64240e3..30ba7b5b 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.18 require ( github.com/Masterminds/semver/v3 v3.2.0 - github.com/ProtonMail/go-crypto v0.0.0-20230127202215-f7f10de891d5 + github.com/ProtonMail/go-crypto v0.0.0-20230214155104-81033d7f4442 github.com/cyphar/filepath-securejoin v0.2.3 github.com/distribution/distribution/v3 v3.0.0-20230131081513-cf87e8d07e8d github.com/fluxcd/go-git-providers v0.13.0 @@ -15,7 +15,7 @@ require ( github.com/fluxcd/kustomize-controller/api v0.33.0 github.com/fluxcd/notification-controller/api v0.31.0 github.com/fluxcd/pkg/apis/meta v0.19.0 - github.com/fluxcd/pkg/git v0.8.0 + github.com/fluxcd/pkg/git v0.10.0 github.com/fluxcd/pkg/git/gogit v0.5.0 github.com/fluxcd/pkg/kustomize v0.13.0 github.com/fluxcd/pkg/oci v0.18.0 @@ -25,7 +25,7 @@ require ( github.com/fluxcd/pkg/ssh v0.7.0 github.com/fluxcd/pkg/untar v0.2.0 github.com/fluxcd/pkg/version v0.2.0 - github.com/fluxcd/source-controller/api v0.34.0 + github.com/fluxcd/source-controller/api v0.35.1 github.com/gonvenience/bunt v1.3.4 github.com/gonvenience/ytbx v1.4.4 github.com/google/go-cmp v0.5.9 @@ -40,8 +40,8 @@ require ( github.com/spf13/cobra v1.6.1 github.com/spf13/pflag v1.0.5 github.com/theckman/yacspin v0.13.12 - golang.org/x/crypto v0.5.0 - golang.org/x/term v0.4.0 + golang.org/x/crypto v0.6.0 + golang.org/x/term v0.5.0 k8s.io/api v0.26.1 k8s.io/apiextensions-apiserver v0.26.1 k8s.io/apimachinery v0.26.1 @@ -93,7 +93,7 @@ require ( github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e // indirect - github.com/cloudflare/circl v1.3.1 // indirect + github.com/cloudflare/circl v1.3.2 // indirect github.com/containerd/stargz-snapshotter/estargz v0.12.1 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect @@ -200,11 +200,11 @@ require ( github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f // indirect go.starlark.net v0.0.0-20221028183056-acb66ad56dd2 // indirect golang.org/x/mod v0.7.0 // indirect - golang.org/x/net v0.5.0 // indirect + golang.org/x/net v0.6.0 // indirect golang.org/x/oauth2 v0.2.0 // indirect golang.org/x/sync v0.1.0 // indirect - golang.org/x/sys v0.4.0 // indirect - golang.org/x/text v0.6.0 // indirect + golang.org/x/sys v0.5.0 // indirect + golang.org/x/text v0.7.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.4.0 // indirect gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect diff --git a/go.sum b/go.sum index aa65c0e3..95b1043e 100644 --- a/go.sum +++ b/go.sum @@ -58,8 +58,8 @@ github.com/Microsoft/go-winio v0.6.0/go.mod h1:cTAf44im0RAYeL23bpB+fzCyDH2MJiz2B github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo= github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4/go.mod h1:UBYPn8k0D56RtnR8RFQMjmh4KrZzWJ5o7Z9SYjossQ8= -github.com/ProtonMail/go-crypto v0.0.0-20230127202215-f7f10de891d5 h1:Fu4D/i1HBoWql9xVIfW50Kohujz+T3xXPV60JVb3Fao= -github.com/ProtonMail/go-crypto v0.0.0-20230127202215-f7f10de891d5/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= +github.com/ProtonMail/go-crypto v0.0.0-20230214155104-81033d7f4442 h1:OUJ54Fkd+AQXYmr9eOUxZfWNzpK3/e/KD40qa2rKHS4= +github.com/ProtonMail/go-crypto v0.0.0-20230214155104-81033d7f4442/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d h1:UrqY+r/OJnIp5u0s1SbQ8dVfLCZJsnvazdBP5hS4iRs= github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk= @@ -132,8 +132,8 @@ github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 h1:q763qf9huN11kDQavWs github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= -github.com/cloudflare/circl v1.3.1 h1:4OVCZRL62ijwEwxnF6I7hLwxvIYi3VaZt8TflkqtrtA= -github.com/cloudflare/circl v1.3.1/go.mod h1:+CauBF6R70Jqcyl8N2hC8pAXYbWkGIezuSbuGLtRhnw= +github.com/cloudflare/circl v1.3.2 h1:VWp8dY3yH69fdM7lM6A1+NhhVoDu9vqK0jOgmkQHFWk= +github.com/cloudflare/circl v1.3.2/go.mod h1:+CauBF6R70Jqcyl8N2hC8pAXYbWkGIezuSbuGLtRhnw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= @@ -215,8 +215,8 @@ github.com/fluxcd/pkg/apis/kustomize v0.8.0 h1:A6aLolxPV2Sll44SOHiX96lbXXmRZmS5B github.com/fluxcd/pkg/apis/kustomize v0.8.0/go.mod h1:9DPEVSfVIkiC2H3Dk6Ght4YJkswhYIaufXla4tB5Y84= github.com/fluxcd/pkg/apis/meta v0.19.0 h1:CX75e/eaRWZDTzNdMSWomY1InlssLKcS8GQDSg/aopI= github.com/fluxcd/pkg/apis/meta v0.19.0/go.mod h1:7b6prDPsViyAzoY7eRfSPS0/MbXpGGsOMvRq2QrTKa4= -github.com/fluxcd/pkg/git v0.8.0 h1:7mIbdqSf+qXwY17+A+Kge2yWIJCMJ1p1DiBDGnKRohg= -github.com/fluxcd/pkg/git v0.8.0/go.mod h1:3deiLPws4DSQ3hqwtQd7Dt66GXTN/4RcT/yHAljXaHo= +github.com/fluxcd/pkg/git v0.10.0 h1:tO04FyUV3kmyJOpAKjMFZWClqr1JNGxS8RxI7znq6is= +github.com/fluxcd/pkg/git v0.10.0/go.mod h1:zn3pJ4mRItezf6J0okHZbZ+3YNAGsjnhrS+Kbo+56Jw= github.com/fluxcd/pkg/git/gogit v0.5.0 h1:3Fzx2W16K/37ZHT6WmLFuRYgs+CGvzka+dwY7ktoxJE= github.com/fluxcd/pkg/git/gogit v0.5.0/go.mod h1:cqoJhKXCmWuN2ezD/2ECUYwR8gR7svMRJoHRr9VyTQc= github.com/fluxcd/pkg/gittestserver v0.8.0 h1:YrYe63KScKlLxx0GAiQthx2XqHDx0vKitIIx4JnDtIo= @@ -238,8 +238,8 @@ github.com/fluxcd/pkg/untar v0.2.0 h1:sJXU+FbJcNUb2ffLJNjeR3hwt3X2loVpOMlCUjyFw6 github.com/fluxcd/pkg/untar v0.2.0/go.mod h1:33AyoWaPpjX/xXpczcfhQh2AkB63TFwiR2YwROtv23E= github.com/fluxcd/pkg/version v0.2.0 h1:jG22c59Bsv6vL51N7Bqn8tjHArYOXrjbIkGArlIrv5w= github.com/fluxcd/pkg/version v0.2.0/go.mod h1:umN1VAOV0sB1JDVwb8eXZzuuqIAEku+y+vcCVBBUIf0= -github.com/fluxcd/source-controller/api v0.34.0 h1:M2kD95IdpmHcDNy78K6T6p7niC38LGwSrKq8XAZEJY0= -github.com/fluxcd/source-controller/api v0.34.0/go.mod h1:w3PDdR+FZyq3zyyUDxz6vY3CKByZfYAjkzJUxuUXCuc= +github.com/fluxcd/source-controller/api v0.35.1 h1:IHlbN7giz5kY4z9oWZ9QLNKtHAaxHdk9RbIurUPS1aI= +github.com/fluxcd/source-controller/api v0.35.1/go.mod h1:TImPMy/MEwNpDu6qHsw9LlCznXaB8bSO8mnxBSFsX4Q= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= @@ -653,8 +653,8 @@ golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE= -golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU= +golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= +golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -728,8 +728,8 @@ golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= -golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw= -golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws= +golang.org/x/net v0.6.0 h1:L4ZwwTvKW9gr0ZMS1yrHD9GZhIuVjOBBnaKH+SPQK0Q= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -813,15 +813,15 @@ golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18= -golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.4.0 h1:O7UWfv5+A2qiuulQk30kVinPoMtoIPeVaKLEgLpVkvg= -golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ= +golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/manifests/bases/source-controller/kustomization.yaml b/manifests/bases/source-controller/kustomization.yaml index 7d5bf73b..551c85bf 100644 --- a/manifests/bases/source-controller/kustomization.yaml +++ b/manifests/bases/source-controller/kustomization.yaml @@ -1,8 +1,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- https://github.com/fluxcd/source-controller/releases/download/v0.34.0/source-controller.crds.yaml -- https://github.com/fluxcd/source-controller/releases/download/v0.34.0/source-controller.deployment.yaml +- https://github.com/fluxcd/source-controller/releases/download/v0.35.1/source-controller.crds.yaml +- https://github.com/fluxcd/source-controller/releases/download/v0.35.1/source-controller.deployment.yaml - account.yaml transformers: - labels.yaml diff --git a/manifests/crds/kustomization.yaml b/manifests/crds/kustomization.yaml index d0ef5470..28cdb7cc 100644 --- a/manifests/crds/kustomization.yaml +++ b/manifests/crds/kustomization.yaml @@ -1,7 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- https://github.com/fluxcd/source-controller/releases/download/v0.34.0/source-controller.crds.yaml +- https://github.com/fluxcd/source-controller/releases/download/v0.35.1/source-controller.crds.yaml - https://github.com/fluxcd/kustomize-controller/releases/download/v0.33.0/kustomize-controller.crds.yaml - https://github.com/fluxcd/helm-controller/releases/download/v0.29.0/helm-controller.crds.yaml - https://github.com/fluxcd/notification-controller/releases/download/v0.31.0/notification-controller.crds.yaml diff --git a/pkg/bootstrap/bootstrap.go b/pkg/bootstrap/bootstrap.go index d3b79ed6..e1224d36 100644 --- a/pkg/bootstrap/bootstrap.go +++ b/pkg/bootstrap/bootstrap.go @@ -32,6 +32,7 @@ import ( kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta2" "github.com/fluxcd/pkg/apis/meta" + sourcev1 "github.com/fluxcd/source-controller/api/v1beta2" "github.com/fluxcd/flux2/pkg/manifestgen/install" "github.com/fluxcd/flux2/pkg/manifestgen/sourcesecret" @@ -190,7 +191,7 @@ func kustomizationReconciled(ctx context.Context, kube client.Client, objKey cli } // Confirm the given revision has been attempted by the controller - if kustomization.Status.LastAttemptedRevision != expectRevision { + if sourcev1.TransformLegacyRevision(kustomization.Status.LastAttemptedRevision) != expectRevision { return false, nil } diff --git a/pkg/bootstrap/bootstrap_plain_git.go b/pkg/bootstrap/bootstrap_plain_git.go index 4583fe2f..17ec48ec 100644 --- a/pkg/bootstrap/bootstrap_plain_git.go +++ b/pkg/bootstrap/bootstrap_plain_git.go @@ -380,7 +380,7 @@ func (b *PlainGitBootstrapper) ReportKustomizationHealth(ctx context.Context, op b.logger.Waitingf("waiting for Kustomization %q to be reconciled", objKey.String()) - expectRevision := fmt.Sprintf("%s/%s", options.Branch, head) + expectRevision := fmt.Sprintf("%s@%s", options.Branch, git.Hash(head).Digest()) var k kustomizev1.Kustomization if err := wait.PollImmediate(pollInterval, timeout, kustomizationReconciled( ctx, b.kube, objKey, &k, expectRevision), diff --git a/rfcs/0003-kubernetes-oci/README.md b/rfcs/0003-kubernetes-oci/README.md index 5622a80b..428c34ec 100644 --- a/rfcs/0003-kubernetes-oci/README.md +++ b/rfcs/0003-kubernetes-oci/README.md @@ -47,7 +47,7 @@ and push the archive to a container registry as an OCI artifact. ```sh flux push artifact oci://docker.io/org/app-config:v1.0.0 \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git rev-parse HEAD)" \ + --revision="sha1:$(git rev-parse HEAD)" \ --path="./deploy" ``` @@ -65,7 +65,7 @@ The source and revision are added to the OCI artifact as Open Containers standar "mediaType": "application/vnd.oci.image.manifest.v1+json", "annotations": { "org.opencontainers.image.created": "2023-02-10T09:06:09Z", - "org.opencontainers.image.revision": "6ea3e5b4da159fcb4a1288f072d34c3315644bcc", + "org.opencontainers.image.revision": "sha1:6ea3e5b4da159fcb4a1288f072d34c3315644bcc", "org.opencontainers.image.source": "https://github.com/fluxcd/flux2" } } @@ -288,7 +288,7 @@ Then push the Kubernetes manifests to GHCR: ```sh flux push artifact oci://ghcr.io/org/my-app-config:v1.0.0 \ --source="$(git config --get remote.origin.url)" \ - --revision="$(git rev-parse HEAD)"\ + --revision="sha1:$(git rev-parse HEAD)"\ --path="./deploy" ``` @@ -309,8 +309,8 @@ List the artifacts and their metadata with: ```console $ flux list artifacts oci://ghcr.io/org/my-app-config ARTIFACT DIGEST SOURCE REVISION -ghcr.io/org/my-app-config:latest sha256:45b95019d30af335137977a369ad56e9ea9e9c75bb01afb081a629ba789b890c https://github.com/org/my-app-config.git 20b3a674391df53f05e59a33554973d1cbd4d549 -ghcr.io/org/my-app-config:v1.0.0 sha256:45b95019d30af335137977a369ad56e9ea9e9c75bb01afb081a629ba789b890c https://github.com/org/my-app-config.git 3f45e72f0d3457e91e3c530c346d86969f9f4034 +ghcr.io/org/my-app-config:latest sha256:45b95019d30af335137977a369ad56e9ea9e9c75bb01afb081a629ba789b890c https://github.com/org/my-app-config.git sha1:20b3a674391df53f05e59a33554973d1cbd4d549 +ghcr.io/org/my-app-config:v1.0.0 sha256:45b95019d30af335137977a369ad56e9ea9e9c75bb01afb081a629ba789b890c https://github.com/org/my-app-config.git sha1:3f45e72f0d3457e91e3c530c346d86969f9f4034 ``` #### Story 2 @@ -402,7 +402,7 @@ The Flux CLI will produce OCI artifacts with the following format: ], "annotations": { "org.opencontainers.image.created": "2023-02-10T09:06:09Z", - "org.opencontainers.image.revision": "6ea3e5b4da159fcb4a1288f072d34c3315644bcc", + "org.opencontainers.image.revision": "sha1:6ea3e5b4da159fcb4a1288f072d34c3315644bcc", "org.opencontainers.image.source": "https://github.com/fluxcd/flux2" } } @@ -436,21 +436,21 @@ status: lastUpdateTime: "2022-06-22T09:14:21Z" metadata: org.opencontainers.image.created: "2023-02-10T09:06:09Z" - org.opencontainers.image.revision: b3b00fe35424a45d373bf4c7214178bc36fd7872 + org.opencontainers.image.revision: sha1:b3b00fe35424a45d373bf4c7214178bc36fd7872 org.opencontainers.image.source: https://github.com/stefanprodan/podinfo.git path: ocirepository/oci/podinfo/3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de.tar.gz - revision: 3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de + revision: sha256:3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de size: 1105 url: http://source-controller.flux-system.svc.cluster.local./ocirepository/oci/podinfo/3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de.tar.gz conditions: - lastTransitionTime: "2022-06-22T09:14:21Z" - message: stored artifact for revision '3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de' + message: stored artifact for revision 'sha256:3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de' observedGeneration: 1 reason: Succeeded status: "True" type: Ready - lastTransitionTime: "2022-06-22T09:14:21Z" - message: stored artifact for revision '3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de' + message: stored artifact for revision 'sha256:3b6cdcc7adcc9a84d3214ee1c029543789d90b5ae69debe9efa3f66e982875de' observedGeneration: 1 reason: Succeeded status: "True" diff --git a/tests/azure/go.mod b/tests/azure/go.mod index 88f0fa44..22b2c8c4 100644 --- a/tests/azure/go.mod +++ b/tests/azure/go.mod @@ -14,7 +14,7 @@ require ( github.com/fluxcd/pkg/apis/meta v0.19.0 github.com/fluxcd/pkg/git v0.8.0 github.com/fluxcd/pkg/git/gogit v0.5.0 - github.com/fluxcd/source-controller/api v0.33.0 + github.com/fluxcd/source-controller/api v0.35.1 github.com/hashicorp/hc-install v0.4.0 github.com/hashicorp/terraform-exec v0.17.3 github.com/microsoft/azure-devops-go-api/azuredevops v1.0.0-b5 diff --git a/tests/azure/go.sum b/tests/azure/go.sum index a83bc3a9..1cb6b7c3 100644 --- a/tests/azure/go.sum +++ b/tests/azure/go.sum @@ -155,8 +155,8 @@ github.com/fluxcd/pkg/ssh v0.7.0 h1:FX5ky8SU9dYwbM6zEIDR3TSveLF01iyS95CtB5Ykpno= github.com/fluxcd/pkg/ssh v0.7.0/go.mod h1:tCVZJI8jPOL0XCInJOrYGKapWA/zZCzqPtpiYUSQxww= github.com/fluxcd/pkg/version v0.2.0 h1:jG22c59Bsv6vL51N7Bqn8tjHArYOXrjbIkGArlIrv5w= github.com/fluxcd/pkg/version v0.2.0/go.mod h1:umN1VAOV0sB1JDVwb8eXZzuuqIAEku+y+vcCVBBUIf0= -github.com/fluxcd/source-controller/api v0.33.0 h1:NZYU3+MNf9puyrTbBa7AJbBDlN7tmt0uw8lyye++5fE= -github.com/fluxcd/source-controller/api v0.33.0/go.mod h1:+DiGND4WSNdGkS7loPUroSarif6dHU4VlVgtLMRKCR8= +github.com/fluxcd/source-controller/api v0.35.1 h1:IHlbN7giz5kY4z9oWZ9QLNKtHAaxHdk9RbIurUPS1aI= +github.com/fluxcd/source-controller/api v0.35.1/go.mod h1:TImPMy/MEwNpDu6qHsw9LlCznXaB8bSO8mnxBSFsX4Q= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/fortytw2/leaktest v1.3.0 h1:u8491cBMTQ8ft8aeV+adlcytMZylmA5nnwwkRZjI8vw= github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=