`SelectOpenPGPSigningEntity` selects `keyRing[0]` when no key id is
supplied and then calls `entity.PrivateKey.Decrypt` directly. For a
keyring that contains only public keys — e.g. an armor-exported
public key file — `PrivateKey` is `nil` and the call panics with a
nil pointer dereference rather than surfacing an actionable error.
The keyed branch already guards against this; the default branch
did not.
Guard the default branch with the same nil check and return an
error pointing at `gpg --export-secret-keys` or `--gpg-key-id` so
the user knows how to recover. Cover the public-only-keyring case
in `TestSelectOpenPGPSigningEntity` so a future regression cannot
re-introduce the panic.
Assisted-by: claude/opus-4.7
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Bumps fluxcd/pkg/git to v0.52.0, which exposes the generic
signature.Signer interface and the NewOpenPGPSigner / NewSSHSigner
constructors, and migrates pkg/bootstrap's two WithSigner call sites
accordingly. Refs fluxcd/pkg#398[1].
Adds a parallel WithSSHCommitSigning option alongside the existing
WithGitCommitSigning so callers can sign commits with an SSH private
key. PlainGitBootstrapper now dispatches through a new resolveSigner
helper that returns either an OpenPGP or SSH signer; the
repository.WithSigner option is appended conditionally to avoid the
typed-nil interface hazard the new generic field introduces.
The bootstrap path's OpenPGP entity selector is renamed and exported
as SelectOpenPGPSigningEntity so the flux CLI's pre-flight (introduced
later in this branch) can call it directly instead of carrying a
duplicate.
[1]: https://github.com/fluxcd/pkg/issues/398
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
The sourcesecret package now uses pkg/runtime/secrets factory
functions instead of the previous monolithic approach. This
provides standardized secret generation with consistent
validation and error handling across all authentication types.
Signed-off-by: cappyzawa <cappyzawa@gmail.com>
Add an optional flag called `--registry-creds` to the bootstrap
command for generating an image pull secret for container images
stored in private registries.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Remove all files/subdirs from the directory we are cloning into. This is
needed because go-git returns a `repository already exists` error if
the directory is non-empty, which is possible since we retry cloning
(into the same dir) if the first attempt fails.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Hidde Beydals