Commit Graph

114 Commits (5106a71e6a364720fd2ac989357920ee7855a06f)

Author SHA1 Message Date
Stefan Prodan cd52a0eef3
Add poll interval flag to flux check cmd
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 3d4ca831dc
Add missing copyright headers
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 2eb6ba5a48
Apply SSA fix to flux install and bootstrap
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 0b659e3f09
Update kustomize-controller API to v1beta2
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 83c3e8c2fc
Replace kubectl with Go server-side apply
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Hidde Beydals 5249d17a95 Use proper GPG terminology
Signed-off-by: Hidde Beydals <hello@hidde.co>
Somtochi Onyekwere 25283d357e Add check for empty path and better error messaging
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Somtochi Onyekwere e926321094 Check if path is empty
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Somtochi Onyekwere 0beab87f5b Add gpg key path and passphrase as args
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Somtochi Onyekwere a096bd2d71 Allow users to define team roles
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Kazuki Suda 254cc131ae
Add dynamic completion suppport
This commit adds dynamic completion support for the following commands
and flags:

- `flux delete ...` command
- `flux export ...` command
- `flux get ...` command
- `flux reconcile ...` command
- `flux resume ...` command
- `flux suspend ...` command
- `--namespace` flag
- `--context` flag

Signed-off-by: Kazuki Suda <kazuki.suda@gmail.com>
Max Jonas Werner e98f1142a6
feat: enable bootstrap with custom CA locally
When a user provided the `--ca-file` flag to the `bootstrap` command,
the given CA file wasn't taken into account for cloning the repository
locally. It was just passed along to the CR that is created so Flux
can make use of it when cloning the repository in-cluster.

However, users may not want to add a custom CA to their local host's
trust chain and may expect the `--ca-file` flag to be respected also
for cloning the repository locally. This is what this commit
accomplishes.

closes 

Signed-off-by: Max Jonas Werner <mail@makk.es>
Allen Porter e8d6d5fe5c Remove fakeclient and use testenv for flux cmd tests
Remove use of the fake client, and replace with a real client connected to the
testEnv.

This required fixes to the yaml files as the testEnv has stricter verifcation
of objects. This also meant it was not possible to test a GitRepository with
a missing artifact since that is not a valid state.

The tests are slower than before, taking around 7-10 seconds each because the
 testEnv is setup and destroyed for every test. These will be sped up in a
 follow up PR.

Signed-off-by: Allen Porter <allen@thebends.org>
Chanwit Kaewkasi 8f78263455 implement testEnv for e2e tests
Signed-off-by: Chanwit Kaewkasi <chanwit@gmail.com>
Soule BA c18d0b9217 Adds a watch flag to the get command
The new flag fetch and display the request ressource and then continue
watching the ressource until timeout or cancellation.

A single ressource/ressource type is supported.

Signed-off-by: Soule BA <soule@weave.works>
Allen Porter 351d287d88 Add tests for flux trace command
Add tests for flux trace command that fake out the kubernetes client,
load objects from a yaml file and create them in the client, and
assert on the output of the trace command to an expected golden file.

This is a follow up from the suggestions in PR https://github.com/fluxcd/flux2/pull/1626 which suggested that additional
testing would be helpful. This test approach is modeled after the helm command tests.

This required some changes to the kubernetes client setup to make it
possible to use a fake. If we agree this pattern makes sense, it can be
applied to other commands.

Signed-off-by: Allen Porter <allen@thebends.org>
Dmitry Rybin 7f425efa6b chore: remove deprecated io/ioutil
Signed-off-by: Dmitry Rybin <ayrowa@yandex.ru>
Sunny 1257b9cbc8
internal/utils: Add unit tests
Add unit tests for various utils functions.

Signed-off-by: Sunny <darkowlzz@protonmail.com>
Stefan Prodan 3f613341cb
Extend tracing to owner references
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 4305b8a77d
Implement flux trace command
The trace command allows Flux users to point the CLI to a Kubernetes object in-cluster and get a detailed report about the GitOps pipeline that manages that particular object.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Michael Bridgen 34484734d8 Use image API v1beta1
Signed-off-by: Michael Bridgen <michael@weave.works>
Stefan Prodan 3ed3e553e7
Avoid throttling when some Flux CRDs are not registered
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 5ab8dd2557
Add upgrade CRDs policy to create helmrelease cmd
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Hidde Beydals 6aed4631e7 Register v1alpha2 APIs in runtime Scheme
Signed-off-by: Hidde Beydals <hello@hidde.co>
Stefan Prodan 5df9118365 Add pre-bootstrap customisation to install docs
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 4a4af94d6c Allow pre-bootstrap customisation of Flux components
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Hidde Beydals 67997437db Change permission grant error print conditons
Based on observations in
https://github.com/fluxcd/flux2/runs/2410633975:

1. Print error correctly by switching from `%w` to `%s`
2. Only print the change messsage if there has not been an error.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 3a8aad7e5c Move to `v1alpha2` image update APIs
Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 43388ec67b Drop AutoInit from Org repository create
Pushing the first branch is sufficient to set a default, and the
`README.md` (and/or LICENSE) can better be pushed later on so commit
author and templates be configured.

This was already done for User in an earlier patch release.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals b6d349da8c Put potentially destructive reconcile behind flag
The behavior introduced during the introduction of go-git-providers
was more strict, and has proven pretty quickly to not be useful to
all users. Therefore, the reconciliation behavior for repository
configuration has been put behind an opt-in flag, so that it does
not overwrite people their configs by accident.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals ea451e7e49 Always report components health in bootstrap
This is useful in case the `Kustomization` does not reconcile
successfully because for example the controller(s) are in a crash loop,
which is not visible in the resource itself.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals e627634184 Detect suspended Kustomization in bootstrap
Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals e0dd12505f Normalize paths to forward slashes
Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 7481c6beb0 Retry reconcile and clone actions once
We have observed that the code at times outperforms GitHub mechanics,
resulting in not found errors that are only true for a millisecond.
Retrying those actions once with a 2 second delay should be more
friendly to users.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 4ece12348b Ignore broken symlinks and outside path, in commit
Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals e65a5beaae Work around custom client domain issue
With this commit comes a lot of evil.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 7f0bc2ada2 Provide option to add appendix to commit messages
Using the `--commit-message-appendix` flag a string can be added to the
commit messages made by the bootstrapper process to for example skip CI
actions from executing using e.g. `[skip ci]`.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 6390812cbb Factor bootstrap logic into `bootstrap` package
This commit factors out the bootstrap logic into a new `bootstrap`
package, while also moving to `go-git-providers` to handle things
around Git providers (e.g. repository creation, deploy key
upsertions).

The `GitProviderBootstrapper` is a superset of the
`PlainGitBootstrapper` that besides `Reconciler` also implements the
`RepositoryReconciler`.

The Git actions rely on an interface, making it easier to support
other implementations than `go-git` at a later moment, to for example
support bootstrapping to Git servers that only support the v2 protocol.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Stefan Prodan b54fd2c6b3
Add source namespace to create commands
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Hidde Beydals 8a5bba80bf Add `sourcesecret` and `kustomization` manifestgen
This includes a change to the `sync` generator to make the deploy
secret name configurable.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Dylan Arbour 99002f92f4 Update pkg/runtime to v0.8.2
pkg/runtime v0.8.2 introduces runtime/transform which includes
`MergeMaps`:
https://github.com/fluxcd/pkg/pull/85

Signed-off-by: Dylan Arbour <arbourd@users.noreply.github.com>
Hidde Beydals 5a21f50230 Remove unused util functions
Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 5263dabd22 Check if targeted version is supported by binary
Signed-off-by: Hidde Beydals <hello@hidde.co>
Stefan Prodan 0f1d27f1e6
Remove network policies on uninstall
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan f5ae8f44b4
Refactor flux uninstall command
- deletes Flux components (deployments and services)
- deletes Flux RBAC (service accounts, cluster roles and cluster role bindings)
- removes the Kubernetes finalizers from Flux custom resources
- deletes Flux custom resource definitions and custom resources
- deletes the namespace where Flux was installed
- preserves the Kubernetes objects and Helm releases that were reconciled on the cluster by Flux

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 3dd574ee51
Add support for multiple values files to create hr
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Hidde Beydals 9e1db06936 Move Git implementation validation to custom flag
Signed-off-by: Hidde Beydals <hello@hidde.co>
Somtochi Onyekwere 604773e866 check for multiple files in KUBECONFIG variable
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Somtochi Onyekwere dd0b807fe4 Validates components set
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>

Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Alexei Ledenev 69387fd2a4 Support check command with multiple config files
Resolves: 
Signed-off-by: Alexei Ledenev <alexei.led@gmail.com>
Hidde Beydals 1b8e980519 Make resource selector args case insensitive
So that `<kind>/<name>` flags can be supplied as:

* `secret/foo`
* `Secret/foo`
* `SeCrEt/foo`

But result in: `Secret/foo`.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 996bfe87ff Add tests for CLI flags
This includes various bug fixes, especially around the area of missing
names for `<kind>/<name>` formats.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 5ea4e814f5 Add safe guards for relative paths
This commit adds multiple safe guards for relative paths, ensuring they
never traverse outside the working directory.

The `SafeRelativePath` flag calculates the safe relative path based on a
relative base dir, which results in a flattened path.

The write methods of `manifestgen` make use of the `SecureJoin` as well,
to ensure writes are never outside of the given directory when used as
a lib outside of the CLI.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Michael Bridgen b66bdec61a Add subcommands for image-repository
This adds all the standard subcommands for the ImageRepository type.

Following `source`, I have put them under a namespace: `auto`,
referring to automation.

NB For `create` I use controllerutil.CreateOrUpdate, which looks to me
like a slightly more rounded version of the upsert* funcs.

Signed-off-by: Michael Bridgen <michael@weave.works>
Hidde Beydals 7a5b9e2991 Use rel filepath in auto generated kustomization
This works around another bug on Windows platforms that would cause the
kustomize-controller to choke on the kustomization.yaml generated by the
bootstrap command due to the filepath being in a Windows format.

By using `filepath.Rel`, the output is _just_ the filename for files
relative to the bootstrap path, which is at the moment sufficient to
make it work.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Stefan Prodan c02fbc2794
Set kubecontext and kubeconfig for kubectl exec
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 48bed79439
Add values-from arg to create helmrelease cmd
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Sylvain Rabot 78d7dca985
Add a --context option
Signed-off-by: Sylvain Rabot <sylvain@abstraction.fr>
Hidde Beydals 0bf52f4746 Change `fluxcd/toolkit` to `fluxcd/flux2`
Signed-off-by: Hidde Beydals <hello@hidde.co>
Stefan Prodan 0e67b76b57
Change copyright to Flux authors
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
“Anton b3ef410fb7 Add source bucket provider flag
“Anton 0c55bca218 Add helm chart source flag
“Anton 5fd28439dc Add kustomization source and decryption provider flags
“Anton 058dfdfcd6 Move flags and utils to internal packages