This switches to a secure FS implementation in most places, except for
where we can not make changes at this moment because it would break
behavior.
Not handled in this commit:
- Allowing the root for `manifestgen` packages to be configured.
- Allowing the user to define a working root while building locally.
- Defaulting to the secure FS implementation in
`kustomization.MakeDefaultOptions`. Problem here is that constructing
the secure FS could result in an error, which we can not surface
without signature changes to the constructor func.
Signed-off-by: Hidde Beydals <hello@hidde.co>
When running bootstrap in-parallel for many clusters that target the same repository, the 2nd commit with the sync files fails with ` non-fast-forward update`. We now detect the conflict, and we retry the operations by creating a fresh clone from upstream.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
When a user provided the `--ca-file` flag to the `bootstrap` command,
the given CA file wasn't taken into account for cloning the repository
locally. It was just passed along to the CR that is created so Flux
can make use of it when cloning the repository in-cluster.
However, users may not want to add a custom CA to their local host's
trust chain and may expect the `--ca-file` flag to be respected also
for cloning the repository locally. This is what this commit
accomplishes.
closes#1775
Signed-off-by: Max Jonas Werner <mail@makk.es>
This is useful in case the `Kustomization` does not reconcile
successfully because for example the controller(s) are in a crash loop,
which is not visible in the resource itself.
Signed-off-by: Hidde Beydals <hello@hidde.co>
We have observed that the code at times outperforms GitHub mechanics,
resulting in not found errors that are only true for a millisecond.
Retrying those actions once with a 2 second delay should be more
friendly to users.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Using the `--commit-message-appendix` flag a string can be added to the
commit messages made by the bootstrapper process to for example skip CI
actions from executing using e.g. `[skip ci]`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit factors out the bootstrap logic into a new `bootstrap`
package, while also moving to `go-git-providers` to handle things
around Git providers (e.g. repository creation, deploy key
upsertions).
The `GitProviderBootstrapper` is a superset of the
`PlainGitBootstrapper` that besides `Reconciler` also implements the
`RepositoryReconciler`.
The Git actions rely on an interface, making it easier to support
other implementations than `go-git` at a later moment, to for example
support bootstrapping to Git servers that only support the v2 protocol.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals
Stefan Prodan
Jakob Schrettenbrunner
Somtochi Onyekwere
Max Jonas Werner
Dmitry Rybin