Using the `--commit-message-appendix` flag a string can be added to the
commit messages made by the bootstrapper process to for example skip CI
actions from executing using e.g. `[skip ci]`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This command makes it possible to bootstrap to a generic Git server
using the local SSH agent, or a given password or private key file.
If a private key is generated, the user is prompted to give the
generated key access to the repository.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This includes making a lot of things configurable (e.g. SSH key
algorithm, RSA bit size, etc.) that used to be static.
Signed-off-by: Hidde Beydals <hello@hidde.co>
- change links in cli docs to be relative (making mkdocs AND hugo happy)
- run 'make docs'
- fix other links
Signed-off-by: Daniel Holbach <daniel@weave.works>
This commit adds support for supplying a path to an existing private
key file to both the `flux create secret git` and `flux create source
git` commands.
If a path is given, any private key generation configuration options
are ignored by the manifest generator. The SSH host will however still
be scanned for server keys.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This was removed by accident in the PR that introduced the new
`manifestgen` packages, and now restored in full glory.
Signed-off-by: Hidde Beydals <hello@hidde.co>
- add make target for generating the install manifests using kustomize
- embed the generated manifests in flux binary
- the install and bootstrap commands default to using the embedded manifests
- download the install manifests from GitHub only if the install/bootstrap version arg is set
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
- deletes Flux components (deployments and services)
- deletes Flux RBAC (service accounts, cluster roles and cluster role bindings)
- removes the Kubernetes finalizers from Flux custom resources
- deletes Flux custom resource definitions and custom resources
- deletes the namespace where Flux was installed
- preserves the Kubernetes objects and Helm releases that were reconciled on the cluster by Flux
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
- add singular alias to get commands
- allow filtering the get commands result by resource name
- add the image commands to mkdocs index
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
The image-reflector controller now accepts a secret containing a
client certificate and key, and/or a CA certificate; so it's useful to
have a command for creating them.
`flux create secret helm` is close, but accepts username/password
(which would be ignored), and has the wrong name of course. Happily
though, much can be shared between the implementations.
Signed-off-by: Michael Bridgen <michael@weave.works>
This commit deprecates the architecture flag (`--arch`) for the install
and bootstrap commands, in favor of the bundled multi-arch images that
will be available for the next MINOR range of GOTK controller releases.
Summary of changes:
* `*Arch` variables have been marked as deprecated for both commands.
* `-arm64` suffix is no longer selectively added to the image definition
of a component's `Deployment`.
* `kubernetes.io/arch` node selector with the defined value has been
removed from the components' `Deployment`s.
* `Arch` has been removed from the available `Options` in
`manifestgen/install`.
* Documentation references have been changed to highlight existence
of multi-arch images and supported architectures.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This includes various bug fixes, especially around the area of missing
names for `<kind>/<name>` formats.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit adds multiple safe guards for relative paths, ensuring they
never traverse outside the working directory.
The `SafeRelativePath` flag calculates the safe relative path based on a
relative base dir, which results in a flattened path.
The write methods of `manifestgen` make use of the `SecureJoin` as well,
to ensure writes are never outside of the given directory when used as
a lib outside of the CLI.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This means all the sub-subcommands can drop the `image-` prefix,
making them shorter and more fluent.
E.g.,
flux create image policy
rather than
flux create auto image-policy
Signed-off-by: Michael Bridgen <michael@weave.works>
This uses the established abstractions to implement the usual
subcommands for the ImageUpdateAutomation type.
I've called the sub-subcommand in each case `image-update`, as a
fairly safe shorthand for the much longer `image-update-automation`.
Signed-off-by: Michael Bridgen <michael@weave.works>
This adds the create subcommand, without attempting any refactoring.
NB the TODO: the image/v1alpha1 API does not yet export a const for
the name of the kind. The field `RunInterval` will likely be changed
to `Interval` (with a value field), at some point, too.
Signed-off-by: Michael Bridgen <michael@weave.works>
This adds a command for deleting ImagePolicy objects. Since the
control flow for the command needs only a runtime.Object (and a name
for the type), it can be factored out.
I have made the argument (field in the deleteCommand struct) an
interface `objectContainer`, through which the command code gets a
`runtime.Object` to deserialise into (and delete). It could be simply
a `runtime.Object` here; however things like `getCommand` require
other methods, so it's convenient to have an interface for it.
Signed-off-by: Michael Bridgen <michael@weave.works>
Stefan Prodan
Hidde Beydals
Daniel Holbach
Somtochi Onyekwere
Lucas Servén Marín
tvories
Michael Bridgen
Jonathan Innis
Philip Laine
Léopold Jacquot