Commit Graph

32 Commits (8229ffb67477533d423462261895ef69d1fefef3)

Author SHA1 Message Date
Matheus Pimenta 039d79b3c2
Fix flux push artifact not working with --provider
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
3 weeks ago
Stefan Prodan 600ec37524
Fix `flux push artifact` for insecure registries
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
4 months ago
cappyzawa 4c343893c5
refactor: cleanup GetArtifactRegistryCredentials error handling
Update fluxcd/pkg/auth to v0.18.0 and simplify error handling for
GetArtifactRegistryCredentials() following the improvements made in
the library.

Similar to fluxcd/image-reflector-controller#786, this removes
unnecessary nil checks as the function now returns errors directly
for unsupported providers.

- Replace authentication code in push_artifact.go with loginWithProvider()
- Remove unnecessary authenticator nil check in oci.go
- Remove unused imports (errors, auth packages)

Signed-off-by: cappyzawa <cappyzawa@gmail.com>
4 months ago
Matheus Pimenta ec3804cc6f
Introduce support for shelling out to Azure binaries in authentication
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
5 months ago
Stefan Prodan 79fed691ca
Update CLI to OCIRepository v1 (GA)
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
5 months ago
Matheus Pimenta d82ec5a211
Promote artifact commands to stable
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
5 months ago
Matheus Pimenta 0951061b5e
Upgrade fluxcd/pkg packages
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
5 months ago
Matheus Pimenta ac66adc24c
Upgrade fluxcd/pkg auth, oci, git and git/gogit
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
6 months ago
Matthieu Mottet 3f4743037b Allow to pull/push artifacts without TLS
If applied, this commit will introduce a new `--insecure-repository`
flag to the following commands: `push artifacts`, `pull artifact`,
`diff artifact` and `list artifacts`. When used the flag will lead to
the option `crane.Insecure` being passed to the `crane` client allowing
the use of insecure repositories.

Signed-off-by: Matthieu Mottet <m.mottet@outlook.com>
7 months ago
frekw 26109ee821 Add `--reproducible` flag to `flux push artifact`
This makes the pushed artifact have the exact same hash if the contents
are the same.

E.g
```
flux push artifact oci://repo/image:tag1 --source deploy --revision="test" --path=deploy --reproducible
flux push artifact oci://repo/image:tag2 --source deploy --revision="test" --path=deploy --reproducible
```

will both result in the same sha hash, tagged with `tag1` and `tag2`.

This is useful when producing flux artifacts in a monorepo setup where
you don't want to unnecessarily push new artifacts unless something has
actually changed.

Signed-off-by: frekw <fredrik@warnsberg.se>
1 year ago
Stefan Prodan 80efd29ec0
Update dependencies
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
Hidde Beydals 43c2359705
misc: address double import
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2 years ago
Stefan Prodan 6ed6b937f8
Fix the `flux push` example for ECR
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
Somtochi Onyekwere 020a494f3f Retry oci push operations
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
2 years ago
Stefan Prodan 13ff4afaa4
Update Kubernetes to v1.27 and Kustomize to v5.0
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2 years ago
Sanskar Jaiswal 97b064be13
add a preview note for all non-bootstrap commands
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
3 years ago
Max Jonas Werner 52acac1a37
Add /v2 suffix to module name in preparation of 2.0.0 release
Signed-off-by: Max Jonas Werner <mail@makk.es>
3 years ago
Stefan Prodan a64913f2f0
Allow custom annotations to be set when pushing OCI artifacts
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Hidde Beydals 0f7b903ace Update `push artifact`'s `--revision` to RFC-0005
Signed-off-by: Hidde Beydals <hello@hidde.co>
3 years ago
Stefan Prodan 6681cd05a9
Add example of push and sign OCI artifacts
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Stefan Prodan 56807fddf6
Add json/yaml output to flux push artifact
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Somtochi Onyekwere d79e49f80b fix path on flux push
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
3 years ago
Somtochi Onyekwere 0bd78ca80c read manifests from stdin
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
3 years ago
Batuhan Apaydın d49b77c8d2
chore: bump the pkg/oci package to v0.12.0
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
3 years ago
Adrien Fillon 0694a9582f
Support logging in directly to the provider when pushing OCI artifacts
I've noticed during CI, that the current command
already expected a configured Docker client to
push artifacts to authenticated registries.

Some users might not want to have the Docker client
in their process (like a CI job) or build an handcrafted
config.json file.

This would allow this kind of behavior:

```
flux push artifact oci://my-registry.dev/foo:v1 \
  --source xxx \
  --revision xxx \
  --path . \
  --creds $TOKEN # Authenticate via "Bearer $TOKEN" Authorization header
```

Or via Autologin:

```
flux push artifact oci://012345678901.dkr.ecr.us-east-1.amazonaws.com/foo:v1 \
  --source xxx \
  --revision xxx \
  --path . \
  --provider aws
```

This has been implemented for:

* flux push artifact
* flux list artifact
* flux tag artifact
* flux pull artifact

This will require another PR in https://github.com/fluxcd/pkg/pull/352

Signed-off-by: Adrien Fillon <adrien.fillon@manomano.com>
3 years ago
Stefan Prodan 40717fa4f4
Exclude VCS files by default from OCI artifacts
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Stefan Prodan 899a1fffca
Add `--ignore-paths` arg to `flux build|push artifact`
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Stefan Prodan 75a879c770
OCI docs improvements
Co-authored-by: Kingdon Barrett <kingdon@weave.works>
Co-authored-by: Sunny <darkowlzz@protonmail.com>
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Stefan Prodan d4718f6ff4
Improve artifact commands docs
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Stefan Prodan 7c7e76f9f0
Use fluxcd/pkg/oci/client
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Stefan Prodan 8049634e4d
Add `oci://` prefix
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago
Stefan Prodan 9503ecafb1
Add artifact commands
Implement build, push, pull and tag artifact commands.
For authentication purposes, all `flux <verb> artifact` commands are using the '~/.docker/config.json' config file and the Docker credential helpers.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
3 years ago