diff --git a/controllers/git_error_test.go b/controllers/git_error_test.go deleted file mode 100644 index d0b9b69c..00000000 --- a/controllers/git_error_test.go +++ /dev/null @@ -1,76 +0,0 @@ -/* -Copyright 2020, 2021 The Flux authors - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controllers - -import ( - "errors" - "testing" -) - -func TestLibgit2ErrorTidy(t *testing.T) { - // this is what GitLab sends if the deploy key doesn't have write access - gitlabMessage := `remote: -remote: ======================================================================== -remote: -remote: This deploy key does not have write access to this project. -remote: -remote: ======================================================================== -remote: -` - expectedReformat := "remote: This deploy key does not have write access to this project." - - err := errors.New(gitlabMessage) - err = libgit2PushError(err) - reformattedMessage := err.Error() - if reformattedMessage != expectedReformat { - t.Errorf("expected %q, got %q", expectedReformat, reformattedMessage) - } -} - -func TestLibgit2Multiline(t *testing.T) { - // this is a hypothetical error message, in which the useful - // content spans more than one line - multilineMessage := `remote: -remote: ======================================================================== -remote: -remote: This deploy key does not have write access to this project. -remote: You will need to create a new deploy key. -remote: -remote: ======================================================================== -remote: -` - expectedReformat := "remote: This deploy key does not have write access to this project. You will need to create a new deploy key." - - err := errors.New(multilineMessage) - err = libgit2PushError(err) - reformattedMessage := err.Error() - if reformattedMessage != expectedReformat { - t.Errorf("expected %q, got %q", expectedReformat, reformattedMessage) - } -} - -func TestLibgit2ErrorUnchanged(t *testing.T) { - // this is (roughly) what GitHub sends if the deploy key doesn't have write access - regularMessage := `remote: ERROR: deploy key does not have permissions` - expectedReformat := regularMessage - err := errors.New(regularMessage) - err = libgit2PushError(err) - reformattedMessage := err.Error() - if reformattedMessage != expectedReformat { - t.Errorf("expected %q, got %q", expectedReformat, reformattedMessage) - } -} diff --git a/controllers/git_test.go b/controllers/git_test.go deleted file mode 100644 index 1040b58c..00000000 --- a/controllers/git_test.go +++ /dev/null @@ -1,318 +0,0 @@ -package controllers - -import ( - "context" - "fmt" - "os" - "path/filepath" - "testing" - "time" - - "github.com/go-logr/logr" - libgit2 "github.com/libgit2/git2go/v33" - . "github.com/onsi/gomega" - "k8s.io/apimachinery/pkg/types" - - "github.com/fluxcd/pkg/gittestserver" - "github.com/fluxcd/source-controller/pkg/git" -) - -func populateRepoFromFixture(repo *libgit2.Repository, fixture string) error { - absFixture, err := filepath.Abs(fixture) - if err != nil { - return err - } - if err := filepath.Walk(absFixture, func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if info.IsDir() { - return os.MkdirAll(filepath.Join(path[len(fixture):]), info.Mode()) - } - // copy symlinks as-is, so I can test what happens with broken symlinks - if info.Mode()&os.ModeSymlink > 0 { - target, err := os.Readlink(path) - if err != nil { - return err - } - return os.Symlink(target, path[len(fixture):]) - } - - fileBytes, err := os.ReadFile(path) - if err != nil { - return err - } - - ff, err := os.Create(path[len(fixture):]) - if err != nil { - return err - } - defer ff.Close() - - _, err = ff.Write(fileBytes) - return err - }); err != nil { - return err - } - - sig := &libgit2.Signature{ - Name: "Testbot", - Email: "test@example.com", - When: time.Now(), - } - - if _, err := commitWorkDir(repo, "main", "Initial revision from "+fixture, sig); err != nil { - return err - } - - return nil -} - -func TestRepoForFixture(t *testing.T) { - tmp, err := os.MkdirTemp("", "flux-test") - if err != nil { - t.Fatal(err) - } - defer os.RemoveAll(tmp) - - repo, err := initGitRepoPlain("testdata/pathconfig", tmp) - if err != nil { - t.Error(err) - } - repo.Free() -} - -func TestIgnoreBrokenSymlink(t *testing.T) { - // init a git repo in the filesystem so we can operate on files there - tmp, err := os.MkdirTemp("", "flux-test") - if err != nil { - t.Fatal(err) - } - defer os.RemoveAll(tmp) - - repo, err := initGitRepoPlain("testdata/brokenlink", tmp) - if err != nil { - t.Fatal(err) - } - - _, err = commitChangedManifests(logr.Discard(), repo, tmp, nil, nil, "unused") - if err != errNoChanges { - t.Fatalf("expected no changes but got: %v", err) - } -} - -// this is a hook script that will reject a ref update for a branch -// that's not `main` -const rejectBranch = ` -if [ "$1" != "refs/heads/main" ]; then - echo "*** Rejecting push to non-main branch $1" >&2 - exit 1 -fi -` - -func TestPushRejected(t *testing.T) { - // Check that pushing to a repository which rejects a ref update - // results in an error. Why would a repo reject an update? If yu - // use e.g., branch protection in GitHub, this is what happens -- - // see - // https://github.com/fluxcd/image-automation-controller/issues/194. - - branch := "push-branch" - - gitServer, err := gittestserver.NewTempGitServer() - if err != nil { - t.Fatal(err) - } - gitServer.AutoCreate() - gitServer.InstallUpdateHook(rejectBranch) - - if err = gitServer.StartHTTP(); err != nil { - t.Fatal(err) - } - - // We use "test" as the branch to init repo, to avoid potential conflicts - // with the default branch(main/master) of the system this test is running - // on. If, for e.g., we used main as the branch and the default branch is - // supposed to be main, this will fail as this would try to create a branch - // named main explicitly. - if err = initGitRepo(gitServer, "testdata/appconfig", "test", "/appconfig.git"); err != nil { - t.Fatal(err) - } - - repoURL := gitServer.HTTPAddressWithCredentials() + "/appconfig.git" - cloneCtx, cancel := context.WithTimeout(ctx, time.Second*10) - defer cancel() - repo, err := clone(cloneCtx, repoURL, "test", nil) - if err != nil { - t.Fatal(err) - } - defer repo.Free() - - cleanup, err := configureTransportOptsForRepo(repo, nil) - if err != nil { - t.Fatal(err) - } - defer cleanup() - - // This is here to guard against push in general being broken - err = push(context.TODO(), repo.Workdir(), "test", repoAccess{}) - if err != nil { - t.Fatal(err) - } - - // This is not under test, but needed for the next bit - if err = repo.SetHead(fmt.Sprintf("refs/heads/%s", branch)); err != nil { - t.Fatal(err) - } - - // This is supposed to fail, because the hook rejects the branch - // pushed to. - err = push(context.TODO(), repo.Workdir(), branch, repoAccess{}) - if err == nil { - t.Error("push to a forbidden branch is expected to fail, but succeeded") - } -} - -func TestEarlyEOF(t *testing.T) { - g := NewWithT(t) - - gitServer, err := gittestserver.NewTempGitServer() - g.Expect(err).ToNot(HaveOccurred()) - defer os.RemoveAll(gitServer.Root()) - - username := "norris" - password := "chuck" - - gitServer. - AutoCreate(). - KeyDir(filepath.Join(t.TempDir(), "keys")). - Auth(username, password). - ReadOnly(true) - - err = gitServer.StartHTTP() - g.Expect(err).ToNot(HaveOccurred()) - - err = initGitRepo(gitServer, "testdata/appconfig", "test", "/appconfig.git") - g.Expect(err).ToNot(HaveOccurred()) - - repoURL := gitServer.HTTPAddressWithCredentials() + "/appconfig.git" - cloneCtx, cancel := context.WithTimeout(ctx, time.Second*10) - defer cancel() - - access := repoAccess{ - auth: &git.AuthOptions{ - Username: username, - Password: password, - }, - } - - repo, err := clone(cloneCtx, repoURL, "test", access.auth) - g.Expect(err).ToNot(HaveOccurred()) - - defer repo.Free() - - cleanup, err := configureTransportOptsForRepo(repo, access.auth) - g.Expect(err).ToNot(HaveOccurred()) - - defer cleanup() - - err = push(context.TODO(), repo.Workdir(), "test", access) - g.Expect(err).To(HaveOccurred()) - g.Expect(err.Error()).To(ContainSubstring("early EOF (the SSH key may not have write access to the repository)")) -} - -func Test_switchToBranch(t *testing.T) { - g := NewWithT(t) - gitServer, err := gittestserver.NewTempGitServer() - g.Expect(err).ToNot(HaveOccurred()) - gitServer.AutoCreate() - g.Expect(gitServer.StartHTTP()).To(Succeed()) - - // We use "test" as the branch to init repo, to avoid potential conflicts - // with the default branch(main/master) of the system this test is running - // on. If, for e.g., we used main as the branch and the default branch is - // supposed to be main, this will fail as this would try to create a branch - // named main explicitly. - branch := "test" - g.Expect(initGitRepo(gitServer, "testdata/appconfig", branch, "/appconfig.git")).To(Succeed()) - - repoURL := gitServer.HTTPAddressWithCredentials() + "/appconfig.git" - cloneCtx, cancel := context.WithTimeout(ctx, time.Second*10) - defer cancel() - repo, err := clone(cloneCtx, repoURL, branch, nil) - g.Expect(err).ToNot(HaveOccurred()) - defer repo.Free() - - head, err := repo.Head() - g.Expect(err).ToNot(HaveOccurred()) - defer head.Free() - target := head.Target() - - // register transport options and update remote to transport url - cleanup, err := configureTransportOptsForRepo(repo, nil) - if err != nil { - t.Fatal(err) - } - defer cleanup() - - // calling switchToBranch with a branch that doesn't exist on origin - // should result in the branch being created and switched to. - branch = "not-on-origin" - switchToBranch(repo, context.TODO(), branch, repoAccess{}) - - head, err = repo.Head() - g.Expect(err).ToNot(HaveOccurred()) - name, err := head.Branch().Name() - g.Expect(err).ToNot(HaveOccurred()) - g.Expect(name).To(Equal(branch)) - - cc, err := repo.LookupCommit(head.Target()) - g.Expect(err).ToNot(HaveOccurred()) - defer cc.Free() - g.Expect(cc.Id().String()).To(Equal(target.String())) - - // create a branch with the HEAD commit and push it to origin - branch = "exists-on-origin" - _, err = repo.CreateBranch(branch, cc, false) - g.Expect(err).ToNot(HaveOccurred()) - origin, err := repo.Remotes.Lookup(originRemote) - g.Expect(err).ToNot(HaveOccurred()) - defer origin.Free() - - g.Expect(origin.Push( - []string{fmt.Sprintf("refs/heads/%s:refs/heads/%s", branch, branch)}, &libgit2.PushOptions{}, - )).To(Succeed()) - - // push a new commit to the branch. this is done to test whether we properly - // sync our local branch with the remote branch, before switching. - policyKey := types.NamespacedName{ - Name: "policy", - Namespace: "ns", - } - commitID := commitInRepo(g, repoURL, branch, "Install setter marker", func(tmp string) { - g.Expect(replaceMarker(tmp, policyKey)).To(Succeed()) - }) - - // calling switchToBranch with a branch that exists should make sure to fetch latest - // for that branch from origin, and then switch to it. - switchToBranch(repo, context.TODO(), branch, repoAccess{}) - head, err = repo.Head() - g.Expect(err).ToNot(HaveOccurred()) - name, err = head.Branch().Name() - - g.Expect(err).ToNot(HaveOccurred()) - g.Expect(name).To(Equal(branch)) - g.Expect(head.Target().String()).To(Equal(commitID.String())) - - // push a commit after switching to the branch, to check if the local - // branch is synced with origin. - replaceMarker(repo.Workdir(), policyKey) - sig := &libgit2.Signature{ - Name: "Testbot", - Email: "test@example.com", - When: time.Now(), - } - _, err = commitWorkDir(repo, branch, "update policy", sig) - g.Expect(err).ToNot(HaveOccurred()) - g.Expect(push(context.TODO(), repo.Workdir(), branch, repoAccess{})).To(Succeed()) -} diff --git a/controllers/imageupdateautomation_controller.go b/controllers/imageupdateautomation_controller.go index 99da57cc..882a3400 100644 --- a/controllers/imageupdateautomation_controller.go +++ b/controllers/imageupdateautomation_controller.go @@ -19,21 +19,18 @@ package controllers import ( "bytes" "context" - "errors" "fmt" "math" + "net/url" "os" - "path/filepath" "strings" "text/template" "time" "github.com/Masterminds/sprig/v3" "github.com/ProtonMail/go-crypto/openpgp" - "github.com/ProtonMail/go-crypto/openpgp/packet" securejoin "github.com/cyphar/filepath-securejoin" "github.com/go-logr/logr" - libgit2 "github.com/libgit2/git2go/v33" corev1 "k8s.io/api/core/v1" apimeta "k8s.io/apimachinery/pkg/api/meta" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -55,15 +52,14 @@ import ( imagev1_reflect "github.com/fluxcd/image-reflector-controller/api/v1beta1" apiacl "github.com/fluxcd/pkg/apis/acl" "github.com/fluxcd/pkg/apis/meta" + "github.com/fluxcd/pkg/git" + libgit2pkg "github.com/fluxcd/pkg/git/libgit2" "github.com/fluxcd/pkg/runtime/acl" "github.com/fluxcd/pkg/runtime/events" "github.com/fluxcd/pkg/runtime/logger" "github.com/fluxcd/pkg/runtime/metrics" "github.com/fluxcd/pkg/runtime/predicates" sourcev1 "github.com/fluxcd/source-controller/api/v1beta2" - "github.com/fluxcd/source-controller/pkg/git" - "github.com/fluxcd/source-controller/pkg/git/libgit2/managed" - gitstrat "github.com/fluxcd/source-controller/pkg/git/strategy" imagev1 "github.com/fluxcd/image-automation-controller/api/v1beta1" "github.com/fluxcd/image-automation-controller/pkg/update" @@ -234,7 +230,7 @@ func (r *ImageUpdateAutomationReconciler) Reconcile(ctx context.Context, req ctr } else if r := origin.Spec.Reference; r != nil { ref = r tracelog.Info("using git repository ref from GitRepository spec", "ref", ref) - } // else remain as `nil`, which is an acceptable value for cloneInto, later. + } // else remain as `nil` and git.DefaultBranch will be used. var pushBranch string if gitSpec.Push != nil { @@ -265,54 +261,39 @@ func (r *ImageUpdateAutomationReconciler) Reconcile(ctx context.Context, req ctr debuglog.Info("attempting to clone git repository", "gitrepository", originName, "ref", ref, "working", tmp) - access, err := r.getRepoAccess(ctx, &origin) + authOpts, err := r.getAuthOpts(ctx, &origin) if err != nil { return failWithError(err) } - // We set the TransportOptionsURL of this set of authentication options here by constructing - // a unique URL that won't clash in a multi tenant environment. This unique URL is used by - // libgit2 managed transports. This enables us to bypass the inbuilt credentials callback in - // libgit2, which is inflexible and unstable. - // NB: The Transport Options URL must be unique, therefore it must use the object under - // reconciliation details, instead of the repository it depends on. - if strings.HasPrefix(origin.Spec.URL, "http") { - access.auth.TransportOptionsURL = fmt.Sprintf("http://%s/%s/%d", auto.Name, auto.UID, auto.Generation) - } else if strings.HasPrefix(origin.Spec.URL, "ssh") { - access.auth.TransportOptionsURL = fmt.Sprintf("ssh://%s/%s/%d", auto.Name, auto.UID, auto.Generation) - } else { - return failWithError(fmt.Errorf("git repository URL '%s' has invalid transport type, supported types are: http, https, ssh", origin.Spec.URL)) + lgc, err := libgit2pkg.NewClient(tmp, authOpts) + if err != nil { + return failWithError(err) + } + defer lgc.Close() + + opts := git.CloneOptions{} + if ref != nil { + opts.Tag = ref.Tag + opts.SemVer = ref.SemVer + opts.Commit = ref.Commit + opts.Branch = ref.Branch } // Use the git operations timeout for the repo. cloneCtx, cancel := context.WithTimeout(ctx, origin.Spec.Timeout.Duration) defer cancel() - var repo *libgit2.Repository - if repo, err = cloneInto(cloneCtx, access, ref, tmp); err != nil { + if _, err := lgc.Clone(cloneCtx, origin.Spec.URL, opts); err != nil { return failWithError(err) } - defer repo.Free() - - // Checkout removes TransportOptions before returning, therefore this - // must happen after cloneInto. - // TODO(pjbgf): Git consolidation should improve the API workflow. - managed.AddTransportOptions(access.auth.TransportOptionsURL, managed.TransportOptions{ - TargetURL: origin.Spec.URL, - AuthOpts: access.auth, - ProxyOptions: &libgit2.ProxyOptions{Type: libgit2.ProxyTypeAuto}, - Context: cloneCtx, - }) - - defer managed.RemoveTransportOptions(access.auth.TransportOptionsURL) // When there's a push spec, the pushed-to branch is where commits // shall be made - if gitSpec.Push != nil && !(ref != nil && ref.Branch == pushBranch) { // Use the git operations timeout for the repo. fetchCtx, cancel := context.WithTimeout(ctx, origin.Spec.Timeout.Duration) defer cancel() - if err := switchToBranch(repo, fetchCtx, pushBranch, access); err != nil && err != errRemoteBranchMissing { + if err := lgc.SwitchBranch(fetchCtx, pushBranch); err != nil { return failWithError(err) } } @@ -377,14 +358,18 @@ func (r *ImageUpdateAutomationReconciler) Reconcile(ctx context.Context, req ctr // The status message depends on what happens next. Since there's // more than one way to succeed, there's some if..else below, and // early returns only on failure. - signature := &libgit2.Signature{ - Name: gitSpec.Commit.Author.Name, - Email: gitSpec.Commit.Author.Email, - When: time.Now(), - } - - if rev, err := commitChangedManifests(tracelog, repo, tmp, signingEntity, signature, message); err != nil { - if err != errNoChanges { + if rev, err := lgc.Commit( + git.Commit{ + Author: git.Signature{ + Name: gitSpec.Commit.Author.Name, + Email: gitSpec.Commit.Author.Email, + When: time.Now(), + }, + Message: message, + }, + git.WithSigner(signingEntity), + ); err != nil { + if err != git.ErrNoStagedFiles { return failWithError(err) } @@ -398,7 +383,7 @@ func (r *ImageUpdateAutomationReconciler) Reconcile(ctx context.Context, req ctr // Use the git operations timeout for the repo. pushCtx, cancel := context.WithTimeout(ctx, origin.Spec.Timeout.Duration) defer cancel() - if err := push(pushCtx, tmp, pushBranch, access); err != nil { + if err := lgc.Push(pushCtx); err != nil { return failWithError(err) } @@ -523,11 +508,8 @@ type repoAccess struct { url string } -func (r *ImageUpdateAutomationReconciler) getRepoAccess(ctx context.Context, repository *sourcev1.GitRepository) (repoAccess, error) { - var access repoAccess - access.url = repository.Spec.URL - access.auth = &git.AuthOptions{} - +func (r *ImageUpdateAutomationReconciler) getAuthOpts(ctx context.Context, repository *sourcev1.GitRepository) (*git.AuthOptions, error) { + var data map[string][]byte if repository.Spec.SecretRef != nil { name := types.NamespacedName{ Namespace: repository.GetNamespace(), @@ -537,181 +519,22 @@ func (r *ImageUpdateAutomationReconciler) getRepoAccess(ctx context.Context, rep secret := &corev1.Secret{} err := r.Client.Get(ctx, name, secret) if err != nil { - err = fmt.Errorf("auth secret error: %w", err) - return access, err - } - - access.auth, err = git.AuthOptionsFromSecret(access.url, secret) - if err != nil { - err = fmt.Errorf("auth error: %w", err) - return access, err - } - } - return access, nil -} - -// cloneInto clones the upstream repository at the `ref` given (which -// can be `nil`). It returns a `*libgit2.Repository` since that is used -// for committing changes. -func cloneInto(ctx context.Context, access repoAccess, ref *sourcev1.GitRepositoryRef, - path string) (*libgit2.Repository, error) { - opts := git.CheckoutOptions{} - if ref != nil { - opts.Tag = ref.Tag - opts.SemVer = ref.SemVer - opts.Commit = ref.Commit - opts.Branch = ref.Branch - } - checkoutStrat, err := gitstrat.CheckoutStrategyForImplementation(ctx, sourcev1.LibGit2Implementation, opts) - if err == nil { - _, err = checkoutStrat.Checkout(ctx, path, access.url, access.auth) - } - if err != nil { - return nil, err - } - - return libgit2.OpenRepository(path) -} - -func headCommit(repo *libgit2.Repository) (*libgit2.Commit, error) { - head, err := repo.Head() - if err != nil { - return nil, err - } - defer head.Free() - c, err := repo.LookupCommit(head.Target()) - if err != nil { - return nil, err - } - return c, nil -} - -var errNoChanges error = errors.New("no changes made to working directory") - -func commitChangedManifests(tracelog logr.Logger, repo *libgit2.Repository, absRepoPath string, ent *openpgp.Entity, sig *libgit2.Signature, message string) (string, error) { - sl, err := repo.StatusList(&libgit2.StatusOptions{ - Show: libgit2.StatusShowIndexAndWorkdir, - }) - if err != nil { - return "", err - } - defer sl.Free() - - count, err := sl.EntryCount() - if err != nil { - return "", err - } - - if count == 0 { - return "", errNoChanges - } - - var parentC []*libgit2.Commit - head, err := headCommit(repo) - if err == nil { - defer head.Free() - parentC = append(parentC, head) - } - - index, err := repo.Index() - if err != nil { - return "", err - } - defer index.Free() - - // add to index any files that are not within .git/ - if err = filepath.Walk(repo.Workdir(), - func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - rel, err := filepath.Rel(repo.Workdir(), path) - if err != nil { - return err - } - f, err := os.Stat(path) - if err != nil { - return err - } - if f.IsDir() || strings.HasPrefix(rel, ".git") || rel == "." { - return nil - } - if err := index.AddByPath(rel); err != nil { - tracelog.Info("adding file", "file", rel) - return err - } - return nil - }); err != nil { - return "", err - } - - if err := index.Write(); err != nil { - return "", err - } - - treeID, err := index.WriteTree() - if err != nil { - return "", err - } - - tree, err := repo.LookupTree(treeID) - if err != nil { - return "", err - } - defer tree.Free() - - commitID, err := repo.CreateCommit("HEAD", sig, sig, message, tree, parentC...) - if err != nil { - return "", err - } - - // return unsigned commit if pgp entity is not provided - if ent == nil { - return commitID.String(), nil - } - - commit, err := repo.LookupCommit(commitID) - if err != nil { - return "", err - } - defer commit.Free() - - signedCommitID, err := commit.WithSignatureUsing(func(commitContent string) (string, string, error) { - cipherText := new(bytes.Buffer) - err := openpgp.ArmoredDetachSignText(cipherText, ent, strings.NewReader(commitContent), &packet.Config{}) - if err != nil { - return "", "", errors.New("error signing payload") + return nil, fmt.Errorf("failed to get secret '%s': %w", name.String(), err) } - - return cipherText.String(), "", nil - }) - if err != nil { - return "", err + data = secret.Data } - signedCommit, err := repo.LookupCommit(signedCommitID) - if err != nil { - return "", err - } - defer signedCommit.Free() - newHead, err := repo.Head() + u, err := url.Parse(repository.Spec.URL) if err != nil { - return "", err + return nil, fmt.Errorf("failed to parse URL '%s': %w", repository.Spec.URL, err) } - defer newHead.Free() - ref, err := repo.References.Create( - newHead.Name(), - signedCommit.Id(), - true, - "repoint to signed commit", - ) + opts, err := git.NewAuthOptions(*u, data) if err != nil { - return "", err + return nil, fmt.Errorf("failed to configure authentication options: %w", err) } - defer ref.Free() - return signedCommitID.String(), nil + return opts, nil } // getSigningEntity retrieves an OpenPGP entity referenced by the @@ -744,175 +567,6 @@ func (r *ImageUpdateAutomationReconciler) getSigningEntity(ctx context.Context, return entities[0], nil } -var errRemoteBranchMissing = errors.New("remote branch missing") - -// switchToBranch switches to a branch after fetching latest from upstream. -// If the branch does not exist, it is created using the head as the starting point. -func switchToBranch(repo *libgit2.Repository, ctx context.Context, branch string, access repoAccess) error { - origin, err := repo.Remotes.Lookup(originRemote) - if err != nil { - return fmt.Errorf("cannot lookup remote: %w", err) - } - defer origin.Free() - - // Override callbacks with dummy ones as they are not needed within Managed Transport. - // However, not setting them may lead to git2go panicing. - callbacks := managed.RemoteCallbacks() - - // Force the fetching of the remote branch. - err = origin.Fetch([]string{branch}, &libgit2.FetchOptions{ - RemoteCallbacks: callbacks, - }, "") - if err != nil { - return fmt.Errorf("cannot fetch remote branch: %w", err) - } - - remoteBranch, err := repo.References.Lookup(fmt.Sprintf("refs/remotes/origin/%s", branch)) - if err != nil && !libgit2.IsErrorCode(err, libgit2.ErrorCodeNotFound) { - return err - } - if remoteBranch != nil { - defer remoteBranch.Free() - } - err = nil - - var commit *libgit2.Commit - // tries to get tip commit from remote branch, if it exists. - // otherwise gets the commit that local head is pointing to. - if remoteBranch != nil { - commit, err = repo.LookupCommit(remoteBranch.Target()) - } else { - head, err := repo.Head() - if err != nil { - return fmt.Errorf("cannot get repo head: %w", err) - } - defer head.Free() - commit, err = repo.LookupCommit(head.Target()) - } - if err != nil { - return fmt.Errorf("cannot find the head commit: %w", err) - } - defer commit.Free() - - localBranch, err := repo.References.Lookup(fmt.Sprintf("refs/heads/%s", branch)) - if err != nil && !libgit2.IsErrorCode(err, libgit2.ErrorCodeNotFound) { - return fmt.Errorf("cannot lookup branch '%s': %w", branch, err) - } - if localBranch == nil { - lb, err := repo.CreateBranch(branch, commit, false) - if err != nil { - return fmt.Errorf("cannot create branch '%s': %w", branch, err) - } - defer lb.Free() - // We could've done something like: - // localBranch = lb.Reference - // But for some reason, calling `lb.Free()` AND using it, causes a really - // nasty crash. Since, we can't avoid calling `lb.Free()`, in order to prevent - // memory leaks, we don't use `lb` and instead manually lookup the ref. - localBranch, err = repo.References.Lookup(fmt.Sprintf("refs/heads/%s", branch)) - if err != nil { - return fmt.Errorf("cannot lookup branch '%s': %w", branch, err) - } - } - defer localBranch.Free() - - tree, err := repo.LookupTree(commit.TreeId()) - if err != nil { - return fmt.Errorf("cannot lookup tree for branch '%s': %w", branch, err) - } - defer tree.Free() - - err = repo.CheckoutTree(tree, &libgit2.CheckoutOpts{ - // the remote branch should take precedence if it exists at this point in time. - Strategy: libgit2.CheckoutForce, - }) - if err != nil { - return fmt.Errorf("cannot checkout tree for branch '%s': %w", branch, err) - } - - ref, err := localBranch.SetTarget(commit.Id(), "") - if err != nil { - return fmt.Errorf("cannot update branch '%s' to be at target commit: %w", branch, err) - } - ref.Free() - - return repo.SetHead("refs/heads/" + branch) -} - -// push pushes the branch given to the origin using the git library -// indicated by `impl`. It's passed both the path to the repo and a -// libgit2.Repository value, since the latter may as well be used if the -// implementation is libgit2. -func push(ctx context.Context, path, branch string, access repoAccess) error { - repo, err := libgit2.OpenRepository(path) - if err != nil { - return err - } - defer repo.Free() - origin, err := repo.Remotes.Lookup(originRemote) - if err != nil { - return err - } - defer origin.Free() - - // Override callbacks with dummy ones as they are not needed within Managed Transport. - // However, not setting them may lead to git2go panicing. - callbacks := managed.RemoteCallbacks() - - // calling repo.Push will succeed even if a reference update is - // rejected; to detect this case, this callback is supplied. - var callbackErr error - callbacks.PushUpdateReferenceCallback = func(refname, status string) error { - if status != "" { - callbackErr = fmt.Errorf("ref %s rejected: %s", refname, status) - } - return nil - } - err = origin.Push([]string{fmt.Sprintf("refs/heads/%s:refs/heads/%s", branch, branch)}, &libgit2.PushOptions{ - RemoteCallbacks: callbacks, - ProxyOptions: libgit2.ProxyOptions{Type: libgit2.ProxyTypeAuto}, - }) - if err != nil { - if strings.Contains(err.Error(), "early EOF") { - return fmt.Errorf("%w (the SSH key may not have write access to the repository)", err) - } - return libgit2PushError(err) - } - return callbackErr -} - -func libgit2PushError(err error) error { - if err == nil { - return err - } - // libgit2 returns the whole output from stderr, and we only need - // the message. GitLab likes to return a banner, so as an - // heuristic, strip any lines that are just "remote:" and spaces - // or fencing. - msg := err.Error() - lines := strings.Split(msg, "\n") - if len(lines) == 1 { - return err - } - var b strings.Builder - // the following removes the prefix "remote:" from each line; to - // retain a bit of fidelity to the original error, start with it. - b.WriteString("remote: ") - - var appending bool - for _, line := range lines { - m := strings.TrimPrefix(line, "remote:") - if m = strings.Trim(m, " \t="); m != "" { - if appending { - b.WriteString(" ") - } - b.WriteString(m) - appending = true - } - } - return errors.New(b.String()) -} - // --- events, metrics func (r *ImageUpdateAutomationReconciler) event(ctx context.Context, auto imagev1.ImageUpdateAutomation, severity, msg string) { diff --git a/controllers/suite_test.go b/controllers/suite_test.go index aaf00f2d..f911345b 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -30,9 +30,9 @@ import ( ctrl "sigs.k8s.io/controller-runtime" imagev1_reflect "github.com/fluxcd/image-reflector-controller/api/v1beta1" + "github.com/fluxcd/pkg/git/libgit2/transport" "github.com/fluxcd/pkg/runtime/testenv" sourcev1 "github.com/fluxcd/source-controller/api/v1beta2" - "github.com/fluxcd/source-controller/pkg/git/libgit2/managed" imagev1 "github.com/fluxcd/image-automation-controller/api/v1beta1" // +kubebuilder:scaffold:imports @@ -65,7 +65,9 @@ func TestMain(m *testing.M) { filepath.Join("testdata", "crds"), )) - managed.InitManagedTransport() + if err := transport.InitManagedTransport(); err != nil { + panic(fmt.Sprintf("Failed to initialize libgit2 managed transport: %v", err)) + } controllerName := "image-automation-controller" if err := (&ImageUpdateAutomationReconciler{ diff --git a/controllers/update_test.go b/controllers/update_test.go index aa773423..52cb57d2 100644 --- a/controllers/update_test.go +++ b/controllers/update_test.go @@ -51,11 +51,11 @@ import ( imagev1_reflect "github.com/fluxcd/image-reflector-controller/api/v1beta1" "github.com/fluxcd/pkg/apis/acl" "github.com/fluxcd/pkg/apis/meta" + "github.com/fluxcd/pkg/git" + "github.com/fluxcd/pkg/git/libgit2/transport" "github.com/fluxcd/pkg/gittestserver" "github.com/fluxcd/pkg/ssh" sourcev1 "github.com/fluxcd/source-controller/api/v1beta2" - "github.com/fluxcd/source-controller/pkg/git" - "github.com/fluxcd/source-controller/pkg/git/libgit2/managed" imagev1 "github.com/fluxcd/image-automation-controller/api/v1beta1" "github.com/fluxcd/image-automation-controller/pkg/test" @@ -910,7 +910,7 @@ func configureTransportOptsForRepo(repo *libgit2.Repository, authOpts *git.AuthO return nil, err } transportOptsURL := u.Scheme + "://" + randStringRunes(5) - managed.AddTransportOptions(transportOptsURL, managed.TransportOptions{ + transport.AddTransportOptions(transportOptsURL, transport.TransportOptions{ TargetURL: repoURL, AuthOpts: authOpts, }) @@ -920,7 +920,7 @@ func configureTransportOptsForRepo(repo *libgit2.Repository, authOpts *git.AuthO return nil, fmt.Errorf("could not set remote origin url: %v", err) } return func() { - managed.RemoveTransportOptions(transportOptsURL) + transport.RemoveTransportOptions(transportOptsURL) repo.Remotes.SetUrl(originRemote, repoURL) }, nil } @@ -1191,12 +1191,12 @@ func clone(ctx context.Context, repoURL, branchName string, authOpts *git.AuthOp } transportOptsURL := u.Scheme + "://" + randStringRunes(5) - managed.AddTransportOptions(transportOptsURL, managed.TransportOptions{ + transport.AddTransportOptions(transportOptsURL, transport.TransportOptions{ TargetURL: repoURL, Context: ctx, AuthOpts: authOpts, }) - defer managed.RemoveTransportOptions(transportOptsURL) + defer transport.RemoveTransportOptions(transportOptsURL) opts := &git2go.CloneOptions{ Bare: false, diff --git a/go.mod b/go.mod index c8b73142..62b8ea98 100644 --- a/go.mod +++ b/go.mod @@ -22,10 +22,11 @@ require ( github.com/fluxcd/image-reflector-controller/api v0.20.1 github.com/fluxcd/pkg/apis/acl v0.1.0 github.com/fluxcd/pkg/apis/meta v0.15.0 + github.com/fluxcd/pkg/git v0.6.1 + github.com/fluxcd/pkg/git/libgit2 v0.1.1-0.20220902101857-4d204a4a6fa4 github.com/fluxcd/pkg/gittestserver v0.7.0 github.com/fluxcd/pkg/runtime v0.18.0 github.com/fluxcd/pkg/ssh v0.6.0 - github.com/fluxcd/source-controller v0.28.0 github.com/fluxcd/source-controller/api v0.28.0 github.com/go-logr/logr v1.2.3 github.com/google/go-containerregistry v0.11.0 @@ -65,13 +66,15 @@ require ( github.com/emicklei/go-restful/v3 v3.8.0 // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect + github.com/fatih/color v1.13.0 // indirect github.com/fluxcd/gitkit v0.6.0 // indirect github.com/fluxcd/pkg/gitutil v0.2.0 // indirect + github.com/fluxcd/pkg/http/transport v0.0.1 // indirect github.com/fluxcd/pkg/version v0.2.0 // indirect github.com/fsnotify/fsnotify v1.5.1 // indirect github.com/go-errors/errors v1.0.1 // indirect github.com/go-git/gcfg v1.5.0 // indirect - github.com/go-git/go-billy/v5 v5.3.1 // indirect + github.com/go-git/go-billy/v5 v5.3.2-0.20210603175951-e0768be422ff // indirect github.com/go-git/go-git/v5 v5.4.2 // indirect github.com/go-logr/zapr v1.2.3 // indirect github.com/go-openapi/jsonpointer v0.19.5 // indirect @@ -97,6 +100,8 @@ require ( github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/matryer/is v1.4.0 // indirect + github.com/mattn/go-colorable v0.1.12 // indirect + github.com/mattn/go-isatty v0.0.14 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect @@ -138,6 +143,7 @@ require ( k8s.io/apiextensions-apiserver v0.24.2 // indirect k8s.io/component-base v0.25.0 // indirect k8s.io/klog/v2 v2.70.1 // indirect + k8s.io/kubectl v0.24.2 // indirect k8s.io/utils v0.0.0-20220823124924-e9cbc92d1a73 // indirect sigs.k8s.io/cli-utils v0.33.0 // indirect sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect diff --git a/go.sum b/go.sum index 0901fa6f..c59c4028 100644 --- a/go.sum +++ b/go.sum @@ -66,6 +66,7 @@ github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZ github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= @@ -113,6 +114,7 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= +github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= @@ -123,6 +125,7 @@ github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghf github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1qXHoty45bqomnu2LM+VVyAEdWN+vtSHGlQgyxbw= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -158,8 +161,10 @@ github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxG github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/daviddengcn/go-colortext v0.0.0-20160507010035-511bcaf42ccd/go.mod h1:dv4zxwHi5C/8AeI+4gX4dCWOIvNi7I6JCSX0HvlKPgE= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= +github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= @@ -180,11 +185,15 @@ github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go. github.com/envoyproxy/go-control-plane v0.10.2-0.20220325020618-49ff273808a1/go.mod h1:KJwIaB5Mv44NWtYuAOFCVOjcI94vtpEz2JU/D2v6IjE= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= +github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= +github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w= +github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/felixge/httpsnoop v1.0.1/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/flowstack/go-jsonschema v0.1.1/go.mod h1:yL7fNggx1o8rm9RlgXv7hTBWxdBM0rVwpMwimd3F3N0= github.com/fluxcd/gitkit v0.6.0 h1:iNg5LTx6ePo+Pl0ZwqHTAkhbUHxGVSY3YCxCdw7VIFg= @@ -195,18 +204,22 @@ github.com/fluxcd/pkg/apis/acl v0.1.0 h1:EoAl377hDQYL3WqanWCdifauXqXbMyFuK82NnX6 github.com/fluxcd/pkg/apis/acl v0.1.0/go.mod h1:zfEZzz169Oap034EsDhmCAGgnWlcWmIObZjYMusoXS8= github.com/fluxcd/pkg/apis/meta v0.15.0 h1:uDVzbDNdFjp0GSB9qMpcW6r4K7SAjBQlCxQENSkWgkQ= github.com/fluxcd/pkg/apis/meta v0.15.0/go.mod h1:7NkgFrlswnx2QxP16+8zVNDBf+VhZ7PsDhkcJY6OSgQ= +github.com/fluxcd/pkg/git v0.6.1 h1:LC5k/5QBgDNoaDMb6ukmKNcxLih/Se09m1x5vLfUZb8= +github.com/fluxcd/pkg/git v0.6.1/go.mod h1:O1YYuMUr5z8gHZrB3xBIMFyOdcCXG7kHUAuAqu6UkeA= +github.com/fluxcd/pkg/git/libgit2 v0.1.1-0.20220902101857-4d204a4a6fa4 h1:i9dpgpIgcQDQWD6L2QbMNfLKQdoOLqIdbxnakqQ/J90= +github.com/fluxcd/pkg/git/libgit2 v0.1.1-0.20220902101857-4d204a4a6fa4/go.mod h1:LYpOnvmvCrL0S4k5njPvnUEERHqPOIIwxXIUhcZhOfY= github.com/fluxcd/pkg/gittestserver v0.7.0 h1:PRVaEjeC/ePKTusB5Bx/ExM0P6bjroPdG6K2DO7YJUM= github.com/fluxcd/pkg/gittestserver v0.7.0/go.mod h1:WHqqZQfdePi5M/s1ONMTB4MigktqJhzAFJOZ0KTBw9Y= github.com/fluxcd/pkg/gitutil v0.2.0 h1:7vvXfq+Ur1/WXEejXY/b2haJ/2Uj5Et5v4V33l+ni1Q= github.com/fluxcd/pkg/gitutil v0.2.0/go.mod h1:oOq6wzzTJmD/PPIM5GHj+PGtfbrL7cbQKZCDnVvyp+w= +github.com/fluxcd/pkg/http/transport v0.0.1 h1:2iB63xfOOgkH+gdKC5qfYV1TcL546JKOE/7ZZ86hRoc= +github.com/fluxcd/pkg/http/transport v0.0.1/go.mod h1:aDIYfECLVh3KTvM8HvNcpm2ESrVbhteJWEl0AFbcjJk= github.com/fluxcd/pkg/runtime v0.18.0 h1:3naATapV1y65ZWlsXEfJt66zSQBkJwJ9o/e6gqAF//E= github.com/fluxcd/pkg/runtime v0.18.0/go.mod h1:JKTvOFOCz5Un9KxGcBL7Xjt0fcRa10ZItGB0XFv44AY= github.com/fluxcd/pkg/ssh v0.6.0 h1:yRJ866obXCo0JseJCqlGKtF8cumioPcwIC6kMwf8Spg= github.com/fluxcd/pkg/ssh v0.6.0/go.mod h1:Puf+hWNzFsqdHtjDpsI3PTTvitZu41ObuPFblOdzrrI= github.com/fluxcd/pkg/version v0.2.0 h1:jG22c59Bsv6vL51N7Bqn8tjHArYOXrjbIkGArlIrv5w= github.com/fluxcd/pkg/version v0.2.0/go.mod h1:umN1VAOV0sB1JDVwb8eXZzuuqIAEku+y+vcCVBBUIf0= -github.com/fluxcd/source-controller v0.28.0 h1:8X8PlEgLm6dj7zxgWpKE2ORGgLT54Sv7/21c9AnbpLw= -github.com/fluxcd/source-controller v0.28.0/go.mod h1:9o/yXvym5TfpK55pq9vgQnLSjQEa9MBoGEwKTi10b+4= github.com/fluxcd/source-controller/api v0.28.0 h1:rSOkE1ngGNAI7j++ZZRzNIxFXZMhHgMi4qPdXDxEEtA= github.com/fluxcd/source-controller/api v0.28.0/go.mod h1:S+SvFUy4PLGLV1XMddHsO3K1NCwIbiBJvljejXcRSAA= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= @@ -216,6 +229,7 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWpgI= github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= +github.com/fvbommel/sortorder v1.0.1/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -226,8 +240,9 @@ github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= -github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34= github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= +github.com/go-git/go-billy/v5 v5.3.2-0.20210603175951-e0768be422ff h1:am7s+gMb3IKU9ym6BiErCR1pF1gnbjjl3eVbB7k6BdI= +github.com/go-git/go-billy/v5 v5.3.2-0.20210603175951-e0768be422ff/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= github.com/go-git/go-git-fixtures/v4 v4.2.1 h1:n9gGL1Ct/yIw+nfsfr8s4+sbhT+Ncu2SubfXjIWgci8= github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0= github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4= @@ -308,6 +323,7 @@ github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/golangplus/testing v0.0.0-20180327235837-af21d9c3145e/go.mod h1:0AA//k/eakGydO4jKRoRL2j92ZKSzTgj9tclaCrvXHk= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA= @@ -370,6 +386,7 @@ github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0 github.com/googleapis/gax-go/v2 v2.2.0/go.mod h1:as02EH8zWkzwUoLbBaFeQ+arQaj/OthfcblKl4IGNaM= github.com/googleapis/gax-go/v2 v2.3.0/go.mod h1:b8LNqSzNabLiUpXKkY7HAR5jr6bIT99EXz9pXxye9YM= github.com/googleapis/gax-go/v2 v2.4.0/go.mod h1:XOTVJ59hdnfJLIP/dh8n5CGryZR2LxK9wbMD5+iXC6c= +github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/googleapis/go-type-adapters v1.0.0/go.mod h1:zHW75FOG2aur7gAO2B+MLby+cLsWGBF62rFAi7WjWO4= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= @@ -457,9 +474,13 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= +github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= @@ -468,11 +489,16 @@ github.com/matryer/is v1.4.0 h1:sosSmIWwkYITGrxZ25ULNDeKiMNzFSr4V/eqBQP0PeE= github.com/matryer/is v1.4.0/go.mod h1:8I/i5uYgLzgsgEloJE1U6xx5HkBQpAZvepWuujKwMRU= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= +github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= github.com/mattn/go-colorable v0.1.12 h1:jF+Du6AlPIjs2BiUiQlKOX0rt3SujHxPnksPKZbaA40= +github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y= +github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= +github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= @@ -485,6 +511,7 @@ github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrk github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= +github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= @@ -516,6 +543,7 @@ github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLA github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= +github.com/olekukonko/tablewriter v0.0.4/go.mod h1:zq6QwlOf5SlnkVbMSr5EoBv3636FWnp+qbPhuoO21uA= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= @@ -539,6 +567,7 @@ github.com/otiai10/mint v1.3.3 h1:7JgpsBaN0uMkyju4tbYHu0mnM55hNKVYLsXmwr15NQI= github.com/otiai10/mint v1.3.3/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pjbgf/git2go/v33 v33.0.9-nothread-check h1:gSK7FaLECIM3VSuBOAsVZQtWd+51iTB5lv9RyxhOYMk= github.com/pjbgf/git2go/v33 v33.0.9-nothread-check/go.mod h1:KdpqkU+6+++4oHna/MIOgx4GCQ92IPCdpVRMRI80J+4= @@ -584,6 +613,7 @@ github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40T github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= @@ -613,17 +643,22 @@ github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/spf13/cast v1.4.1 h1:s0hze+J0196ZfEMTs80N7UlFt0BDuQ7Q+JDnHiMWKdA= github.com/spf13/cast v1.4.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= +github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/cobra v1.5.0 h1:X+jTBEBqF0bHN+9cSMgmfuvv2VHJ9ezmFNf9Y/XstYU= github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= +github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= +github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/objx v0.4.0 h1:M2gUjqZET1qApGOWNSnZ49BAIMX4F/1plDv3+l31EJ4= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= @@ -644,6 +679,7 @@ github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2 github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg= github.com/xlab/treeprint v1.1.0 h1:G/1DjNkPpfZCFt9CSh6b5/nY4VimlbHF3Rh4obvtzDk= github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -684,6 +720,7 @@ go.opentelemetry.io/otel/sdk/metric v0.20.0/go.mod h1:knxiS8Xd4E/N+ZqKmUPf3gTTZ4 go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5 h1:+FNtrFTmVw0YZGpBGX56XDee331t6JAXeK2bcyhLOOc= +go.starlark.net v0.0.0-20200306205701-8dd3e2ee1dd5/go.mod h1:nmDLcffg48OtT/PSW0Hg7FvpRQsQh5OSqIylirxKC7o= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -821,6 +858,7 @@ golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= +golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= @@ -864,6 +902,7 @@ golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191002063906-3421d5a6bb1c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -872,6 +911,7 @@ golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -916,6 +956,7 @@ golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -1046,6 +1087,7 @@ google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34q google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8= google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU= google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94= +google.golang.org/api v0.44.0/go.mod h1:EBOGZqzyhtvMDoxwS97ctnh0zUmYY6CxqXsc1AvkYD8= google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo= google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4= google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw= @@ -1214,6 +1256,7 @@ gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMy gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= @@ -1252,6 +1295,7 @@ k8s.io/apimachinery v0.25.0 h1:MlP0r6+3XbkUG2itd6vp3oxbtdQLQI94fD5gCS+gnoU= k8s.io/apimachinery v0.25.0/go.mod h1:qMx9eAk0sZQGsXGu86fab8tZdffHbwUfsvzqKn4mfB0= k8s.io/apiserver v0.24.2/go.mod h1:pSuKzr3zV+L+MWqsEo0kHHYwCo77AT5qXbFXP2jbvFI= k8s.io/cli-runtime v0.24.2 h1:KxY6tSgPGsahA6c1/dmR3uF5jOxXPx2QQY6C5ZrLmtE= +k8s.io/cli-runtime v0.24.2/go.mod h1:1LIhKL2RblkhfG4v5lZEt7FtgFG5mVb8wqv5lE9m5qY= k8s.io/client-go v0.24.2/go.mod h1:zg4Xaoo+umDsfCWr4fCnmLEtQXyCNXCvJuSsglNcV30= k8s.io/client-go v0.25.0 h1:CVWIaCETLMBNiTUta3d5nzRbXvY5Hy9Dpl+VvREpu5E= k8s.io/client-go v0.25.0/go.mod h1:lxykvypVfKilxhTklov0wz1FoaUZ8X4EwbhS6rpRfN8= @@ -1259,6 +1303,8 @@ k8s.io/code-generator v0.24.2/go.mod h1:dpVhs00hTuTdTY6jvVxvTFCk6gSMrtfRydbhZwHI k8s.io/component-base v0.24.2/go.mod h1:ucHwW76dajvQ9B7+zecZAP3BVqvrHoOxm8olHEg0nmM= k8s.io/component-base v0.25.0 h1:haVKlLkPCFZhkcqB6WCvpVxftrg6+FK5x1ZuaIDaQ5Y= k8s.io/component-base v0.25.0/go.mod h1:F2Sumv9CnbBlqrpdf7rKZTmmd2meJq0HizeyY/yAFxk= +k8s.io/component-helpers v0.24.2/go.mod h1:TRQPBQKfmqkmV6c0HAmUs8cXVNYYYLsXy4zu8eODi9g= +k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20210813121822-485abfe95c7c/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAEV2be7d5xI0vBa/VySYy3E= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= @@ -1266,10 +1312,13 @@ k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/klog/v2 v2.60.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ= k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw= k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42/go.mod h1:Z/45zLw8lUo4wdiUkI+v/ImEGAvu3WatcZl3lPMR4Rk= k8s.io/kube-openapi v0.0.0-20220803164354-a70c9af30aea h1:3QOH5+2fGsY8e1qf+GIFpg+zw/JGNrgyZRQR7/m6uWg= k8s.io/kube-openapi v0.0.0-20220803164354-a70c9af30aea/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU= k8s.io/kubectl v0.24.2 h1:+RfQVhth8akUmIc2Ge8krMl/pt66V7210ka3RE/p0J4= +k8s.io/kubectl v0.24.2/go.mod h1:+HIFJc0bA6Tzu5O/YcuUt45APAxnNL8LeMuXwoiGsPg= +k8s.io/metrics v0.24.2/go.mod h1:5NWURxZ6Lz5gj8TFU83+vdWIVASx7W8lwPpHYCqopMo= k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= k8s.io/utils v0.0.0-20220823124924-e9cbc92d1a73 h1:H9TCJUUx+2VA0ZiD9lvtaX8fthFsMoD+Izn93E/hm8U= @@ -1286,6 +1335,10 @@ sigs.k8s.io/json v0.0.0-20211208200746-9f7c6b3444d2/go.mod h1:B+TnT182UBxE84DiCz sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 h1:iXTIw73aPyC+oRdyqqvVJuloN1p0AC/kzH07hu3NE+k= sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.11.4 h1:/0Mr3kfBBNcNPOW5Qwk/3eb8zkswCwnqQxxKtmrTkRo= +sigs.k8s.io/kustomize/api v0.11.4/go.mod h1:k+8RsqYbgpkIrJ4p9jcdPqe8DprLxFUUO0yNOq8C+xI= +sigs.k8s.io/kustomize/cmd/config v0.10.6/go.mod h1:/S4A4nUANUa4bZJ/Edt7ZQTyKOY9WCER0uBS1SW2Rco= +sigs.k8s.io/kustomize/kustomize/v4 v4.5.4/go.mod h1:Zo/Xc5FKD6sHl0lilbrieeGeZHVYCA4BzxeAaLI05Bg= +sigs.k8s.io/kustomize/kyaml v0.13.6/go.mod h1:yHP031rn1QX1lr/Xd934Ri/xdVNG8BE2ECa78Ht/kEg= sigs.k8s.io/kustomize/kyaml v0.13.9 h1:Qz53EAaFFANyNgyOEJbT/yoIHygK40/ZcvU3rgry2Tk= sigs.k8s.io/kustomize/kyaml v0.13.9/go.mod h1:QsRbD0/KcU+wdk0/L0fIp2KLnohkVzs6fQ85/nOXac4= sigs.k8s.io/structured-merge-diff/v4 v4.0.2/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= diff --git a/main.go b/main.go index 3860aa64..4e88031b 100644 --- a/main.go +++ b/main.go @@ -43,8 +43,8 @@ import ( imagev1 "github.com/fluxcd/image-automation-controller/api/v1beta1" "github.com/fluxcd/image-automation-controller/internal/features" - "github.com/fluxcd/source-controller/pkg/git" - "github.com/fluxcd/source-controller/pkg/git/libgit2/managed" + "github.com/fluxcd/pkg/git" + "github.com/fluxcd/pkg/git/libgit2/transport" // +kubebuilder:scaffold:imports "github.com/fluxcd/image-automation-controller/controllers" @@ -167,7 +167,7 @@ func main() { } // +kubebuilder:scaffold:builder - if err = managed.InitManagedTransport(); err != nil { + if err = transport.InitManagedTransport(); err != nil { setupLog.Error(err, "unable to initialize libgit2 managed transport") os.Exit(1) }