The `\b` in the regular expression ensures we only match with a
hexadecimal notation as awhole, while still allowing to match with
e.g. `sha1:...` which would not have been possible by using `\W`
as this includes `_`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
As the other version has a different signature, but exists for a
different build tag. Resulting in my IDE becoming absolutely confused
when I tried to enable both at the same time. Opted for "exec" because
this one shells out.
Signed-off-by: Hidde Beydals <hello@hidde.co>
As otherwise the `.golden` values can not be automatically updated using
`-update` as documented in `CONTRIBUTING.md`.
Also ensure we do not use `defer` but rather `t.Cleanup` in tests, as
this will always be called even if e.g. `t.Fatal` absruptly stops the
test.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Before:
```
$ flux get source git -A
✗ no GitRepository objects found in flux-system namespace
```
After:
```
$ flux get source git -A
✗ no GitRepository objects found in any namespace
```
Signed-off-by: Max Jonas Werner <max@e13.dev>
If this is implemented, it will not assume that access to a kubeconfig
is guaranteed even if just for retrieving configured namespace.
Signed-off-by: Soule BA <soule@weave.works>
Use default known_hosts and ssh configuration when no private key file
is provided while bootstraping using ssh.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
If you're using an HTTP-based Git server with Flux, you need to provide `--token-auth` to avoid triggering an SSH host key check (see [here](https://github.com/fluxcd/flux2/issues/2825#issuecomment-1151355914)). Unfortunately, doing this forces the URL in the `GitRepository` resource created during bootstrapping to always use `https`. This will cause Kustomization reconcile errors for servers that do not have HTTPS enabled or do not have the appropriate certs installed or available.
This pull request fixes this by keeping the repository URL scheme intact when using `--token-auth`.
Signed-off-by: Carlos Nunez <75340335+carlosonunez-vmw@users.noreply.github.com>
I've noticed during CI, that the current command
already expected a configured Docker client to
push artifacts to authenticated registries.
Some users might not want to have the Docker client
in their process (like a CI job) or build an handcrafted
config.json file.
This would allow this kind of behavior:
```
flux push artifact oci://my-registry.dev/foo:v1 \
--source xxx \
--revision xxx \
--path . \
--creds $TOKEN # Authenticate via "Bearer $TOKEN" Authorization header
```
Or via Autologin:
```
flux push artifact oci://012345678901.dkr.ecr.us-east-1.amazonaws.com/foo:v1 \
--source xxx \
--revision xxx \
--path . \
--provider aws
```
This has been implemented for:
* flux push artifact
* flux list artifact
* flux tag artifact
* flux pull artifact
This will require another PR in https://github.com/fluxcd/pkg/pull/352
Signed-off-by: Adrien Fillon <adrien.fillon@manomano.com>
* Added support for OCIRepositories to `flux trace`
* Changed indentation to compensate new, longer field name "Source
Revision"
* Added unit tests for the new output
closes#2970
Signed-off-by: Max Jonas Werner <max@e13.dev>
Implement build, push, pull and tag artifact commands.
For authentication purposes, all `flux <verb> artifact` commands are using the '~/.docker/config.json' config file and the Docker credential helpers.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
This sets the container to `manager` which is used by all Flux
controllers as the container name.
The other options I thought about were selecting the first, or doing
something with image detection. But both can be sensitive to either
users adding their patch as a first entry, or e.g. mirroring the image
to a different name.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Allow specifying the name of the Kubernetes Secret that contains a key with the kubeconfig file for connecting to a remote cluster.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
This change will allow user to bootstrap with http git urls
But user must explicitely set --allow-insecure-http=true
Signed-off-by: Vipul Newaskar <vipulnewaskar7@gmail.com>
A new --ignore-paths flag is added to following commands:
flux create source git --ignore-paths ...
flux create source bucket --ignore-paths ...
A StringSliceVar is used which supports specifying the flag multiple
times to populate a list or either a comma seperated string value
A unit test with a golden file is added to validate the flag
Signed-off-by: Tarun Gupta Akirala <takirala@users.noreply.github.com>
The output of `kubectl version` has changed with newer kubectl version
from
```
{
"serverVersion": ...,
"clientVersion": ...
}
```
to
```
{
"serverVersion": ...,
"clientVersion": ...,
"kustomizeVersion": ...
}
```
So the `kustomizeVersion` field is new which causes the JSON
unmarshaling to fail.
We now just unmarshal it to `map[string]interface{}` and peel the
server git version out of that map manually w/o unmarshalling the JSON
into a custom type.
Signed-off-by: Max Jonas Werner <mail@makk.es>
If implemented this fixes a bug where retrieving the groupVersion.Group
of a kustomization were returning an empty string.
Signed-off-by: Soule BA <soule@weave.works>
This ensures the command will wait for the object to report a Ready
Condition with an ObservedGeneration matching the Generation of the
resource. Ensuring that when a "create" is actually a mutation, it waits
instead of prematurely assuming the Source to be Ready.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Stefan Prodan
Hidde Beydals
Sunny
Max Jonas Werner
Kingdon Barrett
fluxcdbot
Somtochi Onyekwere
Soule BA
Sanskar Jaiswal
Boris Kreitchman
Philip Laine
Batuhan Apaydın
Carlos Nunez
Adrien Fillon
Daniel Holbach
Sven Nebel
Paulo Gomes
TianZong48
David Harris
Vipul Newaskar
Max Jonas Werner
Tarun Gupta Akirala
Chen Anidam