Commit Graph

115 Commits (c3a44e890df4e5fdbd304989af03b3ebb9f87c13)

Author SHA1 Message Date
Philip Laine 0343575146 Move bootstrap package from internal to pkg
Signed-off-by: Philip Laine <philip.laine@gmail.com>
Adrien Fillon 0694a9582f
Support logging in directly to the provider when pushing OCI artifacts
I've noticed during CI, that the current command
already expected a configured Docker client to
push artifacts to authenticated registries.

Some users might not want to have the Docker client
in their process (like a CI job) or build an handcrafted
config.json file.

This would allow this kind of behavior:

```
flux push artifact oci://my-registry.dev/foo:v1 \
  --source xxx \
  --revision xxx \
  --path . \
  --creds $TOKEN # Authenticate via "Bearer $TOKEN" Authorization header
```

Or via Autologin:

```
flux push artifact oci://012345678901.dkr.ecr.us-east-1.amazonaws.com/foo:v1 \
  --source xxx \
  --revision xxx \
  --path . \
  --provider aws
```

This has been implemented for:

* flux push artifact
* flux list artifact
* flux tag artifact
* flux pull artifact

This will require another PR in https://github.com/fluxcd/pkg/pull/352

Signed-off-by: Adrien Fillon <adrien.fillon@manomano.com>
Soule BA ec2aa13165
Make sure we reconcile with the right reconciliation method
Signed-off-by: Soule BA <soule@weave.works>
Stefan Prodan 7c7e76f9f0
Use fluxcd/pkg/oci/client
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 08401f62b2
Add OCI provider arg
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Somtochi Onyekwere 009413affd
Add test for annotations
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Somtochi Onyekwere b78bbd5b9d
fill test files
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Somtochi Onyekwere 3e15e83926
Add test for tag/list/build/pull/push artifacts
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Stefan Prodan 1b327e9d4e
Show artifact digest in list output
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 7dd736954b
Use OCI standard annotations
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 8049634e4d
Add `oci://` prefix
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 2f35367a7f
Add list artifacts command
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 2d8db4f20d
Implement OCIRepository commands
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan e927d39a27
Add OCI internal package
Implement OCI artifacts operations using crane

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Somtochi Onyekwere 1894b90d84 Accept multiple valuesFrom for create_helmrelease
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Somtochi Onyekwere 355ed94852 check for correct kustomization in multi-doc yaml
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Hidde Beydals 5130a154e4 Ensure proper FS root is set while bootstrapping
This ensures relative paths to e.g. bases can be used.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals 57442e8faa kustomize: use FS from `fluxcd/pkg`
This switches to a secure FS implementation in most places, except for
where we can not make changes at this moment because it would break
behavior.

Not handled in this commit:

- Allowing the root for `manifestgen` packages to be configured.
- Allowing the user to define a working root while building locally.
- Defaulting to the secure FS implementation in
  `kustomization.MakeDefaultOptions`. Problem here is that constructing
  the secure FS could result in an error, which we can not surface
  without signature changes to the constructor func.

Signed-off-by: Hidde Beydals <hello@hidde.co>
Sanskar Jaiswal 5c9cbe676d handle secret types properly while masking sops data
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
Soule BA 5536af9756
Add an option to diff with a local kustomization file
If implemented, users will be able to provide a local kustomization file
to `flux build/diff`.

Signed-off-by: Soule BA <soule@weave.works>
Stefan Prodan 0d8194c800 Add the kube client qps and burst to the global args
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Paulo Gomes e5ede275f8 Update Source API to v1beta2
The creation of oldConditions, statusableConditions and
reconcilableConditions is an adhoc solution to deal with the upstream
changes on `pkg/apis/meta`, which are yet to be replicated across other
Flux API components.

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
Stefan Prodan 7756faec1f
Retry bootstrap operations on Git conflict errors
When running bootstrap in-parallel for many clusters that target the same repository, the 2nd commit with the sync files fails with ` non-fast-forward update`. We now detect the conflict, and we retry the operations by creating a fresh clone from upstream.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Soule BA 7359e63960
Introduce a printer interface for flux resource
If implemented, there will a common interface to print flux resource.

We are adding new way to print resource information e.g. diff of
objects.

Signed-off-by: Soule BA <soule@weave.works>
Soule BA 32ad462ebe
Fix stringData Secret issue
This commit migrate to the last version of pkg/ssa v0.14.1 that contains a fix
for stringData secrets. The test case was changed accordingly to
    validate a stringData drift.

A progress-bar flag option has also been added in order to be able to
disable it.

Signed-off-by: Soule BA <soule@weave.works>
Simon Howe 23c4c2f1aa Adds test for parent directory
Signed-off-by: Simon Howe <footless@gmail.com>
Simon Howe aac07f03d8 Adds test for using dot to represent pwd
Signed-off-by: Simon Howe <footless@gmail.com>
Simon Howe f4418920fb Adds support for dot-prefixed paths in git
- in `flux bootstrap` and `flux create kustomization` etc.
- E.g. for example `--path=.flux` should work now
- Previous behaviour is to strip off any leading "." and leave you with
  "./flux" in the kustomizations / folder structure generated by `flux
  bootstrap`

Signed-off-by: Simon Howe <footless@gmail.com>
Soule BA 01f910e257
Add a simple spinner when running flux diff kustomization
If implemented, users will see a spinner run while the diff is on-going.

Signed-off-by: Soule BA <soule@weave.works>
Stefan Prodan 877729aca3
Fix bootstrap: Reset schema cache after applying CRDs
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Soule BA 2e9fd33ce5
Mask dockerconfigjson secret types and support StringData secrets
If implemented, flux diff kustomization will managed correctly sops
managed dockerconfigjson secrets.
Sops encrypted secret with stringData maps are supported too.

Signed-off-by: Soule BA <soule@weave.works>
Soule BA 8b444283e6
Fix wrong deletion message on flux diff
If implemented, when an error happens when dry-running an object, we
return early. This match pkg ssa implementation

Signed-off-by: Soule BA <soule@weave.works>
Soule BA 959ea6875a
Fix panic on bootstrap when orgRef is not retrieved
If implemented, not retrieving an orgRef will always return an error

Signed-off-by: Soule BA <soule@weave.works>
Soule BA 997e6be3a2
Make sure to trim all sops data
If implemented this fixes  and make sure we can build with sops
encrypted data

Signed-off-by: Soule BA <soule@weave.works>
Soule BA b86b195450
Add contextual error code for flux diff kustomization
If implemented, calling the diff command on kustomization will return 0,
1(if changes are identified), >1 for errors.

Signed-off-by: Soule BA <soule@weave.works>
Soule BA 10b761e4e7
Add license Header to internal/build files
This adds an up to date license header to the files.

Signed-off-by: Soule BA <soule@weave.works>
Soule BA 306f8f5715
Add graceful shutdown when interrupted
If implemented this permit restoring a clean state in case of signal
interruption.

Signed-off-by: Soule BA <soule@weave.works>
Soule BA f7d9ee90cd
Add e2e tests for build/diff kustomization
Signed-off-by: Soule BA <soule@weave.works>
Soule BA 9376c9a946
Add a diff kustomization feature
If implemented it will permit queriying the Kubernetes API to fetch the specified
Flux Kustomization, then uses the specified path to build the overlay.
It will then ssa-dry-run apply and output the diff using homeport/dyff

Signed-off-by: Soule BA <soule@weave.works>
Soule BA 70fb87bc93
Add a build kustomization feature
If implemented it will permit queriying the Kubernetes API to fetch the specified
Flux Kustomization, then uses the specified path to build
the overlay.

Signed-off-by: Soule BA <soule@weave.works>
Stefan Prodan 8c67708829
Update dependencies
- sigs.k8s.io/cli-utils v0.27.0
- github.com/fluxcd/pkg/ssa v0.10.0

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Soule BA da6dfd5a1b
Use provided ssh hostname to sync with ssh
Signed-off-by: Soule BA <soule@weave.works>
Aurel Canciu f3d143e5ee
Update Go to v1.17
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
Jakob Schrettenbrunner ca7d2e783f Use k8s.io/cli-runtime for kubernetes flags
Signed-off-by: Jakob Schrettenbrunner <jakob.schrettenbrunner@telekom.de>
Somtochi Onyekwere a03574f8c3 Add caBundle to bitbucket
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Somtochi Onyekwere 43c6a1531a Add caBundle to gogit provider config
Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Soule BA 46f9fc194c Add stash provider bootstrap support
The new command set is:
  flux bootstrap bitbucket-server --owner=<project> --username=<user> --repository=<repository name> --hostname=<domain> --token-auth

There is a parity in the capabilities with the other providers.

Signed-off-by: Soule BA <soule@weave.works>
Stefan Prodan 43edb62f87
Update dependencies
- github.com/fluxcd/go-git-providers v0.3.1
- github.com/fluxcd/pkg/ssa v0.3.1
- github.com/manifoldco/promptui v0.9.0
- sigs.k8s.io/controller-runtime v0.10.2

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 078cfe92c2
Add JSON and YAML output options to flux tree cmd
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Stefan Prodan 80ef184b60
Add flux tree command
The `flux tree kustomization` command prints the resources reconciled by the given Kustomization.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>