Showing preview only (1,955K chars total). Download the full file or copy to clipboard to get everything.
Repository: fluxcd/flux2
Branch: main
Commit: d9f51d047dbb
Files: 667
Total size: 1.7 MB
Directory structure:
gitextract_vsl03042/
├── .github/
│ ├── ISSUE_TEMPLATE/
│ │ ├── bug_report.yaml
│ │ └── config.yml
│ ├── aur/
│ │ ├── flux-bin/
│ │ │ ├── .SRCINFO.template
│ │ │ ├── .gitignore
│ │ │ ├── PKGBUILD.template
│ │ │ └── publish.sh
│ │ ├── flux-go/
│ │ │ ├── .SRCINFO.template
│ │ │ ├── .gitignore
│ │ │ ├── PKGBUILD.template
│ │ │ └── publish.sh
│ │ └── flux-scm/
│ │ ├── .SRCINFO.template
│ │ ├── .gitignore
│ │ ├── PKGBUILD.template
│ │ └── publish.sh
│ ├── dependabot.yml
│ ├── kind/
│ │ └── config.yaml
│ ├── labels.yaml
│ ├── runners/
│ │ ├── README.md
│ │ ├── prereq.sh
│ │ └── runner-setup.sh
│ └── workflows/
│ ├── README.md
│ ├── action.yaml
│ ├── backport.yaml
│ ├── conformance.yaml
│ ├── e2e-azure.yaml
│ ├── e2e-bootstrap.yaml
│ ├── e2e-gcp.yaml
│ ├── e2e.yaml
│ ├── ossf.yaml
│ ├── release.yaml
│ ├── scan.yaml
│ ├── sync-labels.yaml
│ ├── update.yaml
│ └── upgrade-fluxcd-pkg.yaml
├── .gitignore
├── .goreleaser.yml
├── .scorecard.yml
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── DCO
├── Dockerfile
├── LICENSE
├── MAINTAINERS
├── Makefile
├── README.md
├── action/
│ ├── README.md
│ └── action.yml
├── cmd/
│ └── flux/
│ ├── alert.go
│ ├── alert_provider.go
│ ├── artifact.go
│ ├── bootstrap.go
│ ├── bootstrap_bitbucket_server.go
│ ├── bootstrap_git.go
│ ├── bootstrap_gitea.go
│ ├── bootstrap_github.go
│ ├── bootstrap_gitlab.go
│ ├── build.go
│ ├── build_artifact.go
│ ├── build_artifact_test.go
│ ├── build_kustomization.go
│ ├── build_kustomization_test.go
│ ├── check.go
│ ├── check_test.go
│ ├── cluster_info.go
│ ├── cluster_info_test.go
│ ├── completion.go
│ ├── completion_bash.go
│ ├── completion_fish.go
│ ├── completion_powershell.go
│ ├── completion_zsh.go
│ ├── create.go
│ ├── create_alert.go
│ ├── create_alertprovider.go
│ ├── create_helmrelease.go
│ ├── create_helmrelease_test.go
│ ├── create_image.go
│ ├── create_image_policy.go
│ ├── create_image_repository.go
│ ├── create_image_update.go
│ ├── create_kustomization.go
│ ├── create_receiver.go
│ ├── create_secret.go
│ ├── create_secret_git.go
│ ├── create_secret_git_test.go
│ ├── create_secret_github_app.go
│ ├── create_secret_githubapp_test.go
│ ├── create_secret_helm.go
│ ├── create_secret_helm_test.go
│ ├── create_secret_notation.go
│ ├── create_secret_notation_test.go
│ ├── create_secret_oci.go
│ ├── create_secret_oci_test.go
│ ├── create_secret_proxy.go
│ ├── create_secret_proxy_test.go
│ ├── create_secret_tls.go
│ ├── create_secret_tls_test.go
│ ├── create_source.go
│ ├── create_source_bucket.go
│ ├── create_source_chart.go
│ ├── create_source_chart_test.go
│ ├── create_source_git.go
│ ├── create_source_git_test.go
│ ├── create_source_helm.go
│ ├── create_source_helm_test.go
│ ├── create_source_oci.go
│ ├── create_source_oci_test.go
│ ├── create_tenant.go
│ ├── create_tenant_test.go
│ ├── create_test.go
│ ├── debug.go
│ ├── debug_helmrelease.go
│ ├── debug_helmrelease_test.go
│ ├── debug_kustomization.go
│ ├── debug_kustomization_test.go
│ ├── delete.go
│ ├── delete_alert.go
│ ├── delete_alertprovider.go
│ ├── delete_helmrelease.go
│ ├── delete_image.go
│ ├── delete_image_policy.go
│ ├── delete_image_repository.go
│ ├── delete_image_update.go
│ ├── delete_kustomization.go
│ ├── delete_receiver.go
│ ├── delete_source.go
│ ├── delete_source_bucket.go
│ ├── delete_source_chart.go
│ ├── delete_source_git.go
│ ├── delete_source_helm.go
│ ├── delete_source_oci.go
│ ├── diff.go
│ ├── diff_artifact.go
│ ├── diff_artifact_test.go
│ ├── diff_kustomization.go
│ ├── diff_kustomization_test.go
│ ├── docgen.go
│ ├── envsubst.go
│ ├── envsubst_test.go
│ ├── events.go
│ ├── events_test.go
│ ├── export.go
│ ├── export_alert.go
│ ├── export_alertprovider.go
│ ├── export_artifact.go
│ ├── export_artifact_generator.go
│ ├── export_helmrelease.go
│ ├── export_image.go
│ ├── export_image_policy.go
│ ├── export_image_repository.go
│ ├── export_image_update.go
│ ├── export_kustomization.go
│ ├── export_receiver.go
│ ├── export_secret.go
│ ├── export_source.go
│ ├── export_source_bucket.go
│ ├── export_source_chart.go
│ ├── export_source_external.go
│ ├── export_source_git.go
│ ├── export_source_helm.go
│ ├── export_source_oci.go
│ ├── export_test.go
│ ├── get.go
│ ├── get_alert.go
│ ├── get_alertprovider.go
│ ├── get_all.go
│ ├── get_artifact.go
│ ├── get_artifact_generator.go
│ ├── get_helmrelease.go
│ ├── get_image.go
│ ├── get_image_all.go
│ ├── get_image_policy.go
│ ├── get_image_repository.go
│ ├── get_image_update.go
│ ├── get_kustomization.go
│ ├── get_receiver.go
│ ├── get_source.go
│ ├── get_source_all.go
│ ├── get_source_bucket.go
│ ├── get_source_chart.go
│ ├── get_source_external.go
│ ├── get_source_git.go
│ ├── get_source_helm.go
│ ├── get_source_oci.go
│ ├── get_test.go
│ ├── helmrelease.go
│ ├── helmrelease_test.go
│ ├── image.go
│ ├── image_test.go
│ ├── install.go
│ ├── install_test.go
│ ├── kustomization.go
│ ├── kustomization_test.go
│ ├── list.go
│ ├── list_artifact.go
│ ├── log.go
│ ├── logs.go
│ ├── logs_e2e_test.go
│ ├── logs_unit_test.go
│ ├── main.go
│ ├── main_e2e_test.go
│ ├── main_test.go
│ ├── main_unit_test.go
│ ├── manifests.embed.go
│ ├── migrate.go
│ ├── migrate_test.go
│ ├── object.go
│ ├── oci.go
│ ├── pull.go
│ ├── pull_artifact.go
│ ├── push.go
│ ├── push_artifact.go
│ ├── readiness.go
│ ├── readiness_test.go
│ ├── receiver.go
│ ├── reconcile.go
│ ├── reconcile_helmrelease.go
│ ├── reconcile_image.go
│ ├── reconcile_image_policy.go
│ ├── reconcile_image_repository.go
│ ├── reconcile_image_updateauto.go
│ ├── reconcile_kustomization.go
│ ├── reconcile_receiver.go
│ ├── reconcile_source.go
│ ├── reconcile_source_bucket.go
│ ├── reconcile_source_chart.go
│ ├── reconcile_source_git.go
│ ├── reconcile_source_helm.go
│ ├── reconcile_source_oci.go
│ ├── reconcile_with_source.go
│ ├── resume.go
│ ├── resume_alert.go
│ ├── resume_alertprovider.go
│ ├── resume_helmrelease.go
│ ├── resume_image.go
│ ├── resume_image_policy.go
│ ├── resume_image_repository.go
│ ├── resume_image_updateauto.go
│ ├── resume_kustomization.go
│ ├── resume_receiver.go
│ ├── resume_source.go
│ ├── resume_source_bucket.go
│ ├── resume_source_chart.go
│ ├── resume_source_git.go
│ ├── resume_source_helm.go
│ ├── resume_source_oci.go
│ ├── source.go
│ ├── source_oci_test.go
│ ├── stats.go
│ ├── status.go
│ ├── suspend.go
│ ├── suspend_alert.go
│ ├── suspend_alertprovider.go
│ ├── suspend_helmrelease.go
│ ├── suspend_image.go
│ ├── suspend_image_policy.go
│ ├── suspend_image_repository.go
│ ├── suspend_image_updateauto.go
│ ├── suspend_kustomization.go
│ ├── suspend_receiver.go
│ ├── suspend_source.go
│ ├── suspend_source_bucket.go
│ ├── suspend_source_chart.go
│ ├── suspend_source_git.go
│ ├── suspend_source_helm.go
│ ├── suspend_source_oci.go
│ ├── tag.go
│ ├── tag_artifact.go
│ ├── testdata/
│ │ ├── build-kustomization/
│ │ │ ├── delete-service/
│ │ │ │ ├── deployment.yaml
│ │ │ │ ├── hpa.yaml
│ │ │ │ └── kustomization.yaml
│ │ │ ├── ignore/
│ │ │ │ ├── .sourceignore
│ │ │ │ ├── configmap.yaml
│ │ │ │ ├── not_deployable/
│ │ │ │ │ └── ignore_svc.yaml
│ │ │ │ └── secret.yaml
│ │ │ ├── my-app/
│ │ │ │ └── configmap.yaml
│ │ │ ├── podinfo/
│ │ │ │ ├── deployment.yaml
│ │ │ │ ├── dockerconfigjson-sops-secret.yaml
│ │ │ │ ├── hpa.yaml
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── service.yaml
│ │ │ │ ├── stringdata-secret.yaml
│ │ │ │ └── token.encrypted
│ │ │ ├── podinfo-kustomization.yaml
│ │ │ ├── podinfo-result.yaml
│ │ │ ├── podinfo-source.yaml
│ │ │ ├── podinfo-with-ignore-result.yaml
│ │ │ ├── podinfo-with-my-app/
│ │ │ │ ├── kustomization.yaml
│ │ │ │ └── my-app.yaml
│ │ │ ├── podinfo-with-my-app-result.yaml
│ │ │ ├── podinfo-with-var-substitution-result.yaml
│ │ │ ├── podinfo-without-service-result.yaml
│ │ │ └── var-substitution/
│ │ │ ├── cluster.json
│ │ │ ├── deployment.yaml
│ │ │ └── kustomization.yaml
│ │ ├── check/
│ │ │ └── check_pre.golden
│ │ ├── cluster_info/
│ │ │ └── gitrepositories.yaml
│ │ ├── create_hr/
│ │ │ ├── basic.yaml
│ │ │ ├── hc_basic.yaml
│ │ │ ├── or_basic.yaml
│ │ │ └── setup-source.yaml
│ │ ├── create_secret/
│ │ │ ├── git/
│ │ │ │ ├── ecdsa-password.private
│ │ │ │ ├── ecdsa.private
│ │ │ │ ├── git-bearer-token.yaml
│ │ │ │ ├── git-ssh-secret-password.yaml
│ │ │ │ ├── git-ssh-secret.yaml
│ │ │ │ ├── secret-ca-crt.yaml
│ │ │ │ └── secret-git-basic.yaml
│ │ │ ├── githubapp/
│ │ │ │ ├── secret-with-baseurl.yaml
│ │ │ │ ├── secret.yaml
│ │ │ │ └── test-private-key.pem
│ │ │ ├── helm/
│ │ │ │ └── secret-helm.yaml
│ │ │ ├── notation/
│ │ │ │ ├── invalid-trust-policy.json
│ │ │ │ ├── invalid.json
│ │ │ │ ├── secret-ca-crt.yaml
│ │ │ │ ├── secret-ca-multi.yaml
│ │ │ │ ├── secret-ca-pem.yaml
│ │ │ │ ├── test-ca.crt
│ │ │ │ ├── test-ca2.crt
│ │ │ │ └── test-trust-policy.json
│ │ │ ├── oci/
│ │ │ │ └── create-secret.yaml
│ │ │ ├── proxy/
│ │ │ │ └── secret-proxy.yaml
│ │ │ └── tls/
│ │ │ ├── secret-tls.yaml
│ │ │ ├── test-ca.pem
│ │ │ ├── test-cert.pem
│ │ │ └── test-key.pem
│ │ ├── create_source_chart/
│ │ │ ├── basic.yaml
│ │ │ ├── setup-source.yaml
│ │ │ ├── verify_basic.yaml
│ │ │ └── verify_complete.yaml
│ │ ├── create_source_git/
│ │ │ ├── export.golden
│ │ │ ├── source-git-branch-commit.yaml
│ │ │ ├── source-git-branch.yaml
│ │ │ ├── source-git-commit.yaml
│ │ │ ├── source-git-provider-azure.yaml
│ │ │ ├── source-git-provider-generic.yaml
│ │ │ ├── source-git-provider-github.yaml
│ │ │ ├── source-git-refname.yaml
│ │ │ ├── source-git-semver.yaml
│ │ │ ├── source-git-tag.yaml
│ │ │ └── success.golden
│ │ ├── create_source_helm/
│ │ │ ├── https.golden
│ │ │ ├── oci-with-secret.golden
│ │ │ └── oci.golden
│ │ ├── create_tenant/
│ │ │ ├── tenant-basic.yaml
│ │ │ ├── tenant-with-cluster-role.yaml
│ │ │ ├── tenant-with-service-account.yaml
│ │ │ └── tenant-with-skip-namespace.yaml
│ │ ├── debug_helmrelease/
│ │ │ ├── history-empty.golden.yaml
│ │ │ ├── history.golden.yaml
│ │ │ ├── objects.yaml
│ │ │ ├── status.golden.yaml
│ │ │ ├── values-from.golden.yaml
│ │ │ └── values-inline.golden.yaml
│ │ ├── debug_kustomization/
│ │ │ ├── history-empty.golden.yaml
│ │ │ ├── history.golden.yaml
│ │ │ ├── objects.yaml
│ │ │ ├── status.golden.yaml
│ │ │ ├── vars-from.golden.env
│ │ │ └── vars.golden.env
│ │ ├── diff-artifact/
│ │ │ ├── deployment-diff.yaml
│ │ │ ├── deployment.yaml
│ │ │ └── success.golden
│ │ ├── diff-kustomization/
│ │ │ ├── deployment.yaml
│ │ │ ├── diff-with-deployment.golden
│ │ │ ├── diff-with-dockerconfigjson-sops-secret.golden
│ │ │ ├── diff-with-drifted-key-sops-secret.golden
│ │ │ ├── diff-with-drifted-secret.golden
│ │ │ ├── diff-with-drifted-service.golden
│ │ │ ├── diff-with-drifted-stringdata-sops-secret.golden
│ │ │ ├── diff-with-drifted-value-sops-secret.golden
│ │ │ ├── diff-with-recursive.golden
│ │ │ ├── dockerconfigjson-sops-secret.yaml
│ │ │ ├── flux-kustomization-multiobj.yaml
│ │ │ ├── key-sops-secret.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── my-app.yaml
│ │ │ ├── nothing-is-deployed.golden
│ │ │ ├── secret.yaml
│ │ │ ├── service.yaml
│ │ │ ├── stringdata-sops-secret.yaml
│ │ │ └── value-sops-secret.yaml
│ │ ├── envsubst/
│ │ │ ├── file.gold
│ │ │ └── file.yaml
│ │ ├── export/
│ │ │ ├── alert.yaml
│ │ │ ├── bucket.yaml
│ │ │ ├── external-artifact.yaml
│ │ │ ├── git-repo.yaml
│ │ │ ├── helm-chart.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── helm-repo.yaml
│ │ │ ├── image-policy.yaml
│ │ │ ├── image-repo.yaml
│ │ │ ├── image-update.yaml
│ │ │ ├── ks.yaml
│ │ │ ├── objects.yaml
│ │ │ ├── provider.yaml
│ │ │ └── receiver.yaml
│ │ ├── get/
│ │ │ ├── get.golden
│ │ │ ├── get_label_one.golden
│ │ │ ├── get_label_two.golden
│ │ │ └── objects.yaml
│ │ ├── helmrelease/
│ │ │ ├── create_helmrelease_from_git.golden
│ │ │ ├── create_source_git.golden
│ │ │ ├── delete_helmrelease_from_git.golden
│ │ │ ├── get_helmrelease_from_git.golden
│ │ │ ├── reconcile_helmrelease_from_git.golden
│ │ │ ├── resume_helmrelease_from_git.golden
│ │ │ └── suspend_helmrelease_from_git.golden
│ │ ├── image/
│ │ │ ├── create_image_policy.golden
│ │ │ ├── create_image_repository.golden
│ │ │ ├── get_image_policy_regex.golden
│ │ │ ├── get_image_policy_semver.golden
│ │ │ ├── reconcile_image_policy.golden
│ │ │ ├── resume_image_policy.golden
│ │ │ └── suspend_image_policy.golden
│ │ ├── kustomization/
│ │ │ ├── create_kustomization_from_git.golden
│ │ │ ├── create_source_git.golden
│ │ │ ├── delete_kustomization_from_git.golden
│ │ │ ├── get_kustomization_from_git.golden
│ │ │ ├── reconcile_kustomization_from_git.golden
│ │ │ ├── resume_kustomization_from_git.golden
│ │ │ ├── resume_kustomization_from_git_multiple_args.golden
│ │ │ ├── resume_kustomization_from_git_multiple_args_wait.golden
│ │ │ ├── suspend_kustomization_from_git.golden
│ │ │ └── suspend_kustomization_from_git_multiple_args.golden
│ │ ├── logs/
│ │ │ ├── all-logs.txt
│ │ │ ├── kind.txt
│ │ │ ├── log-level.txt
│ │ │ ├── multiple-filters.txt
│ │ │ └── namespace.txt
│ │ ├── migrate/
│ │ │ └── file-system/
│ │ │ ├── dir/
│ │ │ │ ├── some-dir/
│ │ │ │ │ ├── another-file
│ │ │ │ │ ├── another-file.yaml
│ │ │ │ │ └── another-file.yml
│ │ │ │ ├── some-file
│ │ │ │ ├── some-file.yaml
│ │ │ │ └── some-file.yml
│ │ │ ├── dir.golden/
│ │ │ │ ├── some-dir/
│ │ │ │ │ ├── another-file
│ │ │ │ │ ├── another-file.yaml
│ │ │ │ │ └── another-file.yml
│ │ │ │ ├── some-file
│ │ │ │ ├── some-file.yaml
│ │ │ │ └── some-file.yml
│ │ │ ├── dir.output.golden
│ │ │ ├── single-file-wrong-ext.json
│ │ │ ├── single-file.yaml
│ │ │ ├── single-file.yaml.golden
│ │ │ └── single-file.yaml.output.golden
│ │ ├── oci/
│ │ │ ├── create_source_oci.golden
│ │ │ ├── delete_oci.golden
│ │ │ ├── export.golden
│ │ │ ├── export_with_complete_verification.golden
│ │ │ ├── export_with_issuer.golden
│ │ │ ├── export_with_secret.golden
│ │ │ ├── export_with_subject.golden
│ │ │ ├── export_with_verify_secret.golden
│ │ │ ├── get_oci.golden
│ │ │ ├── reconcile_oci.golden
│ │ │ ├── resume_oci.golden
│ │ │ └── suspend_oci.golden
│ │ ├── trace/
│ │ │ ├── deployment-hr-ocirepo.golden
│ │ │ ├── deployment-hr-ocirepo.yaml
│ │ │ ├── deployment.golden
│ │ │ ├── deployment.yaml
│ │ │ ├── helmrelease-oci.golden
│ │ │ ├── helmrelease-oci.yaml
│ │ │ ├── helmrelease.golden
│ │ │ └── helmrelease.yaml
│ │ └── tree/
│ │ ├── kustomizations.yaml
│ │ ├── tree-compact.golden
│ │ ├── tree-empty.golden
│ │ └── tree.golden
│ ├── trace.go
│ ├── trace_test.go
│ ├── tree.go
│ ├── tree_artifact.go
│ ├── tree_artifact_generator.go
│ ├── tree_kustomization.go
│ ├── tree_kustomization_test.go
│ ├── uninstall.go
│ ├── version.go
│ ├── version_test.go
│ ├── version_utils.go
│ └── version_utils_test.go
├── docs/
│ └── release/
│ ├── README.md
│ └── release-notes-template.md
├── go.mod
├── go.sum
├── install/
│ ├── README.md
│ └── flux.sh
├── internal/
│ ├── build/
│ │ ├── build.go
│ │ ├── build_test.go
│ │ ├── diff.go
│ │ └── testdata/
│ │ └── local-kustomization/
│ │ ├── different-name.yaml
│ │ ├── invalid-resource.yaml
│ │ ├── multi-doc-reset.yaml
│ │ ├── multi-doc-valid.yaml
│ │ ├── no-ns.yaml
│ │ └── valid.yaml
│ ├── flags/
│ │ ├── crds.go
│ │ ├── crds_test.go
│ │ ├── decryption_provider.go
│ │ ├── decryption_provider_test.go
│ │ ├── ecdsa_curve.go
│ │ ├── ecdsa_curve_test.go
│ │ ├── gitlab_visibility.go
│ │ ├── gitlab_visibility_test.go
│ │ ├── helm_chart_source.go
│ │ ├── helm_chart_source_test.go
│ │ ├── kustomization_source.go
│ │ ├── kustomization_source_test.go
│ │ ├── local_helm_chart_source.go
│ │ ├── log_level.go
│ │ ├── log_level_test.go
│ │ ├── public_key_algorithm.go
│ │ ├── public_key_algorithm_test.go
│ │ ├── rsa_key_bits.go
│ │ ├── rsa_key_bits_test.go
│ │ ├── safe_relative_path.go
│ │ ├── safe_relative_path_test.go
│ │ ├── source_bucket_provider.go
│ │ ├── source_bucket_provider_test.go
│ │ ├── source_git_provider.go
│ │ ├── source_oci_provider.go
│ │ ├── source_oci_verify_provider.go
│ │ └── source_oci_verify_provider_test.go
│ ├── tree/
│ │ └── tree.go
│ └── utils/
│ ├── apply.go
│ ├── hex.go
│ ├── hex_test.go
│ ├── testdata/
│ │ ├── components-with-crds.yaml
│ │ └── components-without-crds.yaml
│ ├── utils.go
│ └── utils_test.go
├── manifests/
│ ├── bases/
│ │ ├── helm-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── image-automation-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── image-reflector-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── kustomize-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── notification-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── source-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ └── source-watcher/
│ │ ├── account.yaml
│ │ ├── kustomization.yaml
│ │ ├── labels.yaml
│ │ └── patch.yaml
│ ├── crds/
│ │ └── kustomization.yaml
│ ├── install/
│ │ ├── kustomization.yaml
│ │ ├── labels.yaml
│ │ └── namespace.yaml
│ ├── monitoring/
│ │ └── README.md
│ ├── openshift/
│ │ ├── kustomization.yaml
│ │ ├── labels.yaml
│ │ ├── namespace.yaml
│ │ └── scc.yaml
│ ├── policies/
│ │ ├── allow-egress.yaml
│ │ ├── allow-scraping.yaml
│ │ ├── allow-webhooks.yaml
│ │ └── kustomization.yaml
│ ├── rbac/
│ │ ├── controller.yaml
│ │ ├── edit.yaml
│ │ ├── kustomization.yaml
│ │ ├── reconciler.yaml
│ │ ├── resourcequota.yaml
│ │ └── view.yaml
│ ├── scripts/
│ │ └── bundle.sh
│ └── test/
│ ├── kustomization.yaml
│ ├── labels.yaml
│ └── namespace.yaml
├── netlify.toml
├── pkg/
│ ├── bootstrap/
│ │ ├── bootstrap.go
│ │ ├── bootstrap_plain_git.go
│ │ ├── bootstrap_provider.go
│ │ ├── bootstrap_test.go
│ │ ├── options.go
│ │ └── provider/
│ │ ├── factory.go
│ │ └── provider.go
│ ├── log/
│ │ ├── log.go
│ │ └── nop.go
│ ├── manifestgen/
│ │ ├── doc.go
│ │ ├── install/
│ │ │ ├── install.go
│ │ │ ├── install_test.go
│ │ │ ├── manifests.go
│ │ │ ├── options.go
│ │ │ └── templates.go
│ │ ├── kustomization/
│ │ │ ├── kustomization.go
│ │ │ └── options.go
│ │ ├── labels.go
│ │ ├── manifest.go
│ │ ├── sourcesecret/
│ │ │ ├── options.go
│ │ │ ├── sourcesecret.go
│ │ │ ├── sourcesecret_test.go
│ │ │ └── testdata/
│ │ │ ├── password_rsa
│ │ │ ├── password_rsa.pub
│ │ │ ├── rsa
│ │ │ └── rsa.pub
│ │ ├── sync/
│ │ │ ├── options.go
│ │ │ ├── sync.go
│ │ │ └── sync_test.go
│ │ └── tmpdir.go
│ ├── printers/
│ │ ├── dyff.go
│ │ ├── interface.go
│ │ └── table_printer.go
│ ├── status/
│ │ └── status.go
│ └── uninstall/
│ └── uninstall.go
├── rfcs/
│ ├── 0001-authorization/
│ │ └── README.md
│ ├── 0002-helm-oci/
│ │ └── README.md
│ ├── 0003-kubernetes-oci/
│ │ └── README.md
│ ├── 0004-insecure-http/
│ │ └── README.md
│ ├── 0005-artifact-revision-and-digest/
│ │ └── README.md
│ ├── 0006-cdevents/
│ │ └── README.md
│ ├── 0007-git-repo-passwordless-auth/
│ │ └── README.md
│ ├── 0008-custom-event-metadata-from-annotations/
│ │ └── README.md
│ ├── 0009-custom-health-checks/
│ │ └── README.md
│ ├── 0010-multi-tenant-workload-identity/
│ │ └── README.md
│ ├── 0011-opentelemetry-tracing/
│ │ └── README.md
│ ├── 0012-external-artifact/
│ │ └── README.md
│ ├── README.md
│ └── RFC-0000/
│ └── README.md
└── tests/
├── .gitignore
├── bootstrap/
│ └── main.go
├── image-automation/
│ ├── auto.yaml
│ ├── kustomization.yaml
│ └── main.go
└── integration/
├── Makefile
├── README.md
├── azure_specific_test.go
├── azure_test.go
├── flux_test.go
├── gcp_test.go
├── go.mod
├── go.sum
├── image_repo_test.go
├── notification_test.go
├── oci_test.go
├── sops_encryption_test.go
├── suite_test.go
├── terraform/
│ ├── azure/
│ │ ├── aks.tf
│ │ ├── azuredevops.tf
│ │ ├── event-hub.tf
│ │ ├── keyvault.tf
│ │ ├── main.tf
│ │ ├── outputs.tf
│ │ └── variables.tf
│ └── gcp/
│ ├── gke.tf
│ ├── kms.tf
│ ├── main.tf
│ ├── outputs.tf
│ ├── pubsub.tf
│ ├── sourcerepo.tf
│ └── variables.tf
└── util_test.go
================================================
FILE CONTENTS
================================================
================================================
FILE: .github/ISSUE_TEMPLATE/bug_report.yaml
================================================
---
name: Bug report
description: Create a report to help us improve Flux
body:
- type: markdown
attributes:
value: |
## Support
Find out more about your support options and getting help at: https://fluxcd.io/support/
- type: textarea
validations:
required: true
attributes:
label: Describe the bug
description: A clear description of what the bug is.
- type: textarea
validations:
required: true
attributes:
label: Steps to reproduce
description: |
Steps to reproduce the problem.
placeholder: |
For example:
1. Install Flux with the additional image automation controllers
2. Run command '...'
3. See error
- type: textarea
validations:
required: true
attributes:
label: Expected behavior
description: A brief description of what you expected to happen.
- type: textarea
attributes:
label: Screenshots and recordings
description: |
If applicable, add screenshots to help explain your problem. You can also record an asciinema session: https://asciinema.org/
- type: input
validations:
required: true
attributes:
label: OS / Distro
description: The OS / distro you are executing `flux` on. If not applicable, write `N/A`.
placeholder: e.g. Windows 10, Ubuntu 20.04, Arch Linux, macOS 10.15...
- type: input
validations:
required: true
attributes:
label: Flux version
description: Run `flux version --client`. If not applicable, write `N/A`.
placeholder: e.g. v0.20.1
- type: textarea
validations:
required: true
attributes:
label: Flux check
description: Run `flux check`. If not applicable, write `N/A`.
placeholder: |
For example:
► checking prerequisites
✔ Kubernetes 1.21.1 >=1.19.0-0
► checking controllers
✔ all checks passed
- type: input
attributes:
label: Git provider
description: If applicable, add the Git provider you are having problems with, e.g. GitHub (Enterprise), GitLab, etc.
- type: input
attributes:
label: Container Registry provider
description: If applicable, add the Container Registry provider you are having problems with, e.g. DockerHub, GitHub Packages, Quay.io, etc.
- type: textarea
attributes:
label: Additional context
description: Add any other context about the problem here. This can be logs (e.g. output from `flux logs`), environment specific caveats, etc.
- type: checkboxes
id: terms
attributes:
label: Code of Conduct
description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/fluxcd/.github/blob/main/CODE_OF_CONDUCT.md)
options:
- label: I agree to follow this project's Code of Conduct
required: true
================================================
FILE: .github/ISSUE_TEMPLATE/config.yml
================================================
blank_issues_enabled: true
contact_links:
- name: Ask a question
url: https://github.com/fluxcd/flux2/discussions
about: Please ask and answer questions here.
================================================
FILE: .github/aur/flux-bin/.SRCINFO.template
================================================
pkgbase = flux-bin
pkgdesc = Open and extensible continuous delivery solution for Kubernetes
pkgver = ${PKGVER}
pkgrel = ${PKGREL}
url = https://fluxcd.io/
arch = x86_64
arch = armv7h
arch = aarch64
license = APACHE
optdepends = bash-completion: auto-completion for flux in Bash
optdepends = zsh-completions: auto-completion for flux in ZSH
source_x86_64 = flux-bin-${PKGVER}_linux_amd64.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${VERSION}/flux_${VERSION}_linux_amd64.tar.gz
sha256sums_x86_64 = ${SHA256SUM_AMD64}
source_armv7h = flux-bin-${PKGVER}_linux_arm.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${VERSION}/flux_${VERSION}_linux_arm.tar.gz
sha256sums_armv7h = ${SHA256SUM_ARM}
source_aarch64 = flux-bin-${PKGVER}_linux_arm64.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${VERSION}/flux_${VERSION}_linux_arm64.tar.gz
sha256sums_aarch64 = ${SHA256SUM_ARM64}
pkgname = flux-bin
================================================
FILE: .github/aur/flux-bin/.gitignore
================================================
.pkg
================================================
FILE: .github/aur/flux-bin/PKGBUILD.template
================================================
# Maintainer: Aurel Canciu <aurelcanciu@gmail.com>
# Maintainer: Hidde Beydals <hello@hidde.co>
pkgname=flux-bin
pkgver=${PKGVER}
pkgrel=${PKGREL}
_srcname=flux
_srcver=${VERSION}
pkgdesc="Open and extensible continuous delivery solution for Kubernetes"
url="https://fluxcd.io/"
arch=("x86_64" "armv7h" "aarch64")
license=("APACHE")
optdepends=('bash-completion: auto-completion for flux in Bash'
'zsh-completions: auto-completion for flux in ZSH')
source_x86_64=(
"${pkgname}-${pkgver}_linux_amd64.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${_srcver}/flux_${_srcver}_linux_amd64.tar.gz"
)
source_armv7h=(
"${pkgname}-${pkgver}_linux_arm.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${_srcver}/flux_${_srcver}_linux_arm.tar.gz"
)
source_aarch64=(
"${pkgname}-${pkgver}_linux_arm64.tar.gz::https://github.com/fluxcd/flux2/releases/download/v${_srcver}/flux_${_srcver}_linux_arm64.tar.gz"
)
sha256sums_x86_64=(
${SHA256SUM_AMD64}
)
sha256sums_armv7h=(
${SHA256SUM_ARM}
)
sha256sums_aarch64=(
${SHA256SUM_ARM64}
)
package() {
install -Dm755 ${_srcname} "${pkgdir}/usr/bin/${_srcname}"
"${pkgdir}/usr/bin/${_srcname}" completion bash | install -Dm644 /dev/stdin "${pkgdir}/usr/share/bash-completion/completions/${_srcname}"
"${pkgdir}/usr/bin/${_srcname}" completion fish | install -Dm644 /dev/stdin "${pkgdir}/usr/share/fish/vendor_completions.d/${_srcname}.fish"
"${pkgdir}/usr/bin/${_srcname}" completion zsh | install -Dm644 /dev/stdin "${pkgdir}/usr/share/zsh/site-functions/_${_srcname}"
}
================================================
FILE: .github/aur/flux-bin/publish.sh
================================================
#!/usr/bin/env bash
set -e
WD=$(cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)
PKGNAME=$(basename $WD)
ROOT=${WD%/.github/aur/$PKGNAME}
LOCKFILE=/tmp/aur-$PKGNAME.lock
exec 100>$LOCKFILE || exit 0
flock -n 100 || exit 0
trap "rm -f $LOCKFILE" EXIT
export VERSION=$1
echo "Publishing to AUR as version ${VERSION}"
cd $WD
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
eval $(ssh-agent -s)
ssh-add <(echo "$AUR_BOT_SSH_PRIVATE_KEY")
GITDIR=$(mktemp -d /tmp/aur-$PKGNAME-XXX)
trap "rm -rf $GITDIR" EXIT
git clone aur@aur.archlinux.org:$PKGNAME $GITDIR 2>&1
CURRENT_PKGVER=$(cat $GITDIR/.SRCINFO | grep pkgver | awk '{ print $3 }')
CURRENT_PKGREL=$(cat $GITDIR/.SRCINFO | grep pkgrel | awk '{ print $3 }')
# Transform pre-release to AUR compatible version format
export PKGVER=${VERSION/-/}
if [[ "${CURRENT_PKGVER}" == "${PKGVER}" ]]; then
export PKGREL=$((CURRENT_PKGREL+1))
else
export PKGREL=1
fi
export SHA256SUM_ARM=$(sha256sum ${ROOT}/dist/flux_${VERSION}_linux_arm.tar.gz | awk '{ print $1 }')
export SHA256SUM_ARM64=$(sha256sum ${ROOT}/dist/flux_${VERSION}_linux_arm64.tar.gz | awk '{ print $1 }')
export SHA256SUM_AMD64=$(sha256sum ${ROOT}/dist/flux_${VERSION}_linux_amd64.tar.gz | awk '{ print $1 }')
envsubst '$VERSION $PKGVER $PKGREL $SHA256SUM_AMD64 $SHA256SUM_ARM $SHA256SUM_ARM64' < .SRCINFO.template > $GITDIR/.SRCINFO
envsubst '$VERSION $PKGVER $PKGREL $SHA256SUM_AMD64 $SHA256SUM_ARM $SHA256SUM_ARM64' < PKGBUILD.template > $GITDIR/PKGBUILD
cd $GITDIR
git config user.name "fluxcdbot"
git config user.email "fluxcdbot@users.noreply.github.com"
git add -A
if [ -z "$(git status --porcelain)" ]; then
echo "No changes."
else
git commit -m "Updated to version v${PKGVER} release ${PKGREL}"
git push origin master
fi
================================================
FILE: .github/aur/flux-go/.SRCINFO.template
================================================
pkgbase = flux-go
pkgdesc = Open and extensible continuous delivery solution for Kubernetes
pkgver = ${PKGVER}
pkgrel = ${PKGREL}
url = https://fluxcd.io/
arch = x86_64
arch = armv7h
arch = aarch64
license = APACHE
makedepends = go
depends = glibc
provides = flux-bin
conflicts = flux-bin
replaces = flux-cli
source = flux-go-${PKGVER}.tar.gz::https://github.com/fluxcd/flux2/archive/v${VERSION}.tar.gz
pkgname = flux-go
================================================
FILE: .github/aur/flux-go/.gitignore
================================================
.pkg
================================================
FILE: .github/aur/flux-go/PKGBUILD.template
================================================
# Maintainer: Aurel Canciu <aurelcanciu@gmail.com>
# Maintainer: Hidde Beydals <hello@hidde.co>
pkgname=flux-go
pkgver=${PKGVER}
pkgrel=${PKGREL}
_srcname=flux
_srcver=${VERSION}
pkgdesc="Open and extensible continuous delivery solution for Kubernetes"
url="https://fluxcd.io/"
arch=("x86_64" "armv7h" "aarch64")
license=("APACHE")
provides=("flux-bin")
conflicts=("flux-bin")
replaces=("flux-cli")
depends=("glibc")
makedepends=('go>=1.20', 'kustomize>=5.0')
optdepends=('bash-completion: auto-completion for flux in Bash',
'zsh-completions: auto-completion for flux in ZSH')
source=(
"${pkgname}-${pkgver}.tar.gz::https://github.com/fluxcd/flux2/archive/v${_srcver}.tar.gz"
)
sha256sums=(
${SHA256SUM}
)
build() {
cd "flux2-${_srcver}"
export CGO_LDFLAGS="$LDFLAGS"
export CGO_CFLAGS="$CFLAGS"
export CGO_CXXFLAGS="$CXXFLAGS"
export CGO_CPPFLAGS="$CPPFLAGS"
export GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw"
make cmd/flux/.manifests.done
go build -ldflags "-linkmode=external -X main.VERSION=${_srcver}" -o ${_srcname} ./cmd/flux
}
check() {
cd "flux2-${_srcver}"
case $CARCH in
aarch64)
export ENVTEST_ARCH=arm64
;;
armv7h)
export ENVTEST_ARCH=arm
;;
esac
make test
}
package() {
cd "flux2-${_srcver}"
install -Dm755 ${_srcname} "${pkgdir}/usr/bin/${_srcname}"
install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
"${pkgdir}/usr/bin/${_srcname}" completion bash | install -Dm644 /dev/stdin "${pkgdir}/usr/share/bash-completion/completions/${_srcname}"
"${pkgdir}/usr/bin/${_srcname}" completion fish | install -Dm644 /dev/stdin "${pkgdir}/usr/share/fish/vendor_completions.d/${_srcname}.fish"
"${pkgdir}/usr/bin/${_srcname}" completion zsh | install -Dm644 /dev/stdin "${pkgdir}/usr/share/zsh/site-functions/_${_srcname}"
}
================================================
FILE: .github/aur/flux-go/publish.sh
================================================
#!/usr/bin/env bash
set -e
WD=$(cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)
PKGNAME=$(basename $WD)
ROOT=${WD%/.github/aur/$PKGNAME}
LOCKFILE=/tmp/aur-$PKGNAME.lock
exec 100>$LOCKFILE || exit 0
flock -n 100 || exit 0
trap "rm -f $LOCKFILE" EXIT
export VERSION=$1
echo "Publishing to AUR as version ${VERSION}"
cd $WD
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
eval $(ssh-agent -s)
ssh-add <(echo "$AUR_BOT_SSH_PRIVATE_KEY")
GITDIR=$(mktemp -d /tmp/aur-$PKGNAME-XXX)
trap "rm -rf $GITDIR" EXIT
git clone aur@aur.archlinux.org:$PKGNAME $GITDIR 2>&1
CURRENT_PKGVER=$(cat $GITDIR/.SRCINFO | grep pkgver | awk '{ print $3 }')
CURRENT_PKGREL=$(cat $GITDIR/.SRCINFO | grep pkgrel | awk '{ print $3 }')
# Transform pre-release to AUR compatible version format
export PKGVER=${VERSION/-/}
if [[ "${CURRENT_PKGVER}" == "${PKGVER}" ]]; then
export PKGREL=$((CURRENT_PKGREL+1))
else
export PKGREL=1
fi
export SHA256SUM=$(curl -sL https://github.com/fluxcd/flux2/archive/v${VERSION}.tar.gz | sha256sum | awk '{ print $1 }')
envsubst '$VERSION $PKGVER $PKGREL $SHA256SUM' < .SRCINFO.template > $GITDIR/.SRCINFO
envsubst '$VERSION $PKGVER $PKGREL $SHA256SUM' < PKGBUILD.template > $GITDIR/PKGBUILD
cd $GITDIR
git config user.name "fluxcdbot"
git config user.email "fluxcdbot@users.noreply.github.com"
git add -A
if [ -z "$(git status --porcelain)" ]; then
echo "No changes."
else
git commit -m "Updated to version v${PKGVER} release ${PKGREL}"
git push origin master
fi
================================================
FILE: .github/aur/flux-scm/.SRCINFO.template
================================================
pkgbase = flux-scm
pkgdesc = Open and extensible continuous delivery solution for Kubernetes
pkgver = ${PKGVER}
pkgrel = ${PKGREL}
url = https://fluxcd.io/
arch = x86_64
arch = armv7h
arch = aarch64
license = APACHE
makedepends = go
depends = glibc
provides = flux-bin
conflicts = flux-bin
source = git+https://github.com/fluxcd/flux2.git
md5sums = SKIP
pkgname = flux-scm
================================================
FILE: .github/aur/flux-scm/.gitignore
================================================
.pkg
================================================
FILE: .github/aur/flux-scm/PKGBUILD.template
================================================
# Maintainer: Aurel Canciu <aurelcanciu@gmail.com>
# Maintainer: Hidde Beydals <hello@hidde.co>
pkgname=flux-scm
pkgver=${PKGVER}
pkgrel=${PKGREL}
_srcname=flux
pkgdesc="Open and extensible continuous delivery solution for Kubernetes"
url="https://fluxcd.io/"
arch=("x86_64" "armv7h" "aarch64")
license=("APACHE")
provides=("flux-bin")
conflicts=("flux-bin")
depends=("glibc")
makedepends=('go>=1.20', 'kustomize>=5.0', 'git')
optdepends=('bash-completion: auto-completion for flux in Bash',
'zsh-completions: auto-completion for flux in ZSH')
source=(
"git+https://github.com/fluxcd/flux2.git"
)
md5sums=('SKIP')
pkgver() {
cd "flux2"
printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)"
}
build() {
cd "flux2"
export CGO_LDFLAGS="$LDFLAGS"
export CGO_CFLAGS="$CFLAGS"
export CGO_CXXFLAGS="$CXXFLAGS"
export CGO_CPPFLAGS="$CPPFLAGS"
export GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw"
make cmd/flux/.manifests.done
go build -ldflags "-linkmode=external -X main.VERSION=${pkgver}" -o ${_srcname} ./cmd/flux
}
check() {
cd "flux2"
case $CARCH in
aarch64)
export ENVTEST_ARCH=arm64
;;
armv7h)
export ENVTEST_ARCH=arm
;;
esac
make test
}
package() {
cd "flux2"
install -Dm755 ${_srcname} "${pkgdir}/usr/bin/${_srcname}"
install -Dm644 LICENSE "${pkgdir}/usr/share/licenses/${pkgname}/LICENSE"
"${pkgdir}/usr/bin/${_srcname}" completion bash | install -Dm644 /dev/stdin "${pkgdir}/usr/share/bash-completion/completions/${_srcname}"
"${pkgdir}/usr/bin/${_srcname}" completion fish | install -Dm644 /dev/stdin "${pkgdir}/usr/share/fish/vendor_completions.d/${_srcname}.fish"
"${pkgdir}/usr/bin/${_srcname}" completion zsh | install -Dm644 /dev/stdin "${pkgdir}/usr/share/zsh/site-functions/_${_srcname}"
}
================================================
FILE: .github/aur/flux-scm/publish.sh
================================================
#!/usr/bin/env bash
set -e
WD=$(cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)
PKGNAME=$(basename $WD)
ROOT=${WD%/.github/aur/$PKGNAME}
LOCKFILE=/tmp/aur-$PKGNAME.lock
exec 100>$LOCKFILE || exit 0
flock -n 100 || exit 0
trap "rm -f $LOCKFILE" EXIT
export VERSION=$1
echo "Publishing to AUR as version ${VERSION}"
cd $WD
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
eval $(ssh-agent -s)
ssh-add <(echo "$AUR_BOT_SSH_PRIVATE_KEY")
GITDIR=$(mktemp -d /tmp/aur-$PKGNAME-XXX)
trap "rm -rf $GITDIR" EXIT
git clone aur@aur.archlinux.org:$PKGNAME $GITDIR 2>&1
CURRENT_PKGVER=$(cat $GITDIR/.SRCINFO | grep pkgver | awk '{ print $3 }')
CURRENT_PKGREL=$(cat $GITDIR/.SRCINFO | grep pkgrel | awk '{ print $3 }')
# Transform pre-release to AUR compatible version format
export PKGVER=${VERSION/-/}
if [[ "${CURRENT_PKGVER}" == "${PKGVER}" ]]; then
export PKGREL=$((CURRENT_PKGREL+1))
else
export PKGREL=1
fi
envsubst '$PKGVER $PKGREL' < .SRCINFO.template > $GITDIR/.SRCINFO
envsubst '$PKGVER $PKGREL' < PKGBUILD.template > $GITDIR/PKGBUILD
cd $GITDIR
git config user.name "fluxcdbot"
git config user.email "fluxcdbot@users.noreply.github.com"
git add -A
if [ -z "$(git status --porcelain)" ]; then
echo "No changes."
else
git commit -m "Updated to version v${PKGVER} release ${PKGREL}"
git push origin master
fi
================================================
FILE: .github/dependabot.yml
================================================
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
labels: ["area/ci", "dependencies"]
groups:
# Group all updates together, so that they are all applied in a single PR.
# xref: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
ci:
patterns:
- "*"
schedule:
interval: "monthly"
================================================
FILE: .github/kind/config.yaml
================================================
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
- role: worker
- role: worker
networking:
disableDefaultCNI: true # disable kindnet
podSubnet: 192.168.0.0/16 # set to Calico's default subnet
================================================
FILE: .github/labels.yaml
================================================
# Configuration file to declaratively configure labels
# Ref: https://github.com/EndBug/label-sync#Config-files
- name: area/bootstrap
description: Bootstrap related issues and pull requests
color: '#86efc9'
- name: area/install
description: Install and uninstall related issues and pull requests
color: '#86efc9'
- name: area/diff
description: Diff related issues and pull requests
color: '#BA4192'
- name: area/bucket
description: Bucket related issues and pull requests
color: '#00b140'
- name: area/git
description: Git related issues and pull requests
color: '#863faf'
- name: area/oci
description: OCI related issues and pull requests
color: '#c739ff'
- name: area/kustomization
description: Kustomization related issues and pull requests
color: '#00e54d'
- name: area/helm
description: Helm related issues and pull requests
color: '#1673b6'
- name: area/image-automation
description: Automated image updates related issues and pull requests
color: '#c5def5'
- name: area/monitoring
description: Monitoring related issues and pull requests
color: '#dd75ae'
- name: area/multi-tenancy
description: Multi-tenancy related issues and pull requests
color: '#72CDBD'
- name: area/notification
description: Notification API related issues and pull requests
color: '#434ec1'
- name: area/source
description: Source API related issues and pull requests
color: '#863faf'
- name: area/rfc
description: Feature request proposals in the RFC format
color: '#D621C3'
aliases: ['area/RFC']
- name: backport:release/v2.6.x
description: To be backported to release/v2.6.x
color: '#ffd700'
- name: backport:release/v2.7.x
description: To be backported to release/v2.7.x
color: '#ffd700'
- name: backport:release/v2.8.x
description: To be backported to release/v2.8.x
color: '#ffd700'
================================================
FILE: .github/runners/README.md
================================================
# Flux ARM64 GitHub runners
The Flux ARM64 end-to-end tests run on Equinix Metal instances provisioned with Docker and GitHub self-hosted runners.
## Current instances
| Repository | Runner | Instance | Location |
|-----------------------------|------------------|----------------|---------------|
| flux2 | equinix-arm-dc-1 | flux-arm-dc-01 | Washington DC |
| flux2 | equinix-arm-dc-2 | flux-arm-dc-01 | Washington DC |
| flux2 | equinix-arm-da-1 | flux-arm-da-01 | Dallas |
| flux2 | equinix-arm-da-2 | flux-arm-da-01 | Dallas |
| flux-benchmark | equinix-arm-dc-1 | flux-arm-dc-01 | Washington DC |
| flux-benchmark | equinix-arm-da-1 | flux-arm-da-01 | Dallas |
| source-controller | equinix-arm-dc-1 | flux-arm-dc-01 | Washington DC |
| source-controller | equinix-arm-da-1 | flux-arm-da-01 | Dallas |
| image-automation-controller | equinix-arm-dc-1 | flux-arm-dc-01 | Washington DC |
| image-automation-controller | equinix-arm-da-1 | flux-arm-da-01 | Dallas |
Instance spec:
- Ampere Altra Q80-30 80-core processor @ 2.8GHz
- 2 x 960GB NVME
- 256GB RAM
- 2 x 25Gbps
## Instance setup
In order to add a new runner to the GitHub Actions pool,
first create a server on Equinix with the following configuration:
- Type: `c3.large.arm64`
- OS: `Ubuntu 22.04 LTS`
### Install prerequisites
- SSH into a newly created instance
```shell
ssh root@<instance-public-IP>
```
- Create the ubuntu user
```shell
adduser ubuntu
usermod -aG sudo ubuntu
su - ubuntu
```
- Create the prerequisites dir
```shell
mkdir -p prereq && cd prereq
```
- Download the prerequisites script
```shell
curl -sL https://raw.githubusercontent.com/fluxcd/flux2/main/.github/runners/prereq.sh > prereq.sh \
&& chmod +x ./prereq.sh
```
- Install the prerequisites
```shell
sudo ./prereq.sh
```
### Install runners
- Retrieve the GitHub runner token from the repository [settings page](https://github.com/fluxcd/flux2/settings/actions/runners/new?arch=arm64&os=linux)
- Create two directories `flux2-01`, `flux2-02`
- In each dir run:
```shell
curl -sL https://raw.githubusercontent.com/fluxcd/flux2/main/.github/runners/runner-setup.sh > runner-setup.sh \
&& chmod +x ./runner-setup.sh
./runner-setup.sh equinix-arm-<NUMBER> <TOKEN> <REPO>
```
- Reboot the instance
```shell
sudo reboot
```
- Navigate to the GitHub repository [runners page](https://github.com/fluxcd/flux2/settings/actions/runners) and check the runner status
================================================
FILE: .github/runners/prereq.sh
================================================
#!/usr/bin/env bash
# Copyright 2021 The Flux authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script installs the prerequisites for running Flux end-to-end tests with Docker and GitHub self-hosted runners.
set -eu
KIND_VERSION=0.22.0
KUBECTL_VERSION=1.29.0
KUSTOMIZE_VERSION=5.3.0
HELM_VERSION=3.14.1
GITHUB_RUNNER_VERSION=2.313.0
PACKAGES="apt-transport-https ca-certificates software-properties-common build-essential libssl-dev gnupg lsb-release jq pkg-config"
# install prerequisites
apt-get update \
&& apt-get install -y -q ${PACKAGES} \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# fix Kubernetes DNS resolution
rm /etc/resolv.conf
cat "/run/systemd/resolve/stub-resolv.conf" | sed '/search/d' > /etc/resolv.conf
# install docker
curl -fsSL https://get.docker.com -o get-docker.sh \
&& chmod +x get-docker.sh
./get-docker.sh
systemctl enable docker.service
systemctl enable containerd.service
usermod -aG docker ubuntu
# install kind
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v${KIND_VERSION}/kind-linux-arm64
install -o root -g root -m 0755 kind /usr/local/bin/kind
# install kubectl
curl -LO "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/arm64/kubectl"
install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
# install kustomize
curl -Lo ./kustomize.tar.gz https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv${KUSTOMIZE_VERSION}/kustomize_v${KUSTOMIZE_VERSION}_linux_arm64.tar.gz \
&& tar -zxvf kustomize.tar.gz \
&& rm kustomize.tar.gz
install -o root -g root -m 0755 kustomize /usr/local/bin/kustomize
# install helm
curl -Lo ./helm.tar.gz https://get.helm.sh/helm-v${HELM_VERSION}-linux-arm64.tar.gz \
&& tar -zxvf helm.tar.gz \
&& rm helm.tar.gz
install -o root -g root -m 0755 linux-arm64/helm /usr/local/bin/helm
# download runner
curl -o actions-runner-linux-arm64.tar.gz -L https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-arm64-${GITHUB_RUNNER_VERSION}.tar.gz \
&& tar xzf actions-runner-linux-arm64.tar.gz \
&& rm actions-runner-linux-arm64.tar.gz
# install runner dependencies
./bin/installdependencies.sh
================================================
FILE: .github/runners/runner-setup.sh
================================================
#!/usr/bin/env bash
# Copyright 2021 The Flux authors. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This script installs a GitHub self-hosted ARM64 runner for running Flux end-to-end tests.
set -eu
RUNNER_NAME=$1
REPOSITORY_TOKEN=$2
REPOSITORY_URL=${3:-https://github.com/fluxcd/flux2}
GITHUB_RUNNER_VERSION=2.313.0
# download runner
curl -o actions-runner-linux-arm64.tar.gz -L https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-arm64-${GITHUB_RUNNER_VERSION}.tar.gz \
&& tar xzf actions-runner-linux-arm64.tar.gz \
&& rm actions-runner-linux-arm64.tar.gz
# register runner with GitHub
./config.sh --unattended --url ${REPOSITORY_URL} --token ${REPOSITORY_TOKEN} --name ${RUNNER_NAME}
# start runner
sudo ./svc.sh install
sudo ./svc.sh start
================================================
FILE: .github/workflows/README.md
================================================
# Flux GitHub Workflows
## End-to-end Testing
The e2e workflows run a series of tests to ensure that the Flux CLI and
the GitOps Toolkit controllers work well all together.
The tests are written in Go, Bash, Make and Terraform.
| Workflow | Jobs | Runner | Role |
|--------------------|----------------------|----------------|-----------------------------------------------|
| e2e.yaml | e2e-amd64-kubernetes | GitHub Ubuntu | integration testing with Kubernetes Kind<br/> |
| e2e-arm64.yaml | e2e-arm64-kubernetes | Equinix Ubuntu | integration testing with Kubernetes Kind<br/> |
| e2e-bootstrap.yaml | e2e-boostrap-github | GitHub Ubuntu | integration testing with GitHub API<br/> |
| e2e-azure.yaml | e2e-amd64-aks | GitHub Ubuntu | integration testing with Azure API<br/> |
| scan.yaml | scan-fossa | GitHub Ubuntu | license scanning<br/> |
| scan.yaml | scan-snyk | GitHub Ubuntu | vulnerability scanning<br/> |
| scan.yaml | scan-codeql | GitHub Ubuntu | vulnerability scanning<br/> |
## Components Update
The components update workflow scans the GitOps Toolkit controller repositories for new releases,
amd when it finds a new controller version, the workflow performs the following steps:
- Updates the controller API package version in `go.mod`.
- Patches the controller CRDs version in the `manifests/crds` overlay.
- Patches the controller Deployment version in `manifests/bases` overlay.
- Opens a Pull Request against the checked out branch.
- Triggers the e2e test suite to run for the opened PR.
| Workflow | Jobs | Runner | Role |
|-------------|-------------------|---------------|-----------------------------------------------------|
| update.yaml | update-components | GitHub Ubuntu | update the GitOps Toolkit APIs and controllers<br/> |
## Release
The release workflow is triggered by a semver Git tag and performs the following steps:
- Generates the Flux install manifests (YAML).
- Generates the OpenAPI validation schemas for the GitOps Toolkit CRDs (JSON).
- Generates a Software Bill of Materials (SPDX JSON).
- Builds the Flux CLI binaries and the multi-arch container images.
- Pushes the container images to GitHub Container Registry and DockerHub.
- Signs the sbom, the binaries checksum and the container images with Cosign and GitHub OIDC.
- Uploads the sbom, binaries, checksums and install manifests to GitHub Releases.
- Pushes the install manifests as OCI artifacts to GitHub Container Registry and DockerHub.
- Signs the OCI artifacts with Cosign and GitHub OIDC.
| Workflow | Jobs | Runner | Role |
|--------------|------------------------|---------------|------------------------------------------------------|
| release.yaml | release-flux-cli | GitHub Ubuntu | build, push and sign the CLI release artifacts<br/> |
| release.yaml | release-flux-manifests | GitHub Ubuntu | build, push and sign the Flux install manifests<br/> |
================================================
FILE: .github/workflows/action.yaml
================================================
name: test-gh-action
on:
pull_request:
paths:
- 'action/**'
push:
paths:
- 'action/**'
branches:
- 'main'
- 'release/**'
permissions: read-all
jobs:
actions:
strategy:
fail-fast: false
matrix:
version: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.version }}
name: action on ${{ matrix.version }}
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup flux
uses: ./action
================================================
FILE: .github/workflows/backport.yaml
================================================
name: backport
on:
pull_request_target:
types: [closed, labeled]
permissions: read-all
jobs:
backport:
permissions:
contents: write # for reading and creating branches.
pull-requests: write # for creating pull requests against release branches.
uses: fluxcd/gha-workflows/.github/workflows/backport.yaml@v0.9.0
secrets:
github-token: ${{ secrets.BOT_GITHUB_TOKEN }}
================================================
FILE: .github/workflows/conformance.yaml
================================================
name: conformance
on:
workflow_dispatch:
push:
branches: [ 'main', 'update-components-**', 'release/**', 'conform*' ]
permissions:
contents: read
env:
GO_VERSION: 1.26.x
jobs:
conform-kubernetes:
runs-on:
group: "ARM64"
strategy:
matrix:
# Keep this list up-to-date with https://endoflife.date/kubernetes
# Build images with https://github.com/fluxcd/flux-benchmark/actions/workflows/build-kind.yaml
KUBERNETES_VERSION: [1.33.0, 1.34.1, 1.35.0]
fail-fast: false
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: |
**/go.sum
**/go.mod
- name: Prepare
id: prep
run: |
ID=${GITHUB_SHA:0:7}-${{ matrix.KUBERNETES_VERSION }}-$(date +%s)
echo "CLUSTER=arm64-${ID}" >> $GITHUB_OUTPUT
- name: Build
run: |
make build
- name: Setup Kubernetes
uses: helm/kind-action@ef37e7f390d99f746eb8b610417061a60e82a6cc # v1.14.0
with:
version: v0.30.0
cluster_name: ${{ steps.prep.outputs.CLUSTER }}
node_image: ghcr.io/fluxcd/kindest/node:v${{ matrix.KUBERNETES_VERSION }}-arm64
- name: Run e2e tests
run: TEST_KUBECONFIG=$HOME/.kube/config make e2e
- name: Run multi-tenancy tests
run: |
./bin/flux install
./bin/flux create source git flux-system \
--interval=15m \
--url=https://github.com/fluxcd/flux2-multi-tenancy \
--branch=main \
--ignore-paths="./clusters/**/flux-system/"
./bin/flux create kustomization flux-system \
--interval=15m \
--source=flux-system \
--path=./clusters/staging
kubectl -n flux-system wait kustomization/tenants --for=condition=ready --timeout=5m
kubectl -n apps wait kustomization/dev-team --for=condition=ready --timeout=1m
kubectl -n apps wait helmrelease/podinfo --for=condition=ready --timeout=1m
- name: Debug failure
if: failure()
run: |
kubectl -n flux-system get all
kubectl -n flux-system describe po
kubectl -n flux-system logs deploy/source-controller
kubectl -n flux-system logs deploy/kustomize-controller
conform-k3s:
runs-on: ubuntu-latest
strategy:
matrix:
# Keep this list up-to-date with https://endoflife.date/kubernetes
# Available versions can be found with "replicated cluster versions"
K3S_VERSION: [ 1.33.7, 1.34.3, 1.35.0 ]
fail-fast: false
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: |
**/go.sum
**/go.mod
- name: Prepare
id: prep
run: |
ID=${GITHUB_SHA:0:7}-${{ matrix.K3S_VERSION }}-$(date +%s)
PSEUDO_RAND_SUFFIX=$(echo "${ID}" | shasum | awk '{print $1}')
echo "cluster=flux2-k3s-${PSEUDO_RAND_SUFFIX}" >> $GITHUB_OUTPUT
KUBECONFIG_PATH="$(git rev-parse --show-toplevel)/bin/kubeconfig.yaml"
echo "kubeconfig-path=${KUBECONFIG_PATH}" >> $GITHUB_OUTPUT
- name: Setup Kustomize
uses: fluxcd/pkg/actions/kustomize@9a8c0edd5da84dc51a585738c67e3a3950d7fbf0 # main
- name: Build
run: make build-dev
- name: Create repository
run: |
gh repo create --private --add-readme fluxcd-testing/${{ steps.prep.outputs.cluster }}
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
- name: Create cluster
id: create-cluster
uses: replicatedhq/replicated-actions/create-cluster@1abb33f5274580b14f49f2a12d819df7920e4d9b # v1.20.0
with:
api-token: ${{ secrets.REPLICATED_API_TOKEN }}
kubernetes-distribution: "k3s"
kubernetes-version: ${{ matrix.K3S_VERSION }}
ttl: 20m
cluster-name: "${{ steps.prep.outputs.cluster }}"
kubeconfig-path: ${{ steps.prep.outputs.kubeconfig-path }}
export-kubeconfig: true
- name: Run e2e tests
run: TEST_KUBECONFIG=${{ steps.prep.outputs.kubeconfig-path }} make e2e
- name: Run flux bootstrap
run: |
./bin/flux bootstrap git --manifests ./manifests/test/ \
--url=https://github.com/fluxcd-testing/${{ steps.prep.outputs.cluster }} \
--branch=main \
--path=clusters/k3s \
--token-auth
env:
GIT_PASSWORD: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
- name: Run flux check
run: |
./bin/flux check
- name: Run flux reconcile
run: |
./bin/flux reconcile ks flux-system --with-source
./bin/flux get all
./bin/flux events
- name: Collect reconcile logs
if: ${{ always() }}
continue-on-error: true
run: |
kubectl -n flux-system get all
kubectl -n flux-system describe pods
kubectl -n flux-system logs deploy/source-controller
kubectl -n flux-system logs deploy/kustomize-controller
kubectl -n flux-system logs deploy/notification-controller
- name: Delete flux
run: |
./bin/flux uninstall -s --keep-namespace
kubectl delete ns flux-system --wait
- name: Delete cluster
if: ${{ always() }}
uses: replicatedhq/replicated-actions/remove-cluster@1abb33f5274580b14f49f2a12d819df7920e4d9b # v1.20.0
continue-on-error: true
with:
api-token: ${{ secrets.REPLICATED_API_TOKEN }}
cluster-id: ${{ steps.create-cluster.outputs.cluster-id }}
- name: Delete repository
if: ${{ always() }}
continue-on-error: true
run: |
gh repo delete fluxcd-testing/${{ steps.prep.outputs.cluster }} --yes
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
conform-openshift:
runs-on: ubuntu-latest
strategy:
matrix:
# Keep this list up-to-date with https://endoflife.date/red-hat-openshift
OPENSHIFT_VERSION: [ 4.20.0-okd ]
fail-fast: false
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: ${{ env.GO_VERSION }}
cache-dependency-path: |
**/go.sum
**/go.mod
- name: Prepare
id: prep
run: |
ID=${GITHUB_SHA:0:7}-${{ matrix.OPENSHIFT_VERSION }}-$(date +%s)
PSEUDO_RAND_SUFFIX=$(echo "${ID}" | shasum | awk '{print $1}')
echo "cluster=flux2-openshift-${PSEUDO_RAND_SUFFIX}" >> $GITHUB_OUTPUT
KUBECONFIG_PATH="$(git rev-parse --show-toplevel)/bin/kubeconfig.yaml"
echo "kubeconfig-path=${KUBECONFIG_PATH}" >> $GITHUB_OUTPUT
- name: Setup Kustomize
uses: fluxcd/pkg/actions/kustomize@9a8c0edd5da84dc51a585738c67e3a3950d7fbf0 # main
- name: Build
run: make build-dev
- name: Create repository
run: |
gh repo create --private --add-readme fluxcd-testing/${{ steps.prep.outputs.cluster }}
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
- name: Create cluster
id: create-cluster
uses: replicatedhq/replicated-actions/create-cluster@1abb33f5274580b14f49f2a12d819df7920e4d9b # v1.20.0
with:
api-token: ${{ secrets.REPLICATED_API_TOKEN }}
kubernetes-distribution: "openshift"
kubernetes-version: ${{ matrix.OPENSHIFT_VERSION }}
ttl: 20m
cluster-name: "${{ steps.prep.outputs.cluster }}"
kubeconfig-path: ${{ steps.prep.outputs.kubeconfig-path }}
export-kubeconfig: true
- name: Run flux bootstrap
run: |
./bin/flux bootstrap git --manifests ./manifests/openshift/ \
--url=https://github.com/fluxcd-testing/${{ steps.prep.outputs.cluster }} \
--branch=main \
--path=clusters/openshift \
--token-auth
env:
GIT_PASSWORD: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
- name: Run flux check
run: |
./bin/flux check
- name: Run flux reconcile
run: |
./bin/flux reconcile ks flux-system --with-source
./bin/flux get all
./bin/flux events
- name: Collect reconcile logs
if: ${{ always() }}
continue-on-error: true
run: |
kubectl -n flux-system get all
kubectl -n flux-system describe pods
kubectl -n flux-system logs deploy/source-controller
kubectl -n flux-system logs deploy/kustomize-controller
kubectl -n flux-system logs deploy/notification-controller
- name: Delete flux
run: |
./bin/flux uninstall -s --keep-namespace
kubectl delete ns flux-system --wait
- name: Delete cluster
if: ${{ always() }}
uses: replicatedhq/replicated-actions/remove-cluster@1abb33f5274580b14f49f2a12d819df7920e4d9b # v1.20.0
continue-on-error: true
with:
api-token: ${{ secrets.REPLICATED_API_TOKEN }}
cluster-id: ${{ steps.create-cluster.outputs.cluster-id }}
- name: Delete repository
if: ${{ always() }}
continue-on-error: true
run: |
gh repo delete fluxcd-testing/${{ steps.prep.outputs.cluster }} --yes
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
================================================
FILE: .github/workflows/e2e-azure.yaml
================================================
name: e2e-azure
on:
workflow_dispatch:
schedule:
- cron: '0 6 * * *'
push:
branches:
- main
paths:
- 'tests/**'
- '.github/workflows/e2e-azure.yaml'
pull_request:
branches:
- main
paths:
- 'tests/**'
- '.github/workflows/e2e-azure.yaml'
permissions:
contents: read
jobs:
e2e-aks:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./tests/integration
if: (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && github.actor != 'dependabot[bot]'
steps:
- name: CheckoutD
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: 1.26.x
cache-dependency-path: tests/integration/go.sum
- name: Setup Terraform
uses: hashicorp/setup-terraform@5e8dbf3c6d9deaf4193ca7a8fb23f2ac83bb6c85 # v4.0.0
- name: Setup Flux CLI
run: make build
working-directory: ./
- name: Setup SOPS
run: |
mkdir -p $HOME/.local/bin
wget -O $HOME/.local/bin/sops https://github.com/mozilla/sops/releases/download/v$SOPS_VER/sops-v$SOPS_VER.linux
chmod +x $HOME/.local/bin/sops
env:
SOPS_VER: 3.7.1
- name: Authenticate to Azure
uses: Azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v1.4.6
with:
creds: '{"clientId":"${{ secrets.ARM_CLIENT_ID }}","clientSecret":"${{ secrets.ARM_CLIENT_SECRET }}","subscriptionId":"${{ secrets.ARM_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.ARM_TENANT_ID }}"}'
- name: Set dynamic variables in .env
run: |
cat > .env <<EOF
export TF_VAR_tags='{ "environment"="github", "ci"="true", "repo"="flux2", "createdat"="$(date -u +x%Y-%m-%d_%Hh%Mm%Ss)" }'
EOF
- name: Print .env for dynamic tag value reference
run: cat .env
- name: Run Azure e2e tests
env:
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
TF_VAR_azuredevops_org: ${{ secrets.TF_VAR_azuredevops_org }}
TF_VAR_azuredevops_pat: ${{ secrets.TF_VAR_azuredevops_pat }}
TF_VAR_azure_location: ${{ vars.TF_VAR_azure_location }}
GITREPO_SSH_CONTENTS: ${{ secrets.GIT_SSH_IDENTITY }}
GITREPO_SSH_PUB_CONTENTS: ${{ secrets.GIT_SSH_IDENTITY_PUB }}
run: |
source .env
mkdir -p ./build/ssh
cat <<EOF > build/ssh/key
$GITREPO_SSH_CONTENTS
EOF
export GITREPO_SSH_PATH=build/ssh/key
cat <<EOF > build/ssh/key.pub
$GITREPO_SSH_PUB_CONTENTS
EOF
export GITREPO_SSH_PUB_PATH=build/ssh/key.pub
make test-azure
- name: Ensure resource cleanup
if: ${{ always() }}
env:
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
TF_VAR_azuredevops_org: ${{ secrets.TF_VAR_azuredevops_org }}
TF_VAR_azuredevops_pat: ${{ secrets.TF_VAR_azuredevops_pat }}
TF_VAR_azure_location: ${{ vars.TF_VAR_azure_location }}
run: source .env && make destroy-azure
================================================
FILE: .github/workflows/e2e-bootstrap.yaml
================================================
name: e2e-bootstrap
on:
workflow_dispatch:
push:
branches: [ 'main', 'release/**' ]
pull_request:
branches: [ 'main', 'release/**' ]
paths-ignore: [ 'docs/**', 'rfcs/**' ]
permissions:
contents: read
jobs:
e2e-boostrap-github:
runs-on: ubuntu-latest
if: (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && github.actor != 'dependabot[bot]'
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: 1.26.x
cache-dependency-path: |
**/go.sum
**/go.mod
- name: Setup Kubernetes
uses: helm/kind-action@ef37e7f390d99f746eb8b610417061a60e82a6cc # v1.14.0
with:
version: v0.30.0
cluster_name: kind
# The versions below should target the newest Kubernetes version
# Keep this up-to-date with https://endoflife.date/kubernetes
node_image: ghcr.io/fluxcd/kindest/node:v1.33.0-amd64
kubectl_version: v1.33.0
- name: Setup Kustomize
uses: fluxcd/pkg/actions/kustomize@9a8c0edd5da84dc51a585738c67e3a3950d7fbf0 # main
- name: Setup yq
uses: fluxcd/pkg/actions/yq@9a8c0edd5da84dc51a585738c67e3a3950d7fbf0 # main
- name: Build
run: make build-dev
- name: Set outputs
id: vars
run: |
REPOSITORY_NAME=${{ github.event.repository.name }}
BRANCH_NAME=${GITHUB_REF##*/}
COMMIT_SHA=$(git rev-parse HEAD)
PSEUDO_RAND_SUFFIX=$(echo "${BRANCH_NAME}-${COMMIT_SHA}" | shasum | awk '{print $1}')
TEST_REPO_NAME="${REPOSITORY_NAME}-${PSEUDO_RAND_SUFFIX}"
echo "test_repo_name=$TEST_REPO_NAME" >> $GITHUB_OUTPUT
- name: bootstrap init
run: |
./bin/flux bootstrap github --manifests ./manifests/test/ \
--owner=fluxcd-testing \
--image-pull-secret=ghcr-auth \
--registry-creds=fluxcd:$GITHUB_TOKEN \
--repository=${{ steps.vars.outputs.test_repo_name }} \
--branch=main \
--path=test-cluster \
--team=team-z
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
- name: verify image pull secret
run: |
kubectl -n flux-system get secret ghcr-auth | grep dockerconfigjson
- name: bootstrap no-op
run: |
./bin/flux bootstrap github --manifests ./manifests/test/ \
--owner=fluxcd-testing \
--image-pull-secret=ghcr-auth \
--repository=${{ steps.vars.outputs.test_repo_name }} \
--branch=main \
--path=test-cluster \
--team=team-z
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
- name: bootstrap customize
run: |
make setup-bootstrap-patch
./bin/flux bootstrap github --manifests ./manifests/test/ \
--owner=fluxcd-testing \
--repository=${{ steps.vars.outputs.test_repo_name }} \
--branch=main \
--path=test-cluster \
--team=team-z
if [ $(kubectl get deployments.apps source-controller -o jsonpath='{.spec.template.spec.securityContext.runAsUser}') != "10000" ]; then
echo "Bootstrap not customized as controller is not running as user 10000" && exit 1
fi
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
GITHUB_REPO_NAME: ${{ steps.vars.outputs.test_repo_name }}
GITHUB_ORG_NAME: fluxcd-testing
- name: uninstall
run: |
./bin/flux uninstall -s --keep-namespace
kubectl delete ns flux-system --timeout=10m --wait=true
- name: test image automation
run: |
make setup-image-automation
./bin/flux bootstrap github --manifests ./manifests/test/ \
--owner=fluxcd-testing \
--repository=${{ steps.vars.outputs.test_repo_name }} \
--branch=main \
--path=test-cluster \
--read-write-key
./bin/flux reconcile image repository podinfo
./bin/flux reconcile image policy podinfo
./bin/flux reconcile image update flux-system
./bin/flux get images all
./bin/flux -n flux-system events --for ImageUpdateAutomation/flux-system
kubectl -n flux-system get -o yaml ImageUpdateAutomation flux-system
kubectl -n flux-system get -o yaml ImageUpdateAutomation flux-system | \
yq '.status.lastPushCommit | length > 1' | grep 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
GITHUB_REPO_NAME: ${{ steps.vars.outputs.test_repo_name }}
GITHUB_ORG_NAME: fluxcd-testing
- name: delete repository
if: ${{ always() }}
continue-on-error: true
run: |
gh repo delete fluxcd-testing/${{ steps.vars.outputs.test_repo_name }} --yes
env:
GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
- name: Debug failure
if: failure()
run: |
kubectl -n flux-system get all
kubectl -n flux-system logs deploy/source-controller
kubectl -n flux-system logs deploy/kustomize-controller
================================================
FILE: .github/workflows/e2e-gcp.yaml
================================================
name: e2e-gcp
on:
workflow_dispatch:
schedule:
- cron: '0 6 * * *'
push:
branches:
- main
paths:
- 'tests/**'
- '.github/workflows/e2e-gcp.yaml'
pull_request:
branches:
- main
paths:
- 'tests/**'
- '.github/workflows/e2e-gcp.yaml'
permissions:
contents: read
jobs:
e2e-gcp:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./tests/integration
if: (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && github.actor != 'dependabot[bot]'
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: 1.26.x
cache-dependency-path: tests/integration/go.sum
- name: Setup Terraform
uses: hashicorp/setup-terraform@5e8dbf3c6d9deaf4193ca7a8fb23f2ac83bb6c85 # v4.0.0
- name: Setup Flux CLI
run: make build
working-directory: ./
- name: Setup SOPS
run: |
mkdir -p $HOME/.local/bin
wget -O $HOME/.local/bin/sops https://github.com/mozilla/sops/releases/download/v$SOPS_VER/sops-v$SOPS_VER.linux
chmod +x $HOME/.local/bin/sops
env:
SOPS_VER: 3.7.1
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
id: 'auth'
with:
credentials_json: '${{ secrets.FLUX2_E2E_GOOGLE_CREDENTIALS }}'
token_format: 'access_token'
- name: Setup gcloud
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
- name: Setup QEMU
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
- name: Log into us-central1-docker.pkg.dev
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: us-central1-docker.pkg.dev
username: oauth2accesstoken
password: ${{ steps.auth.outputs.access_token }}
- name: Set dynamic variables in .env
run: |
cat > .env <<EOF
export TF_VAR_tags='{ "environment"="github", "ci"="true", "repo"="flux2", "createdat"="$(date -u +x%Y-%m-%d_%Hh%Mm%Ss)" }'
EOF
- name: Print .env for dynamic tag value reference
run: cat .env
- name: Run GCP e2e tests
env:
TF_VAR_gcp_project_id: ${{ vars.TF_VAR_gcp_project_id }}
TF_VAR_gcp_region: ${{ vars.TF_VAR_gcp_region }}
TF_VAR_gcp_zone: ${{ vars.TF_VAR_gcp_zone }}
TF_VAR_gcp_email: ${{ secrets.TF_VAR_gcp_email }}
TF_VAR_gcp_keyring: ${{ secrets.TF_VAR_gcp_keyring }}
TF_VAR_gcp_crypto_key: ${{ secrets.TF_VAR_gcp_crypto_key }}
GITREPO_SSH_CONTENTS: ${{ secrets.GCP_GITREPO_SSH_CONTENTS }}
GITREPO_SSH_PUB_CONTENTS: ${{ secrets.GCP_GITREPO_SSH_PUB_CONTENTS }}
run: |
source .env
mkdir -p ./build/ssh
touch ./build/ssh/key
echo $GITREPO_SSH_CONTENTS | base64 -d > build/ssh/key
export GITREPO_SSH_PATH=build/ssh/key
touch ./build/ssh/key.pub
echo $GITREPO_SSH_PUB_CONTENTS | base64 -d > ./build/ssh/key.pub
export GITREPO_SSH_PUB_PATH=build/ssh/key.pub
make test-gcp
- name: Ensure resource cleanup
if: ${{ always() }}
env:
TF_VAR_gcp_project_id: ${{ vars.TF_VAR_gcp_project_id }}
TF_VAR_gcp_region: ${{ vars.TF_VAR_gcp_region }}
TF_VAR_gcp_zone: ${{ vars.TF_VAR_gcp_zone }}
TF_VAR_gcp_email: ${{ secrets.TF_VAR_gcp_email }}
TF_VAR_gcp_keyring: ${{ secrets.TF_VAR_gcp_keyring }}
TF_VAR_gcp_crypto_key: ${{ secrets.TF_VAR_gcp_crypto_key }}
run: source .env && make destroy-gcp
================================================
FILE: .github/workflows/e2e.yaml
================================================
name: e2e
on:
workflow_dispatch:
push:
branches: [ 'main', 'release/**' ]
pull_request:
branches: [ 'main', 'release/**' ]
paths-ignore: [ 'docs/**', 'rfcs/**' ]
permissions:
contents: read
jobs:
e2e-amd64-kubernetes:
runs-on:
group: "Default Larger Runners"
labels: ubuntu-latest-16-cores
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: 1.26.x
cache-dependency-path: |
**/go.sum
**/go.mod
- name: Setup Kubernetes
uses: helm/kind-action@ef37e7f390d99f746eb8b610417061a60e82a6cc # v1.14.0
with:
version: v0.30.0
cluster_name: kind
wait: 5s
config: .github/kind/config.yaml # disable KIND-net
# The versions below should target the oldest supported Kubernetes version
# Keep this up-to-date with https://endoflife.date/kubernetes
node_image: ghcr.io/fluxcd/kindest/node:v1.33.0-amd64
kubectl_version: v1.33.0
- name: Setup Calico for network policy
run: |
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.3/manifests/calico.yaml
- name: Setup Kustomize
uses: fluxcd/pkg/actions/kustomize@9a8c0edd5da84dc51a585738c67e3a3950d7fbf0 # main
- name: Run tests
run: make test
- name: Run e2e tests
run: TEST_KUBECONFIG=$HOME/.kube/config make e2e
- name: Check if working tree is dirty
run: |
if [[ $(git diff --stat) != '' ]]; then
git diff
echo 'run make test and commit changes'
exit 1
fi
- name: Build
run: make build-dev
- name: flux check --pre
run: |
./bin/flux check --pre
- name: flux install --manifests
run: |
./bin/flux install --manifests ./manifests/test/
- name: flux create secret
run: |
./bin/flux create secret git git-ssh-test \
--url ssh://git@github.com/stefanprodan/podinfo
./bin/flux create secret git git-https-test \
--url https://github.com/stefanprodan/podinfo \
--username=test --password=test
./bin/flux create secret helm helm-test \
--username=test --password=test
- name: flux create source git
run: |
./bin/flux create source git podinfo \
--url https://github.com/stefanprodan/podinfo \
--tag-semver=">=6.3.5"
- name: flux create source git export apply
run: |
./bin/flux create source git podinfo-export \
--url https://github.com/stefanprodan/podinfo \
--tag-semver=">=6.3.5" \
--export | kubectl apply -f -
./bin/flux delete source git podinfo-export --silent
- name: flux get sources git
run: |
./bin/flux get sources git
- name: flux get sources git --all-namespaces
run: |
./bin/flux get sources git --all-namespaces
- name: flux create kustomization
run: |
./bin/flux create kustomization podinfo \
--source=podinfo \
--path="./deploy/overlays/dev" \
--prune=true \
--interval=5m \
--health-check="Deployment/frontend.dev" \
--health-check="Deployment/backend.dev" \
--health-check-timeout=3m
- name: flux trace
run: |
./bin/flux trace frontend \
--kind=deployment \
--api-version=apps/v1 \
--namespace=dev
- name: flux reconcile kustomization --with-source
run: |
./bin/flux reconcile kustomization podinfo --with-source
- name: flux get kustomizations
run: |
./bin/flux get kustomizations
- name: flux get kustomizations --all-namespaces
run: |
./bin/flux get kustomizations --all-namespaces
- name: flux suspend kustomization
run: |
./bin/flux suspend kustomization podinfo
- name: flux resume kustomization
run: |
./bin/flux resume kustomization podinfo
- name: flux export
run: |
./bin/flux export source git --all
./bin/flux export kustomization --all
- name: flux delete kustomization
run: |
./bin/flux delete kustomization podinfo --silent
- name: flux create source helm
run: |
./bin/flux create source helm podinfo \
--url https://stefanprodan.github.io/podinfo
- name: flux create helmrelease --source=HelmRepository/podinfo
run: |
./bin/flux create hr podinfo-helm \
--target-namespace=default \
--source=HelmRepository/podinfo.flux-system \
--chart=podinfo \
--chart-version=">6.0.0 <7.0.0"
- name: flux create helmrelease --source=GitRepository/podinfo
run: |
./bin/flux create hr podinfo-git \
--target-namespace=default \
--source=GitRepository/podinfo \
--chart=./charts/podinfo
- name: flux reconcile helmrelease --with-source
run: |
./bin/flux reconcile helmrelease podinfo-git --with-source
- name: flux get helmreleases
run: |
./bin/flux get helmreleases
- name: flux get helmreleases --all-namespaces
run: |
./bin/flux get helmreleases --all-namespaces
- name: flux export helmrelease
run: |
./bin/flux export hr --all
- name: flux delete helmrelease podinfo-helm
run: |
./bin/flux delete hr podinfo-helm --silent
- name: flux delete helmrelease podinfo-git
run: |
./bin/flux delete hr podinfo-git --silent
- name: flux delete source helm
run: |
./bin/flux delete source helm podinfo --silent
- name: flux delete source git
run: |
./bin/flux delete source git podinfo --silent
- name: flux oci artifacts
run: |
./bin/flux push artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \
--path="./manifests" \
--source="${{ github.repositoryUrl }}" \
--revision="${{ github.ref }}@sha1:${{ github.sha }}"
./bin/flux tag artifact oci://localhost:5000/fluxcd/flux:${{ github.sha }} \
--tag latest
./bin/flux list artifacts oci://localhost:5000/fluxcd/flux
- name: flux oci repositories
run: |
./bin/flux create source oci podinfo-oci \
--url oci://ghcr.io/stefanprodan/manifests/podinfo \
--tag-semver 6.3.x \
--interval 10m
./bin/flux create kustomization podinfo-oci \
--source=OCIRepository/podinfo-oci \
--path="./" \
--prune=true \
--interval=5m \
--target-namespace=default \
--wait=true \
--health-check-timeout=3m
./bin/flux reconcile source oci podinfo-oci
./bin/flux suspend source oci podinfo-oci
./bin/flux get sources oci
./bin/flux resume source oci podinfo-oci
./bin/flux export source oci podinfo-oci
./bin/flux delete ks podinfo-oci --silent
./bin/flux delete source oci podinfo-oci --silent
- name: flux create tenant
run: |
./bin/flux create tenant dev-team --with-namespace=apps
./bin/flux -n apps create source helm podinfo \
--url https://stefanprodan.github.io/podinfo
./bin/flux -n apps create hr podinfo-helm \
--source=HelmRepository/podinfo \
--chart=podinfo \
--chart-version="6.3.x" \
--service-account=dev-team
- name: flux2-kustomize-helm-example
run: |
./bin/flux create source git flux-system \
--url=https://github.com/fluxcd/flux2-kustomize-helm-example \
--branch=main \
--ignore-paths="./clusters/**/flux-system/" \
--recurse-submodules
./bin/flux create kustomization flux-system \
--source=flux-system \
--path=./clusters/staging
kubectl -n flux-system wait kustomization/infra-controllers --for=condition=ready --timeout=5m
kubectl -n flux-system wait kustomization/apps --for=condition=ready --timeout=5m
kubectl -n podinfo wait helmrelease/podinfo --for=condition=ready --timeout=5m
- name: flux tree
run: |
./bin/flux tree kustomization flux-system | grep Service/podinfo
- name: flux events
run: |
./bin/flux -n flux-system events --for Kustomization/apps | grep 'HelmRelease/podinfo'
./bin/flux -n podinfo events --for HelmRelease/podinfo | grep 'podinfo.v1'
- name: flux stats
run: |
./bin/flux stats -A
- name: flux check
run: |
./bin/flux check
- name: flux migrate
run: |
./bin/flux migrate
- name: flux version
run: |
./bin/flux version
- name: flux uninstall
run: |
./bin/flux uninstall --silent
- name: Debug failure
if: failure()
run: |
kubectl version --client
kubectl -n flux-system get all
kubectl -n flux-system describe pods
kubectl -n flux-system get kustomizations -oyaml
kubectl -n flux-system logs deploy/source-controller
kubectl -n flux-system logs deploy/kustomize-controller
================================================
FILE: .github/workflows/ossf.yaml
================================================
name: ossf
on:
workflow_dispatch:
push:
branches:
- main
schedule:
# Weekly on Saturdays.
- cron: '30 1 * * 6'
permissions: read-all
jobs:
scorecard:
runs-on: ubuntu-latest
permissions:
security-events: write
id-token: write
actions: read
contents: read
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Run analysis
uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
with:
results_file: results.sarif
results_format: sarif
repo_token: ${{ secrets.GITHUB_TOKEN }}
publish_results: true
- name: Upload artifact
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: SARIF file
path: results.sarif
retention-days: 5
- name: Upload SARIF results
uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
with:
sarif_file: results.sarif
================================================
FILE: .github/workflows/release.yaml
================================================
name: release
on:
push:
tags: ["v*"]
permissions:
contents: read
jobs:
release-flux-cli:
outputs:
hashes: ${{ steps.slsa.outputs.hashes }}
image_url: ${{ steps.slsa.outputs.image_url }}
image_digest: ${{ steps.slsa.outputs.image_digest }}
runs-on:
group: "Default Larger Runners"
labels: ubuntu-latest-16-cores
permissions:
contents: write # needed to write releases
id-token: write # needed for keyless signing
packages: write # needed for ghcr access
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Unshallow
run: git fetch --prune --unshallow
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: 1.26.x
cache: false
- name: Setup QEMU
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
- name: Setup Docker Buildx
id: buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
- name: Setup Syft
uses: anchore/sbom-action/download-syft@57aae528053a48a3f6235f2d9461b05fbcb7366d # v0.23.1
- name: Setup Cosign
uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
with:
cosign-release: v2.6.1 # TODO: remove after Flux 2.8 with support for cosign v3
- name: Setup Kustomize
uses: fluxcd/pkg/actions/kustomize@9a8c0edd5da84dc51a585738c67e3a3950d7fbf0 # main
- name: Login to GitHub Container Registry
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ghcr.io
username: fluxcdbot
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Docker Hub
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
username: fluxcdbot
password: ${{ secrets.DOCKER_FLUXCD_PASSWORD }}
- name: Generate manifests
run: |
make cmd/flux/.manifests.done
./manifests/scripts/bundle.sh "" ./output manifests.tar.gz
kustomize build ./manifests/install > ./output/install.yaml
- name: Build CRDs
run: |
kustomize build manifests/crds > all-crds.yaml
- name: Generate OpenAPI JSON schemas from CRDs
uses: fluxcd/pkg/actions/crdjsonschema@9a8c0edd5da84dc51a585738c67e3a3950d7fbf0 # main
with:
crd: all-crds.yaml
output: schemas
- name: Archive the OpenAPI JSON schemas
run: |
tar -czvf ./output/crd-schemas.tar.gz -C schemas .
- name: Run GoReleaser
id: run-goreleaser
uses: goreleaser/goreleaser-action@ec59f474b9834571250b370d4735c50f8e2d1e29 # v7.0.0
with:
version: latest
args: release --skip=validate
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }}
AUR_BOT_SSH_PRIVATE_KEY: ${{ secrets.AUR_BOT_SSH_PRIVATE_KEY }}
- name: Generate SLSA metadata
id: slsa
env:
ARTIFACTS: "${{ steps.run-goreleaser.outputs.artifacts }}"
run: |
set -euo pipefail
hashes=$(echo -E $ARTIFACTS | jq --raw-output '.[] | {name, "digest": (.extra.Digest // .extra.Checksum)} | select(.digest) | {digest} + {name} | join(" ") | sub("^sha256:";"")' | base64 -w0)
echo "hashes=$hashes" >> $GITHUB_OUTPUT
image_url=fluxcd/flux-cli:$GITHUB_REF_NAME
echo "image_url=$image_url" >> $GITHUB_OUTPUT
image_digest=$(docker buildx imagetools inspect ${image_url} --format '{{json .}}' | jq -r .manifest.digest)
echo "image_digest=$image_digest" >> $GITHUB_OUTPUT
release-flux-manifests:
runs-on: ubuntu-latest
needs: release-flux-cli
permissions:
id-token: write
packages: write
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Kustomize
uses: fluxcd/pkg/actions/kustomize@9a8c0edd5da84dc51a585738c67e3a3950d7fbf0 # main
- name: Setup Flux CLI
uses: ./action/
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Prepare
id: prep
run: |
VERSION=$(flux version --client | awk '{ print $NF }')
echo "version=${VERSION}" >> $GITHUB_OUTPUT
- name: Login to GHCR
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ghcr.io
username: fluxcdbot
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to DockerHub
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
username: fluxcdbot
password: ${{ secrets.DOCKER_FLUXCD_PASSWORD }}
- name: Push manifests to GHCR
run: |
mkdir -p ./ghcr.io/flux-system
flux install --registry=ghcr.io/fluxcd \
--components-extra=image-reflector-controller,image-automation-controller \
--export > ./ghcr.io/flux-system/gotk-components.yaml
cd ./ghcr.io && flux push artifact \
oci://ghcr.io/fluxcd/flux-manifests:${{ steps.prep.outputs.version }} \
--path="./flux-system" \
--source=${{ github.repositoryUrl }} \
--revision="${{ github.ref_name }}@sha1:${{ github.sha }}"
- name: Push manifests to DockerHub
run: |
mkdir -p ./docker.io/flux-system
flux install --registry=docker.io/fluxcd \
--components-extra=image-reflector-controller,image-automation-controller \
--export > ./docker.io/flux-system/gotk-components.yaml
cd ./docker.io && flux push artifact \
oci://docker.io/fluxcd/flux-manifests:${{ steps.prep.outputs.version }} \
--path="./flux-system" \
--source=${{ github.repositoryUrl }} \
--revision="${{ github.ref_name }}@sha1:${{ github.sha }}"
- uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0
with:
cosign-release: v2.6.1 # TODO: remove after Flux 2.8 with support for cosign v3
- name: Sign manifests
env:
COSIGN_EXPERIMENTAL: 1
run: |
cosign sign --yes ghcr.io/fluxcd/flux-manifests:${{ steps.prep.outputs.version }}
cosign sign --yes docker.io/fluxcd/flux-manifests:${{ steps.prep.outputs.version }}
- name: Tag manifests
run: |
flux tag artifact oci://ghcr.io/fluxcd/flux-manifests:${{ steps.prep.outputs.version }} \
--tag latest
flux tag artifact oci://docker.io/fluxcd/flux-manifests:${{ steps.prep.outputs.version }} \
--tag latest
release-provenance:
needs: [release-flux-cli]
permissions:
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
contents: write # for uploading attestations to GitHub releases.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.1.0
with:
provenance-name: "provenance.intoto.jsonl"
base64-subjects: "${{ needs.release-flux-cli.outputs.hashes }}"
upload-assets: true
dockerhub-provenance:
needs: [release-flux-cli]
permissions:
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
packages: write # for uploading attestations.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
with:
image: ${{ needs.release-flux-cli.outputs.image_url }}
digest: ${{ needs.release-flux-cli.outputs.image_digest }}
registry-username: fluxcdbot
secrets:
registry-password: ${{ secrets.DOCKER_FLUXCD_PASSWORD }}
ghcr-provenance:
needs: [release-flux-cli]
permissions:
actions: read # for detecting the Github Actions environment.
id-token: write # for creating OIDC tokens for signing.
packages: write # for uploading attestations.
uses: slsa-framework/slsa-github-generator/.github/workflows/generator_container_slsa3.yml@v2.1.0
with:
image: ghcr.io/${{ needs.release-flux-cli.outputs.image_url }}
digest: ${{ needs.release-flux-cli.outputs.image_digest }}
registry-username: fluxcdbot
secrets:
registry-password: ${{ secrets.GITHUB_TOKEN }}
================================================
FILE: .github/workflows/scan.yaml
================================================
name: scan
on:
workflow_dispatch:
push:
branches: [ 'main', 'release/**' ]
pull_request:
branches: [ 'main', 'release/**' ]
schedule:
- cron: '18 10 * * 3'
permissions: read-all
jobs:
analyze:
permissions:
contents: read # for reading the repository code.
security-events: write # for uploading the CodeQL analysis results.
uses: fluxcd/gha-workflows/.github/workflows/code-scan.yaml@v0.9.0
secrets:
github-token: ${{ secrets.GITHUB_TOKEN }}
fossa-token: ${{ secrets.FOSSA_TOKEN }}
================================================
FILE: .github/workflows/sync-labels.yaml
================================================
name: sync-labels
on:
workflow_dispatch:
push:
branches:
- main
paths:
- .github/labels.yaml
permissions: read-all
jobs:
sync-labels:
permissions:
contents: read # for reading the labels file.
issues: write # for creating and updating labels.
uses: fluxcd/gha-workflows/.github/workflows/labels-sync.yaml@v0.9.0
secrets:
github-token: ${{ secrets.GITHUB_TOKEN }}
================================================
FILE: .github/workflows/update.yaml
================================================
name: update
on:
workflow_dispatch:
push:
branches: [main]
permissions:
contents: read
jobs:
update-components:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Check out code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Go
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
with:
go-version: 1.26.x
cache-dependency-path: |
**/go.sum
**/go.mod
- name: Update component versions
id: update
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
PR_BODY=$(mktemp)
bump_version() {
local LATEST_VERSION=$(curl -s -H "Authorization: token ${GITHUB_TOKEN}" https://api.github.com/repos/fluxcd/$1/releases | jq -r 'sort_by(.published_at) | .[-1] | .tag_name')
if [[ "$LATEST_VERSION" == *"-rc"* ]]; then
echo "Skipping release candidate version for $1: $LATEST_VERSION"
return
fi
local CTRL_VERSION=$(sed -n "s/.*$1\/releases\/download\/\(.*\)\/.*/\1/p;n" manifests/bases/$1/kustomization.yaml)
local CRD_VERSION=$(sed -n "s/.*$1\/releases\/download\/\(.*\)\/.*/\1/p" manifests/crds/kustomization.yaml)
local API_PKG="github.com/fluxcd/$1/api"
if [[ "$1" == "source-watcher" ]]; then
API_PKG="github.com/fluxcd/$1/api/v2"
fi
local MOD_VERSION=$(go list -m -f '{{ .Version }}' "$API_PKG")
local changed=false
if [[ "${CTRL_VERSION}" != "${LATEST_VERSION}" ]]; then
sed -i "s/\($1\/releases\/download\/\)v.*\(\/.*\)/\1${LATEST_VERSION}\2/g" "manifests/bases/$1/kustomization.yaml"
changed=true
fi
if [[ "${CRD_VERSION}" != "${LATEST_VERSION}" ]]; then
sed -i "s/\($1\/releases\/download\/\)v.*\(\/.*\)/\1${LATEST_VERSION}\2/g" "manifests/crds/kustomization.yaml"
changed=true
fi
if [[ "${MOD_VERSION}" != "${LATEST_VERSION}" ]]; then
go mod edit -require="$API_PKG@${LATEST_VERSION}"
make tidy
changed=true
fi
if [[ "$changed" == true ]]; then
echo "- $1 to ${LATEST_VERSION}" >> $PR_BODY
echo " https://github.com/fluxcd/$1/blob/${LATEST_VERSION}/CHANGELOG.md" >> $PR_BODY
fi
}
{
# bump controller versions
bump_version helm-controller
bump_version kustomize-controller
bump_version source-controller
bump_version notification-controller
bump_version image-reflector-controller
bump_version image-automation-controller
bump_version source-watcher
# diff change
git diff
# export PR_BODY for PR and commit
# NB: this may look strange but it is the way it should be done to
# maintain our precious newlines
# Ref: https://github.com/github/docs/issues/21529
echo 'pr_body<<EOF' >> $GITHUB_OUTPUT
cat $PR_BODY >> $GITHUB_OUTPUT
echo 'EOF' >> $GITHUB_OUTPUT
}
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
with:
token: ${{ secrets.BOT_GITHUB_TOKEN }}
commit-message: |
Update toolkit components
${{ steps.update.outputs.pr_body }}
committer: GitHub <noreply@github.com>
author: fluxcdbot <fluxcdbot@users.noreply.github.com>
signoff: true
branch: update-components-${{ github.ref_name }}
title: Update toolkit components
body: |
${{ steps.update.outputs.pr_body }}
labels: |
dependencies
reviewers: ${{ secrets.ASSIGNEES }}
- name: Check output
run: |
echo "Pull Request Number - ${{ steps.cpr.outputs.pull-request-number }}"
echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
================================================
FILE: .github/workflows/upgrade-fluxcd-pkg.yaml
================================================
name: upgrade-fluxcd-pkg
on:
workflow_dispatch:
permissions:
contents: read
jobs:
upgrade-fluxcd-pkg:
uses: fluxcd/gha-workflows/.github/workflows/upgrade-fluxcd-pkg.yaml@v0.9.0
secrets:
github-token: ${{ secrets.BOT_GITHUB_TOKEN }}
================================================
FILE: .gitignore
================================================
# Binaries for programs and plugins
*.exe
*.exe~
*.dll
*.so
*.dylib
# Test binary, built with `go test -c`
*.test
# Output of the go coverage tool, specifically when used with LiteIDE
*.out
# Release
dist/
# Dependency directories (remove the comment below to include it)
# vendor/
bin/
output/
cmd/flux/manifests/
cmd/flux/.manifests.done
testbin/
# Docs
site/
================================================
FILE: .goreleaser.yml
================================================
project_name: flux
changelog:
use: github-native
builds:
- <<: &build_defaults
binary: flux
main: ./cmd/flux
ldflags:
- -s -w -X main.VERSION={{ .Version }}
env:
- CGO_ENABLED=0
id: linux
goos:
- linux
goarch:
- amd64
- arm64
- arm
goarm:
- "7"
- <<: *build_defaults
id: darwin
goos:
- darwin
goarch:
- amd64
- arm64
- <<: *build_defaults
id: windows
goos:
- windows
archives:
- name_template: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
id: nix
builds: [linux, darwin]
format: tar.gz
files:
- none*
- name_template: "{{ .Binary }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
id: windows
builds: [windows]
format: zip
files:
- none*
source:
enabled: true
name_template: '{{ .ProjectName }}_{{ .Version }}_source_code'
sboms:
- id: source
artifacts: source
documents:
- "{{ .ProjectName }}_{{ .Version }}_sbom.spdx.json"
release:
extra_files:
- glob: output/crd-schemas.tar.gz
- glob: output/manifests.tar.gz
- glob: output/install.yaml
checksum:
extra_files:
- glob: output/crd-schemas.tar.gz
- glob: output/manifests.tar.gz
- glob: output/install.yaml
signs:
- cmd: cosign
env:
- COSIGN_EXPERIMENTAL=1
certificate: '${artifact}.pem'
args:
- sign-blob
- "--yes"
- '--output-certificate=${certificate}'
- '--output-signature=${signature}'
- '${artifact}'
artifacts: checksum
output: true
brews:
- name: flux
repository:
owner: fluxcd
name: homebrew-tap
token: "{{ .Env.HOMEBREW_TAP_GITHUB_TOKEN }}"
directory: Formula
homepage: "https://fluxcd.io/"
description: "Flux CLI"
install: |
bin.install "flux"
generate_completions_from_executable(bin/"flux", "completion")
test: |
system "#{bin}/flux --version"
dockers:
- image_templates:
- 'fluxcd/flux-cli:{{ .Tag }}-amd64'
- 'ghcr.io/fluxcd/flux-cli:{{ .Tag }}-amd64'
dockerfile: Dockerfile
use: buildx
goos: linux
goarch: amd64
build_flag_templates:
- "--pull"
- "--build-arg=ARCH=linux/amd64"
- "--label=org.opencontainers.image.created={{ .Date }}"
- "--label=org.opencontainers.image.name={{ .ProjectName }}"
- "--label=org.opencontainers.image.revision={{ .FullCommit }}"
- "--label=org.opencontainers.image.version={{ .Version }}"
- "--label=org.opencontainers.image.source={{ .GitURL }}"
- "--platform=linux/amd64"
- image_templates:
- 'fluxcd/flux-cli:{{ .Tag }}-arm64'
- 'ghcr.io/fluxcd/flux-cli:{{ .Tag }}-arm64'
dockerfile: Dockerfile
use: buildx
goos: linux
goarch: arm64
build_flag_templates:
- "--pull"
- "--build-arg=ARCH=linux/arm64"
- "--label=org.opencontainers.image.created={{ .Date }}"
- "--label=org.opencontainers.image.name={{ .ProjectName }}"
- "--label=org.opencontainers.image.revision={{ .FullCommit }}"
- "--label=org.opencontainers.image.version={{ .Version }}"
- "--label=org.opencontainers.image.source={{ .GitURL }}"
- "--platform=linux/arm64"
- image_templates:
- 'fluxcd/flux-cli:{{ .Tag }}-arm'
- 'ghcr.io/fluxcd/flux-cli:{{ .Tag }}-arm'
dockerfile: Dockerfile
use: buildx
goos: linux
goarch: arm
goarm: 7
build_flag_templates:
- "--pull"
- "--build-arg=ARCH=linux/arm"
- "--label=org.opencontainers.image.created={{ .Date }}"
- "--label=org.opencontainers.image.name={{ .ProjectName }}"
- "--label=org.opencontainers.image.revision={{ .FullCommit }}"
- "--label=org.opencontainers.image.version={{ .Version }}"
- "--label=org.opencontainers.image.source={{ .GitURL }}"
- "--platform=linux/arm/v7"
docker_manifests:
- name_template: 'fluxcd/flux-cli:{{ .Tag }}'
image_templates:
- 'fluxcd/flux-cli:{{ .Tag }}-amd64'
- 'fluxcd/flux-cli:{{ .Tag }}-arm64'
- 'fluxcd/flux-cli:{{ .Tag }}-arm'
- name_template: 'ghcr.io/fluxcd/flux-cli:{{ .Tag }}'
image_templates:
- 'ghcr.io/fluxcd/flux-cli:{{ .Tag }}-amd64'
- 'ghcr.io/fluxcd/flux-cli:{{ .Tag }}-arm64'
- 'ghcr.io/fluxcd/flux-cli:{{ .Tag }}-arm'
docker_signs:
- cmd: cosign
env:
- COSIGN_EXPERIMENTAL=1
args:
- sign
- "--yes"
- '${artifact}'
artifacts: all
output: true
================================================
FILE: .scorecard.yml
================================================
annotations:
- checks:
- dangerous-workflow
reasons:
- reason: not-applicable # This workflow does not run untrusted code, the bot will only backport a code if the a PR was approved and merged into main.
================================================
FILE: CODE_OF_CONDUCT.md
================================================
## Code of Conduct
FluxCD toolkit follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md).
================================================
FILE: CONTRIBUTING.md
================================================
# Contributing
Flux is [Apache 2.0 licensed](https://github.com/fluxcd/flux2/blob/main/LICENSE) and
accepts contributions via GitHub pull requests. This document outlines
some of the conventions on to make it easier to get your contribution
accepted.
We gratefully welcome improvements to issues and documentation as well as to
code.
## Certificate of Origin
By contributing to this project you agree to the Developer Certificate of
Origin (DCO). This document was created by the Linux Kernel community and is a
simple statement that you, as a contributor, have the legal right to make the
contribution.
We require all commits to be signed. By signing off with your signature, you
certify that you wrote the patch or otherwise have the right to contribute the
material by the rules of the [DCO](DCO):
`Signed-off-by: Jane Doe <jane.doe@example.com>`
The signature must contain your real name
(sorry, no pseudonyms or anonymous contributions)
If your `user.name` and `user.email` are configured in your Git config,
you can sign your commit automatically with `git commit -s`.
## Communications
For realtime communications we use Slack: To join the conversation, simply
join the [CNCF](https://slack.cncf.io/) Slack workspace and use the
[#flux-contributors](https://cloud-native.slack.com/messages/flux-contributors/) channel.
To discuss ideas and specifications we use [Github
Discussions](https://github.com/fluxcd/flux2/discussions).
For announcements we use a mailing list as well. Simply subscribe to
[flux-dev on cncf.io](https://lists.cncf.io/g/cncf-flux-dev)
to join the conversation (there you can also add calendar invites
to your Google calendar for our [Flux
meeting](https://docs.google.com/document/d/1l_M0om0qUEN_NNiGgpqJ2tvsF2iioHkaARDeh6b70B0/view)).
## Understanding Flux and the GitOps Toolkit
If you are entirely new to Flux and the GitOps Toolkit,
you might want to take a look at the [introductory talk and demo](https://www.youtube.com/watch?v=qQBtSkgl7tI).
This project is composed of:
- [flux2](https://github.com/fluxcd/flux2): The Flux CLI
- [source-controller](https://github.com/fluxcd/source-controller): Kubernetes operator for managing sources (Git, OCI and Helm repositories, S3-compatible Buckets)
- [source-watcher](https://github.com/fluxcd/source-watcher): Kubernetes operator for advanced source composition and decomposition patterns
- [kustomize-controller](https://github.com/fluxcd/kustomize-controller): Kubernetes operator for building GitOps pipelines with Kustomize
- [helm-controller](https://github.com/fluxcd/helm-controller): Kubernetes operator for building GitOps pipelines with Helm
- [notification-controller](https://github.com/fluxcd/notification-controller): Kubernetes operator for handling inbound and outbound events
- [image-reflector-controller](https://github.com/fluxcd/image-reflector-controller): Kubernetes operator for scanning container registries
- [image-automation-controller](https://github.com/fluxcd/image-automation-controller): Kubernetes operator for patches container image tags in Git
### Understanding the code
To get started with developing controllers, you might want to review
[our guide](https://fluxcd.io/flux/gitops-toolkit/source-watcher/) which
walks you through writing a short and concise controller that watches out
for source changes.
## How to run the test suite
Prerequisites:
* go >= 1.26
* kubectl >= 1.33
* kustomize >= 5.0
Install the [controller-runtime/envtest](https://github.com/kubernetes-sigs/controller-runtime/tree/master/tools/setup-envtest) binaries with:
```bash
make install-envtest
```
Then you can run the unit tests with:
```bash
make test
```
After [installing Kubernetes kind](https://kind.sigs.k8s.io/docs/user/quick-start#installation) on your machine,
create a cluster for testing with:
```bash
make setup-kind
```
Then you can run the end-to-end tests with:
```bash
make e2e
```
When the output of the Flux CLI changes, to automatically update the golden
files used in the test, pass `-update` flag to the test as:
```bash
make e2e TEST_ARGS="-update"
```
Since not all packages use golden files for testing, `-update` argument must be
passed only for the packages that use golden files. Use the variables
`TEST_PKG_PATH` for unit tests and `E2E_TEST_PKG_PATH` for e2e tests, to set the
path of the target test package:
```bash
# Unit test
make test TEST_PKG_PATH="./cmd/flux" TEST_ARGS="-update"
# e2e test
make e2e E2E_TEST_PKG_PATH="./cmd/flux" TEST_ARGS="-update"
```
Teardown the e2e environment with:
```bash
make cleanup-kind
```
## Acceptance policy
These things will make a PR more likely to be accepted:
- a well-described requirement
- tests for new code
- tests for old code!
- new code and tests follow the conventions in old code and tests
- a good commit message (see below)
- all code must abide [Go Code Review Comments](https://github.com/golang/go/wiki/CodeReviewComments)
- names should abide [What's in a name](https://talks.golang.org/2014/names.slide#1)
- code must build on both Linux and Darwin, via plain `go build`
- code should have appropriate test coverage and tests should be written
to work with `go test`
In general, we will merge a PR once one maintainer has endorsed it.
For substantial changes, more people may become involved, and you might
get asked to resubmit the PR or divide the changes into more than one PR.
### Format of the Commit Message
For the GitOps Toolkit controllers we prefer the following rules for good commit messages:
- Limit the subject to 50 characters and write as the continuation
of the sentence "If applied, this commit will ..."
- Explain what and why in the body, if more than a trivial change;
wrap it at 72 characters.
The [following article](https://chris.beams.io/posts/git-commit/#seven-rules)
has some more helpful advice on documenting your work.
================================================
FILE: DCO
================================================
Developer Certificate of Origin
Version 1.1
Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
660 York Street, Suite 102,
San Francisco, CA 94110 USA
Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
================================================
FILE: Dockerfile
================================================
FROM alpine:3.23 AS builder
RUN apk add --no-cache ca-certificates curl
ARG ARCH=linux/amd64
ARG KUBECTL_VER=1.35.0
RUN curl -sL https://dl.k8s.io/release/v${KUBECTL_VER}/bin/${ARCH}/kubectl \
-o /usr/local/bin/kubectl && chmod +x /usr/local/bin/kubectl
RUN kubectl version --client=true
FROM alpine:3.23 AS flux-cli
RUN apk add --no-cache ca-certificates
COPY --from=builder /usr/local/bin/kubectl /usr/local/bin/
COPY --chmod=755 flux /usr/local/bin/
USER 65534:65534
ENTRYPOINT [ "flux" ]
================================================
FILE: LICENSE
================================================
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright [yyyy] [name of copyright owner]
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
================================================
FILE: MAINTAINERS
================================================
The maintainers are generally available in Slack at
https://cloud-native.slack.com in #flux (https://cloud-native.slack.com/messages/CLAJ40HV3)
(obtain an invitation at https://slack.cncf.io/).
The Flux2 maintainers team is identical with the core maintainers of the project
as listed in
https://github.com/fluxcd/community/blob/main/CORE-MAINTAINERS
================================================
FILE: Makefile
================================================
VERSION?=$(shell grep 'VERSION' cmd/flux/main.go | awk '{ print $$4 }' | head -n 1 | tr -d '"')
DEV_VERSION?=0.0.0-$(shell git rev-parse --abbrev-ref HEAD)-$(shell git rev-parse --short HEAD)-$(shell date +%s)
EMBEDDED_MANIFESTS_TARGET=cmd/flux/.manifests.done
TEST_KUBECONFIG?=/tmp/flux-e2e-test-kubeconfig
# Architecture to use envtest with
ENVTEST_ARCH ?= amd64
# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
ifeq (,$(shell go env GOBIN))
GOBIN=$(shell go env GOPATH)/bin
else
GOBIN=$(shell go env GOBIN)
endif
rwildcard=$(foreach d,$(wildcard $(addsuffix *,$(1))),$(call rwildcard,$(d)/,$(2)) $(filter $(subst *,%,$(2)),$(d)))
all: test build
tidy:
go mod tidy -compat=1.26
cd tests/integration && go mod tidy -compat=1.26
fmt:
go fmt ./...
vet:
go vet ./...
setup-kind:
kind create cluster --name=flux-e2e-test --kubeconfig=$(TEST_KUBECONFIG) --config=.github/kind/config.yaml
kubectl --kubeconfig=$(TEST_KUBECONFIG) apply -f https://docs.projectcalico.org/v3.16/manifests/calico.yaml
kubectl --kubeconfig=$(TEST_KUBECONFIG) -n kube-system set env daemonset/calico-node FELIX_IGNORELOOSERPF=true
cleanup-kind:
kind delete cluster --name=flux-e2e-test
rm $(TEST_KUBECONFIG)
KUBEBUILDER_ASSETS?="$(shell $(ENVTEST) --arch=$(ENVTEST_ARCH) use -i $(ENVTEST_KUBERNETES_VERSION) --bin-dir=$(ENVTEST_ASSETS_DIR) -p path)"
TEST_PKG_PATH="./..."
test: $(EMBEDDED_MANIFESTS_TARGET) tidy fmt vet install-envtest
KUBEBUILDER_ASSETS="$(KUBEBUILDER_ASSETS)" go test $(TEST_PKG_PATH) -coverprofile cover.out --tags=unit $(TEST_ARGS)
E2E_TEST_PKG_PATH="./cmd/flux/..."
e2e: $(EMBEDDED_MANIFESTS_TARGET) tidy fmt vet
TEST_KUBECONFIG=$(TEST_KUBECONFIG) go test $(E2E_TEST_PKG_PATH) -coverprofile e2e.cover.out --tags=e2e -v -failfast $(TEST_ARGS)
test-with-kind: install-envtest
make setup-kind
make e2e
make cleanup-kind
$(EMBEDDED_MANIFESTS_TARGET): $(call rwildcard,manifests/,*.yaml *.json)
./manifests/scripts/bundle.sh
touch $@
build: $(EMBEDDED_MANIFESTS_TARGET)
CGO_ENABLED=0 go build -ldflags="-s -w -X main.VERSION=$(VERSION)" -o ./bin/flux ./cmd/flux
build-dev: $(EMBEDDED_MANIFESTS_TARGET)
CGO_ENABLED=0 go build -ldflags="-s -w -X main.VERSION=$(DEV_VERSION)" -o ./bin/flux ./cmd/flux
.PHONY: install
install:
CGO_ENABLED=0 go install ./cmd/flux
install-dev:
CGO_ENABLED=0 go build -o /usr/local/bin ./cmd/flux
setup-bootstrap-patch:
go run ./tests/bootstrap/main.go
setup-image-automation:
cd tests/image-automation && go run main.go
ENVTEST_ASSETS_DIR=$(shell pwd)/testbin
ENVTEST_KUBERNETES_VERSION?=latest
install-envtest: setup-envtest
mkdir -p ${ENVTEST_ASSETS_DIR}
$(ENVTEST) use $(ENVTEST_KUBERNETES_VERSION) --arch=$(ENVTEST_ARCH) --bin-dir=$(ENVTEST_ASSETS_DIR)
ENVTEST = $(shell pwd)/bin/setup-envtest
.PHONY: envtest
setup-envtest: ## Download envtest-setup locally if necessary.
$(call go-install-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@latest)
# go-install-tool will 'go install' any package $2 and install it to $1.
PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
define go-install-tool
@[ -f $(1) ] || { \
set -e ;\
TMP_DIR=$$(mktemp -d) ;\
cd $$TMP_DIR ;\
go mod init tmp ;\
echo "Downloading $(2)" ;\
GOBIN=$(PROJECT_DIR)/bin go install $(2) ;\
rm -rf $$TMP_DIR ;\
}
endef
================================================
FILE: README.md
================================================
# Flux version 2
[](https://github.com/fluxcd/flux2/releases)
[](https://bestpractices.coreinfrastructure.org/projects/4782)
[](https://scorecard.dev/viewer/?uri=github.com/fluxcd/flux2)
[](https://app.fossa.com/projects/custom%2B162%2Fgithub.com%2Ffluxcd%2Fflux2?ref=badge_shield)
[](https://artifacthub.io/packages/helm/fluxcd-community/flux2)
[](https://fluxcd.io/flux/security/slsa-assessment)
Flux is a tool for keeping Kubernetes clusters in sync with sources of
configuration (like Git repositories and OCI artifacts),
and automating updates to configuration when there is new code to deploy.
Flux version 2 ("v2") is built from the ground up to use Kubernetes'
API extension system, and to integrate with Prometheus and other core
components of the Kubernetes ecosystem. In version 2, Flux supports
multi-tenancy and support for syncing an arbitrary number of Git
repositories, among other long-requested features.
Flux v2 is constructed with the [GitOps Toolkit](#gitops-toolkit), a
set of composable APIs and specialized tools for building Continuous
Delivery on top of Kubernetes.
Flux is a Cloud Native Computing Foundation ([CNCF](https://www.cncf.io/)) graduated project, used in
production by various [organisations](https://fluxcd.io/adopters) and [cloud providers](https://fluxcd.io/ecosystem).
## Quickstart and documentation
To get started check out this [guide](https://fluxcd.io/flux/get-started/)
on how to bootstrap Flux on Kubernetes and deploy a sample application in a GitOps manner.
For more comprehensive documentation, see the following guides:
- [Ways of structuring your repositories](https://fluxcd.io/flux/guides/repository-structure/)
- [Manage Helm Releases](https://fluxcd.io/flux/guides/helmreleases/)
- [Automate image updates to Git](https://fluxcd.io/flux/guides/image-update/)
- [Manage Kubernetes secrets with Flux and SOPS](https://fluxcd.io/flux/guides/mozilla-sops/)
If you need help, please refer to our **[Support page](https://fluxcd.io/support/)**.
## GitOps Toolkit
The GitOps Toolkit is the set of APIs and controllers that make up the
runtime for Flux v2. The APIs comprise Kubernetes custom resources,
which can be created and updated by a cluster user, or by other
automation tooling.
You can use the toolkit to extend Flux, or to build your own systems
for continuous delivery -- see [the developer
guides](https://fluxcd.io/flux/gitops-toolkit/source-watcher/).
### Components
- [Source Controllers](https://fluxcd.io/flux/components/source/)
- [GitRepository CRD](https://fluxcd.io/flux/components/source/gitrepositories/)
- [OCIRepository CRD](https://fluxcd.io/flux/components/source/ocirepositories/)
- [HelmRepository CRD](https://fluxcd.io/flux/components/source/helmrepositories/)
- [HelmChart CRD](https://fluxcd.io/flux/components/source/helmcharts/)
- [Bucket CRD](https://fluxcd.io/flux/components/source/buckets/)
- [ExternalArtifact CRD](https://fluxcd.io/flux/components/source/externalartifacts/)
- [ArtifactGenerator CRD](https://fluxcd.io/flux/components/source/artifactgenerators/)
- [Kustomize Controller](https://fluxcd.io/flux/components/kustomize/)
- [Kustomization CRD](https://fluxcd.io/flux/components/kustomize/kustomizations/)
- [Helm Controller](https://fluxcd.io/flux/components/helm/)
- [HelmRelease CRD](https://fluxcd.io/flux/components/helm/helmreleases/)
- [Notification Controller](https://fluxcd.io/flux/components/notification/)
- [Provider CRD](https://fluxcd.io/flux/components/notification/providers/)
- [Alert CRD](https://fluxcd.io/flux/components/notification/alerts/)
- [Receiver CRD](https://fluxcd.io/flux/components/notification/receivers/)
- [Image Automation Controllers](https://fluxcd.io/flux/components/image/)
- [ImageRepository CRD](https://fluxcd.io/flux/components/image/imagerepositories/)
- [ImagePolicy CRD](https://fluxcd.io/flux/components/image/imagepolicies/)
- [ImageUpdateAutomation CRD](https://fluxcd.io/flux/components/image/imageupdateautomations/)
## Community
Need help or want to contribute? Please see the links below. The Flux project is always looking for
new contributors and there are a multitude of ways to get involved.
- Getting Started?
- Look at our [Get Started guide](https://fluxcd.io/flux/get-started/) and give us feedback
- Need help?
- First: Ask questions on our [GH Discussions page](https://github.com/fluxcd/flux2/discussions).
- Second: Talk to us in the #flux channel on [CNCF Slack](https://slack.cncf.io/).
- Please follow our [Support Guidelines](https://fluxcd.io/support/)
(in short: be nice, be respectful of volunteers' time, understand that maintainers and
contributors cannot respond to all DMs, and keep discussions in the public #flux channel as much as possible).
- Have feature proposals or want to contribute?
- Propose features on our [GitHub Discussions page](https://github.com/fluxcd/flux2/discussions).
- Join our upcoming dev meetings ([meeting access and agenda](https://docs.google.com/document/d/1l_M0om0qUEN_NNiGgpqJ2tvsF2iioHkaARDeh6b70B0/view)).
- [Join the flux-dev mailing list](https://lists.cncf.io/g/cncf-flux-dev).
- Check out [how to contribute](CONTRIBUTING.md) to the project.
- Check out the [project roadmap](https://fluxcd.io/roadmap/).
### Events
Check out our **[events calendar](https://fluxcd.io/#calendar)**,
both with upcoming talks, events and meetings you can attend.
Or view the **[resources section](https://fluxcd.io/resources)**
with past events videos you can watch.
We look forward to seeing you with us!
================================================
FILE: action/README.md
================================================
# Flux GitHub Action
To install the latest Flux CLI on Linux, macOS or Windows GitHub runners:
```yaml
steps:
- name: Setup Flux CLI
uses: fluxcd/flux2/action@main
with:
version: 'latest'
- name: Run Flux CLI
run: flux version --client
```
The Flux GitHub Action can be used to automate various tasks in CI, such as:
- [Automate Flux upgrades on clusters via Pull Requests](https://fluxcd.io/flux/flux-gh-action/#automate-flux-updates)
- [Push Kubernetes manifests to container registries](https://fluxcd.io/flux/flux-gh-action/#push-kubernetes-manifests-to-container-registries)
- [Run end-to-end testing with Flux and Kubernetes Kind](https://fluxcd.io/flux/flux-gh-action/#end-to-end-testing)
For more information, please see the [Flux GitHub Action documentation](https://fluxcd.io/flux/flux-gh-action/).
================================================
FILE: action/action.yml
================================================
name: Setup Flux CLI
description: A GitHub Action for installing the Flux CLI
author: Flux project
branding:
color: blue
icon: command
inputs:
version:
description: "Flux version e.g. 2.0.0 (defaults to latest stable release)"
required: false
arch:
description: "arch can be amd64, arm64 or arm"
required: false
deprecationMessage: "No longer required, action will now detect runner arch."
bindir:
description: "Alternative location for the Flux binary, defaults to path relative to $RUNNER_TOOL_CACHE."
required: false
token:
description: "Token used to authenticate against the GitHub.com API."
required: false
runs:
using: composite
steps:
- name: "Download the binary to the runner's cache dir"
shell: bash
env:
VERSION: "${{ inputs.version }}"
FLUX_TOOL_DIR: "${{ inputs.bindir }}"
TOKEN: "${{ inputs.token }}"
run: |
if [[ -z "$VERSION" ]] || [[ "$VERSION" = "latest" ]]; then
if [[ "${TOKEN}" != '' ]]; then
VERSION=$(curl -fsSL -H "Authorization: token ${TOKEN}" https://api.github.com/repos/fluxcd/flux2/releases/latest | grep tag_name | cut -d '"' -f 4)
else
VERSION=$(curl -w "%{url_effective}\n" -IsSL https://github.com/fluxcd/flux2/releases/latest -o /dev/null | sed 's$^.*/$$')
fi
fi
if [[ -z "$VERSION" ]]; then
echo "Unable to determine Flux CLI version"
exit 1
fi
if [[ $VERSION = v* ]]; then
VERSION="${VERSION:1}"
fi
OS=$(echo "${RUNNER_OS}" | tr '[:upper:]' '[:lower:]')
if [[ "$OS" == "macos" ]]; then
OS="darwin"
fi
ARCH=$(echo "${RUNNER_ARCH}" | tr '[:upper:]' '[:lower:]')
if [[ "$ARCH" == "x64" ]]; then
ARCH="amd64"
elif [[ "$ARCH" == "x86" ]]; then
ARCH="386"
fi
FLUX_EXEC_FILE="flux"
if [[ "$OS" == "windows" ]]; then
FLUX_EXEC_FILE="${FLUX_EXEC_FILE}.exe"
fi
if [[ -z "$FLUX_TOOL_DIR" ]]; then
FLUX_TOOL_DIR="${RUNNER_TOOL_CACHE}/flux2/${VERSION}/${OS}/${ARCH}"
fi
if [[ ! -x "$FLUX_TOOL_DIR/FLUX_EXEC_FILE" ]]; then
DL_DIR="$(mktemp -dt flux2-XXXXXX)"
trap 'rm -rf $DL_DIR' EXIT
echo "Downloading flux ${VERSION} for ${OS}/${ARCH}"
FLUX_TARGET_FILE="flux_${VERSION}_${OS}_${ARCH}.tar.gz"
if [[ "$OS" == "windows" ]]; then
FLUX_TARGET_FILE="flux_${VERSION}_${OS}_${ARCH}.zip"
fi
FLUX_CHECKSUMS_FILE="flux_${VERSION}_checksums.txt"
FLUX_DOWNLOAD_URL="https://github.com/fluxcd/flux2/releases/download/v${VERSION}/"
MAX_RETRIES=5
RETRY_DELAY=5
for i in $(seq 1 $MAX_RETRIES); do
echo "Downloading flux binary (attempt $i/$MAX_RETRIES)"
if curl -fsSL -o "$DL_DIR/$FLUX_TARGET_FILE" "$FLUX_DOWNLOAD_URL/$FLUX_TARGET_FILE"; then
break
fi
if [ $i -lt $MAX_RETRIES ]; then
echo "Download failed, retrying in ${RETRY_DELAY} seconds..."
sleep $RETRY_DELAY
else
echo "Failed to download flux binary after $MAX_RETRIES attempts"
exit 1
fi
done
for i in $(seq 1 $MAX_RETRIES); do
echo "Downloading checksums file (attempt $i/$MAX_RETRIES)"
if curl -fsSL -o "$DL_DIR/$FLUX_CHECKSUMS_FILE" "$FLUX_DOWNLOAD_URL/$FLUX_CHECKSUMS_FILE"; then
break
fi
if [ $i -lt $MAX_RETRIES ]; then
echo "Download failed, retrying in ${RETRY_DELAY} seconds..."
sleep $RETRY_DELAY
else
echo "Failed to download checksums file after $MAX_RETRIES attempts"
exit 1
fi
done
echo "Verifying checksum"
sum=""
if command -v openssl > /dev/null; then
sum=$(openssl sha256 "$DL_DIR/$FLUX_TARGET_FILE" | awk '{print $2}')
elif command -v sha256sum > /dev/null; then
sum=$(sha256sum "$DL_DIR/$FLUX_TARGET_FILE" | awk '{print $1}')
fi
if [[ -z "$sum" ]]; then
echo "Neither openssl nor sha256sum found. Cannot calculate checksum."
exit 1
fi
expected_sum=$(grep " $FLUX_TARGET_FILE\$" "$DL_DIR/$FLUX_CHECKSUMS_FILE" | awk '{print $1}')
if [ "$sum" != "$expected_sum" ]; then
echo "SHA sum of ${FLUX_TARGET_FILE} does not match. Aborting."
exit 1
fi
echo "Installing flux to ${FLUX_TOOL_DIR}"
mkdir -p "$FLUX_TOOL_DIR"
if [[ "$OS" == "windows" ]]; then
unzip "$DL_DIR/$FLUX_TARGET_FILE" "$FLUX_EXEC_FILE" -d "$FLUX_TOOL_DIR"
else
tar xzf "$DL_DIR/$FLUX_TARGET_FILE" -C "$FLUX_TOOL_DIR" $FLUX_EXEC_FILE
fi
chmod +x "$FLUX_TOOL_DIR/$FLUX_EXEC_FILE"
fi
echo "Adding flux to path"
echo "$FLUX_TOOL_DIR" >> "$GITHUB_PATH"
- name: "Print installed flux version"
shell: bash
run: |
flux -v
================================================
FILE: cmd/flux/alert.go
================================================
/*
Copyright 2021 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"sigs.k8s.io/controller-runtime/pkg/client"
notificationv1 "github.com/fluxcd/notification-controller/api/v1beta3"
)
// notificationv1.Alert
var alertType = apiType{
kind: notificationv1.AlertKind,
humanKind: "alert",
groupVersion: notificationv1.GroupVersion,
}
type alertAdapter struct {
*notificationv1.Alert
}
func (a alertAdapter) asClientObject() client.Object {
return a.Alert
}
func (a alertAdapter) deepCopyClientObject() client.Object {
return a.Alert.DeepCopy()
}
// notificationv1.Alert
type alertListAdapter struct {
*notificationv1.AlertList
}
func (a alertListAdapter) asClientList() client.ObjectList {
return a.AlertList
}
func (a alertListAdapter) len() int {
return len(a.AlertList.Items)
}
================================================
FILE: cmd/flux/alert_provider.go
================================================
/*
Copyright 2021 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"sigs.k8s.io/controller-runtime/pkg/client"
notificationv1 "github.com/fluxcd/notification-controller/api/v1beta3"
)
// notificationv1.Provider
var alertProviderType = apiType{
kind: notificationv1.ProviderKind,
humanKind: "alert provider",
groupVersion: notificationv1.GroupVersion,
}
type alertProviderAdapter struct {
*notificationv1.Provider
}
func (a alertProviderAdapter) asClientObject() client.Object {
return a.Provider
}
func (a alertProviderAdapter) deepCopyClientObject() client.Object {
return a.Provider.DeepCopy()
}
// notificationv1.Provider
type alertProviderListAdapter struct {
*notificationv1.ProviderList
}
func (a alertProviderListAdapter) asClientList() client.ObjectList {
return a.ProviderList
}
func (a alertProviderListAdapter) len() int {
return len(a.ProviderList.Items)
}
================================================
FILE: cmd/flux/artifact.go
================================================
/*
Copyright 2025 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"sigs.k8s.io/controller-runtime/pkg/client"
swapi "github.com/fluxcd/source-watcher/api/v2/v1beta1"
)
// swapi.ArtifactGenerator
var artifactGeneratorType = apiType{
kind: swapi.ArtifactGeneratorKind,
humanKind: "artifactgenerator",
groupVersion: swapi.GroupVersion,
}
type artifactGeneratorAdapter struct {
*swapi.ArtifactGenerator
}
func (h artifactGeneratorAdapter) asClientObject() client.Object {
return h.ArtifactGenerator
}
func (h artifactGeneratorAdapter) deepCopyClientObject() client.Object {
return h.ArtifactGenerator.DeepCopy()
}
// swapi.ArtifactGeneratorList
type artifactGeneratorListAdapter struct {
*swapi.ArtifactGeneratorList
}
func (h artifactGeneratorListAdapter) asClientList() client.ObjectList {
return h.ArtifactGeneratorList
}
func (h artifactGeneratorListAdapter) len() int {
return len(h.ArtifactGeneratorList.Items)
}
================================================
FILE: cmd/flux/bootstrap.go
================================================
/*
Copyright 2020 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"context"
"crypto/elliptic"
"fmt"
"strings"
"github.com/fluxcd/pkg/git"
"github.com/manifoldco/promptui"
"github.com/spf13/cobra"
"k8s.io/apimachinery/pkg/api/errors"
"sigs.k8s.io/controller-runtime/pkg/client"
"github.com/fluxcd/flux2/v2/internal/flags"
"github.com/fluxcd/flux2/v2/internal/utils"
"github.com/fluxcd/flux2/v2/pkg/manifestgen"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sourcesecret"
)
var bootstrapCmd = &cobra.Command{
Use: "bootstrap",
Short: "Deploy Flux on a cluster the GitOps way.",
Long: `The bootstrap sub-commands push the Flux manifests to a Git repository
and deploy Flux on the cluster.`,
}
type bootstrapFlags struct {
version string
logLevel flags.LogLevel
branch string
recurseSubmodules bool
manifestsPath string
defaultComponents []string
extraComponents []string
requiredComponents []string
registry string
registryCredential string
imagePullSecret string
secretName string
tokenAuth bool
keyAlgorithm flags.PublicKeyAlgorithm
keyRSABits flags.RSAKeyBits
keyECDSACurve flags.ECDSACurve
sshHostname string
caFile string
privateKeyFile string
sshHostKeyAlgorithms []string
watchAllNamespaces bool
networkPolicy bool
clusterDomain string
tolerationKeys []string
authorName string
authorEmail string
gpgKeyRingPath string
gpgPassphrase string
gpgKeyID string
force bool
commitMessageAppendix string
}
const (
bootstrapDefaultBranch = "main"
)
var bootstrapArgs = NewBootstrapFlags()
func init() {
bootstrapCmd.PersistentFlags().StringVarP(&bootstrapArgs.version, "version", "v", "",
"toolkit version, when specified the manifests are downloaded from https://github.com/fluxcd/flux2/releases")
bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.defaultComponents, "components", rootArgs.defaults.Components,
"list of components, accepts comma-separated values")
bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.extraComponents, "components-extra", nil,
"list of components in addition to those supplied or defaulted, accepts values such as 'image-reflector-controller,image-automation-controller,source-watcher'")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.registry, "registry", "ghcr.io/fluxcd",
"container registry where the Flux controller images are published")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.registryCredential, "registry-creds", "",
"container registry credentials in the format 'user:password', requires --image-pull-secret to be set")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.imagePullSecret, "image-pull-secret", "",
"Kubernetes secret name used for pulling the controller images from a private registry")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.branch, "branch", bootstrapDefaultBranch, "Git branch")
bootstrapCmd.PersistentFlags().BoolVar(&bootstrapArgs.recurseSubmodules, "recurse-submodules", false,
"when enabled, configures the GitRepository source to initialize and include Git submodules in the artifact it produces")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.manifestsPath, "manifests", "", "path to the manifest directory")
bootstrapCmd.PersistentFlags().BoolVar(&bootstrapArgs.watchAllNamespaces, "watch-all-namespaces", true,
"watch for custom resources in all namespaces, if set to false it will only watch the namespace where the Flux controllers are installed")
bootstrapCmd.PersistentFlags().BoolVar(&bootstrapArgs.networkPolicy, "network-policy", true,
"setup Kubernetes network policies to deny ingress access to the Flux controllers from other namespaces")
bootstrapCmd.PersistentFlags().BoolVar(&bootstrapArgs.tokenAuth, "token-auth", false,
"when enabled, the personal access token will be used instead of the SSH deploy key")
bootstrapCmd.PersistentFlags().Var(&bootstrapArgs.logLevel, "log-level", bootstrapArgs.logLevel.Description())
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.clusterDomain, "cluster-domain", rootArgs.defaults.ClusterDomain, "internal cluster domain")
bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.tolerationKeys, "toleration-keys", nil,
"list of toleration keys used to schedule the controller pods onto nodes with matching taints")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.secretName, "secret-name", rootArgs.defaults.Namespace, "name of the secret the sync credentials can be found in or stored to")
bootstrapCmd.PersistentFlags().Var(&bootstrapArgs.keyAlgorithm, "ssh-key-algorithm", bootstrapArgs.keyAlgorithm.Description())
bootstrapCmd.PersistentFlags().Var(&bootstrapArgs.keyRSABits, "ssh-rsa-bits", bootstrapArgs.keyRSABits.Description())
bootstrapCmd.PersistentFlags().StringSliceVar(&bootstrapArgs.sshHostKeyAlgorithms, "ssh-hostkey-algos", nil, "list of host key algorithms to be used by the CLI for SSH connections")
bootstrapCmd.PersistentFlags().Var(&bootstrapArgs.keyECDSACurve, "ssh-ecdsa-curve", bootstrapArgs.keyECDSACurve.Description())
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.sshHostname, "ssh-hostname", "", "SSH hostname, to be used when the SSH host differs from the HTTPS one")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.caFile, "ca-file", "", "path to TLS CA file used for validating self-signed certificates")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.privateKeyFile, "private-key-file", "", "path to a private key file used for authenticating to the Git SSH server")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.authorName, "author-name", "Flux", "author name for Git commits")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.authorEmail, "author-email", "", "author email for Git commits")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.gpgKeyRingPath, "gpg-key-ring", "", "path to GPG key ring for signing commits")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.gpgPassphrase, "gpg-passphrase", "", "passphrase for decrypting GPG private key")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.gpgKeyID, "gpg-key-id", "", "key id for selecting a particular key")
bootstrapCmd.PersistentFlags().StringVar(&bootstrapArgs.commitMessageAppendix, "commit-message-appendix", "", "string to add to the commit messages, e.g. '[ci skip]'")
bootstrapCmd.PersistentFlags().BoolVar(&bootstrapArgs.force, "force", false, "override existing Flux installation if it's managed by a different tool such as Helm")
bootstrapCmd.PersistentFlags().MarkHidden("manifests")
rootCmd.AddCommand(bootstrapCmd)
}
func NewBootstrapFlags() bootstrapFlags {
return bootstrapFlags{
logLevel: flags.LogLevel(rootArgs.defaults.LogLevel),
requiredComponents: []string{"source-controller", "kustomize-controller"},
keyAlgorithm: flags.PublicKeyAlgorithm(sourcesecret.ECDSAPrivateKeyAlgorithm),
keyRSABits: 2048,
keyECDSACurve: flags.ECDSACurve{Curve: elliptic.P384()},
}
}
func bootstrapComponents() []string {
return append(bootstrapArgs.defaultComponents, bootstrapArgs.extraComponents...)
}
func buildEmbeddedManifestBase() (string, error) {
if !isEmbeddedVersion(bootstrapArgs.version) {
return "", nil
}
tmpBaseDir, err := manifestgen.MkdirTempAbs("", "flux-manifests-")
if err != nil {
return "", err
}
if err := writeEmbeddedManifests(tmpBaseDir); err != nil {
return "", err
}
return tmpBaseDir, nil
}
func bootstrapValidate() error {
components := bootstrapComponents()
for _, component := range bootstrapArgs.requiredComponents {
if !utils.ContainsItemString(components, component) {
return fmt.Errorf("component %s is required", component)
}
}
if err := utils.ValidateComponents(components); err != nil {
return err
}
if bootstrapArgs.registryCredential != "" && bootstrapArgs.imagePullSecret == "" {
return fmt.Errorf("--registry-creds requires --image-pull-secret to be set")
}
if bootstrapArgs.registryCredential != "" && len(strings.Split(bootstrapArgs.registryCredential, ":")) != 2 {
return fmt.Errorf("invalid --registry-creds format, expected 'user:password'")
}
if len(bootstrapArgs.sshHostKeyAlgorithms) > 0 {
git.HostKeyAlgos = bootstrapArgs.sshHostKeyAlgorithms
}
return nil
}
func mapTeamSlice(s []string, defaultPermission string) map[string]string {
m := make(map[string]string, len(s))
for _, v := range s {
m[v] = defaultPermission
if s := strings.Split(v, ":"); len(s) == 2 {
m[s[0]] = s[1]
}
}
return m
}
// confirmBootstrap gets a confirmation for running bootstrap over an existing Flux installation.
// It returns a nil error if Flux is not installed or the user confirms overriding an existing installation
func confirmBootstrap(ctx context.Context, kubeClient client.Client) error {
installed := true
info, err := getFluxClusterInfo(ctx, kubeClient)
if err != nil {
if !errors.IsNotFound(err) {
return fmt.Errorf("cluster info unavailable: %w", err)
}
installed = false
}
if installed {
err = confirmFluxInstallOverride(info)
if err != nil {
if err == promptui.ErrAbort {
return fmt.Errorf("bootstrap cancelled")
}
return err
}
}
return nil
}
================================================
FILE: cmd/flux/bootstrap_bitbucket_server.go
================================================
/*
Copyright 2021 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"context"
"fmt"
"os"
"time"
"github.com/fluxcd/pkg/git"
"github.com/fluxcd/pkg/git/gogit"
"github.com/spf13/cobra"
"github.com/fluxcd/flux2/v2/internal/flags"
"github.com/fluxcd/flux2/v2/internal/utils"
"github.com/fluxcd/flux2/v2/pkg/bootstrap"
"github.com/fluxcd/flux2/v2/pkg/bootstrap/provider"
"github.com/fluxcd/flux2/v2/pkg/manifestgen"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/install"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sourcesecret"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sync"
)
var bootstrapBServerCmd = &cobra.Command{
Use: "bitbucket-server",
Short: "Deploy Flux on a cluster connected to a Bitbucket Server repository",
Long: `The bootstrap bitbucket-server command creates the Bitbucket Server repository if it doesn't exists and
commits the Flux manifests to the master branch.
Then it configures the target cluster to synchronize with the repository.
If the Flux components are present on the cluster,
the bootstrap command will perform an upgrade if needed.`,
Example: ` # Create a Bitbucket Server API token and export it as an env var
export BITBUCKET_TOKEN=<my-token>
# Run bootstrap for a private repository using HTTPS token authentication
flux bootstrap bitbucket-server --owner=<project> --username=<user> --repository=<repository name> --hostname=<domain> --token-auth --path=clusters/my-cluster
# Run bootstrap for a private repository using SSH authentication
flux bootstrap bitbucket-server --owner=<project> --username=<user> --repository=<repository name> --hostname=<domain> --path=clusters/my-cluster
# Run bootstrap for a public repository on a personal account
flux bootstrap bitbucket-server --owner=<user> --repository=<repository name> --private=false --personal --hostname=<domain> --token-auth --path=clusters/my-cluster
# Run bootstrap for an existing repository with a branch named main
flux bootstrap bitbucket-server --owner=<project> --username=<user> --repository=<repository name> --branch=main --hostname=<domain> --token-auth --path=clusters/my-cluster`,
RunE: bootstrapBServerCmdRun,
}
const (
bServerDefaultPermission = "push"
bServerTokenEnvVar = "BITBUCKET_TOKEN"
)
type bServerFlags struct {
owner string
repository string
interval time.Duration
personal bool
username string
private bool
hostname string
path flags.SafeRelativePath
teams []string
readWriteKey bool
reconcile bool
}
var bServerArgs bServerFlags
func init() {
bootstrapBServerCmd.Flags().StringVar(&bServerArgs.owner, "owner", "", "Bitbucket Server user or project name")
bootstrapBServerCmd.Flags().StringVar(&bServerArgs.repository, "repository", "", "Bitbucket Server repository name")
bootstrapBServerCmd.Flags().StringSliceVar(&bServerArgs.teams, "group", []string{}, "Bitbucket Server groups to be given write access (also accepts comma-separated values)")
bootstrapBServerCmd.Flags().BoolVar(&bServerArgs.personal, "personal", false, "if true, the owner is assumed to be a Bitbucket Server user; otherwise a group")
bootstrapBServerCmd.Flags().StringVarP(&bServerArgs.username, "username", "u", "git", "authentication username")
bootstrapBServerCmd.Flags().BoolVar(&bServerArgs.private, "private", true, "if true, the repository is setup or configured as private")
bootstrapBServerCmd.Flags().DurationVar(&bServerArgs.interval, "interval", time.Minute, "sync interval")
bootstrapBServerCmd.Flags().StringVar(&bServerArgs.hostname, "hostname", "", "Bitbucket Server hostname")
bootstrapBServerCmd.Flags().Var(&bServerArgs.path, "path", "path relative to the repository root, when specified the cluster sync will be scoped to this path")
bootstrapBServerCmd.Flags().BoolVar(&bServerArgs.readWriteKey, "read-write-key", false, "if true, the deploy key is configured with read/write permissions")
bootstrapBServerCmd.Flags().BoolVar(&bServerArgs.reconcile, "reconcile", false, "if true, the configured options are also reconciled if the repository already exists")
bootstrapCmd.AddCommand(bootstrapBServerCmd)
}
func bootstrapBServerCmdRun(cmd *cobra.Command, args []string) error {
bitbucketToken := os.Getenv(bServerTokenEnvVar)
if bitbucketToken == "" {
var err error
bitbucketToken, err = readPasswordFromStdin("Please enter your Bitbucket personal access token (PAT): ")
if err != nil {
return fmt.Errorf("could not read token: %w", err)
}
}
if bServerArgs.hostname == "" {
return fmt.Errorf("invalid hostname %q", bServerArgs.hostname)
}
if err := bootstrapValidate(); err != nil {
return err
}
ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
defer cancel()
kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
if err != nil {
return err
}
if !bootstrapArgs.force {
err = confirmBootstrap(ctx, kubeClient)
if err != nil {
return err
}
}
// Manifest base
if ver, err := getVersion(bootstrapArgs.version); err != nil {
return err
} else {
bootstrapArgs.version = ver
}
manifestsBase, err := buildEmbeddedManifestBase()
if err != nil {
return err
}
defer os.RemoveAll(manifestsBase)
user := bServerArgs.username
if bServerArgs.personal {
user = bServerArgs.owner
}
var caBundle []byte
if bootstrapArgs.caFile != "" {
var err error
caBundle, err = os.ReadFile(bootstrapArgs.caFile)
if err != nil {
return fmt.Errorf("unable to read TLS CA file: %w", err)
}
}
// Build Bitbucket Server provider
providerCfg := provider.Config{
Provider: provider.GitProviderStash,
Hostname: bServerArgs.hostname,
Username: user,
Token: bitbucketToken,
CaBundle: caBundle,
}
providerClient, err := provider.BuildGitProvider(providerCfg)
if err != nil {
return err
}
// Lazy go-git repository
tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
if err != nil {
return fmt.Errorf("failed to create temporary working dir: %w", err)
}
defer os.RemoveAll(tmpDir)
clientOpts := []gogit.ClientOption{gogit.WithDiskStorage(), gogit.WithFallbackToDefaultKnownHosts()}
gitClient, err := gogit.NewClient(tmpDir, &git.AuthOptions{
Transport: git.HTTPS,
Username: user,
Password: bitbucketToken,
CAFile: caBundle,
}, clientOpts...)
if err != nil {
return fmt.Errorf("failed to create a Git client: %w", err)
}
// Install manifest config
installOptions := install.Options{
BaseURL: rootArgs.defaults.BaseURL,
Version: bootstrapArgs.version,
Namespace: *kubeconfigArgs.Namespace,
Components: bootstrapComponents(),
Registry: bootstrapArgs.registry,
RegistryCredential: bootstrapArgs.registryCredential,
ImagePullSecret: bootstrapArgs.imagePullSecret,
WatchAllNamespaces: bootstrapArgs.watchAllNamespaces,
NetworkPolicy: bootstrapArgs.networkPolicy,
LogLevel: bootstrapArgs.logLevel.String(),
NotificationController: rootArgs.defaults.NotificationController,
ManifestFile: rootArgs.defaults.ManifestFile,
Timeout: rootArgs.timeout,
TargetPath: bServerArgs.path.ToSlash(),
ClusterDomain: bootstrapArgs.clusterDomain,
TolerationKeys: bootstrapArgs.tolerationKeys,
}
if customBaseURL := bootstrapArgs.manifestsPath; customBaseURL != "" {
installOptions.BaseURL = customBaseURL
}
// Source generation and secret config
secretOpts := sourcesecret.Options{
Name: bootstrapArgs.secretName,
Namespace: *kubeconfigArgs.Namespace,
TargetPath: bServerArgs.path.String(),
ManifestFile: sourcesecret.MakeDefaultOptions().ManifestFile,
}
if bootstrapArgs.tokenAuth {
if bServerArgs.personal {
secretOpts.Username = bServerArgs.owner
} else {
secretOpts.Username = bServerArgs.username
}
secretOpts.Password = bitbucketToken
secretOpts.CACrt = caBundle
} else {
keypair, err := sourcesecret.LoadKeyPairFromPath(bootstrapArgs.privateKeyFile, gitArgs.password)
if err != nil {
return err
}
secretOpts.Keypair = keypair
secretOpts.PrivateKeyAlgorithm = sourcesecret.PrivateKeyAlgorithm(bootstrapArgs.keyAlgorithm)
secretOpts.RSAKeyBits = int(bootstrapArgs.keyRSABits)
secretOpts.ECDSACurve = bootstrapArgs.keyECDSACurve.Curve
secretOpts.SSHHostname = bServerArgs.hostname
if bootstrapArgs.sshHostname != "" {
secretOpts.SSHHostname = bootstrapArgs.sshHostname
}
}
// Sync manifest config
syncOpts := sync.Options{
Interval: bServerArgs.interval,
Name: *kubeconfigArgs.Namespace,
Namespace: *kubeconfigArgs.Namespace,
Branch: bootstrapArgs.branch,
Secret: bootstrapArgs.secretName,
TargetPath: bServerArgs.path.ToSlash(),
ManifestFile: sync.MakeDefaultOptions().ManifestFile,
RecurseSubmodules: bootstrapArgs.recurseSubmodules,
}
entityList, err := bootstrap.LoadEntityListFromPath(bootstrapArgs.gpgKeyRingPath)
if err != nil {
return err
}
// Bootstrap config
bootstrapOpts := []bootstrap.GitProviderOption{
bootstrap.WithProviderRepository(bServerArgs.owner, bServerArgs.repository, bServerArgs.personal),
bootstrap.WithBranch(bootstrapArgs.branch),
bootstrap.WithBootstrapTransportType("https"),
bootstrap.WithSignature(bootstrapArgs.authorName, bootstrapArgs.authorEmail),
bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
bootstrap.WithProviderTeamPermissions(mapTeamSlice(bServerArgs.teams, bServerDefaultPermission)),
bootstrap.WithReadWriteKeyPermissions(bServerArgs.readWriteKey),
bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
bootstrap.WithLogger(logger),
bootstrap.WithGitCommitSigning(entityList, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
}
if bootstrapArgs.sshHostname != "" {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithSSHHostname(bootstrapArgs.sshHostname))
}
if bootstrapArgs.tokenAuth {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithSyncTransportType("https"))
}
if !bServerArgs.private {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithProviderRepositoryConfig("", "", "public"))
}
if bServerArgs.reconcile {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithReconcile())
}
// Setup bootstrapper with constructed configs
b, err := bootstrap.NewGitProviderBootstrapper(gitClient, providerClient, kubeClient, bootstrapOpts...)
if err != nil {
return err
}
// Run
return bootstrap.Run(ctx, b, manifestsBase, installOptions, secretOpts, syncOpts, rootArgs.pollInterval, rootArgs.timeout)
}
================================================
FILE: cmd/flux/bootstrap_git.go
================================================
/*
Copyright 2021 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"context"
"fmt"
"net/url"
"os"
"strings"
"time"
"github.com/manifoldco/promptui"
"github.com/spf13/cobra"
corev1 "k8s.io/api/core/v1"
"github.com/fluxcd/pkg/git"
"github.com/fluxcd/pkg/git/gogit"
"github.com/fluxcd/flux2/v2/internal/flags"
"github.com/fluxcd/flux2/v2/internal/utils"
"github.com/fluxcd/flux2/v2/pkg/bootstrap"
"github.com/fluxcd/flux2/v2/pkg/manifestgen"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/install"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sourcesecret"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sync"
)
var bootstrapGitCmd = &cobra.Command{
Use: "git",
Short: "Deploy Flux on a cluster connected to a Git repository",
Long: `The bootstrap git command commits the Flux manifests to the
branch of a Git repository. And then it configures the target cluster to synchronize with
that repository. If the Flux components are present on the cluster, the bootstrap
command will perform an upgrade if needed.`,
Example: ` # Run bootstrap for a Git repository and authenticate with your SSH agent
flux bootstrap git --url=ssh://git@example.com/repository.git --path=clusters/my-cluster
# Run bootstrap for a Git repository and authenticate using a password
flux bootstrap git --url=https://example.com/repository.git --password=<password> --path=clusters/my-cluster
# Run bootstrap for a Git repository and authenticate using a password from environment variable
GIT_PASSWORD=<password> && flux bootstrap git --url=https://example.com/repository.git --path=clusters/my-cluster
# Run bootstrap for a Git repository with a passwordless private key
flux bootstrap git --url=ssh://git@example.com/repository.git --private-key-file=<path/to/private.key> --path=clusters/my-cluster
# Run bootstrap for a Git repository with a private key and password
flux bootstrap git --url=ssh://git@example.com/repository.git --private-key-file=<path/to/private.key> --password=<password> --path=clusters/my-cluster
# Run bootstrap for a Git repository on AWS CodeCommit
flux bootstrap git --url=ssh://<SSH-Key-ID>@git-codecommit.<region>.amazonaws.com/v1/repos/<repository> --private-key-file=<path/to/private.key> --password=<SSH-passphrase> --path=clusters/my-cluster
# Run bootstrap for a Git repository on Azure Devops
flux bootstrap git --url=ssh://git@ssh.dev.azure.com/v3/<org>/<project>/<repository> --private-key-file=<path/to/rsa-sha2-private.key> --ssh-hostkey-algos=rsa-sha2-512,rsa-sha2-256 --path=clusters/my-cluster
# Run bootstrap for a Git repository on Oracle VBS
flux bootstrap git --url=https://repository_url.git --with-bearer-token=true --password=<PAT> --path=clusters/my-cluster
`,
RunE: bootstrapGitCmdRun,
}
type gitFlags struct {
url string
interval time.Duration
path flags.SafeRelativePath
username string
password string
silent bool
insecureHttpAllowed bool
withBearerToken bool
}
const (
gitPasswordEnvVar = "GIT_PASSWORD"
)
var gitArgs gitFlags
func init() {
bootstrapGitCmd.Flags().StringVar(&gitArgs.url, "url", "", "Git repository URL")
bootstrapGitCmd.Flags().DurationVar(&gitArgs.interval, "interval", time.Minute, "sync interval")
bootstrapGitCmd.Flags().Var(&gitArgs.path, "path", "path relative to the repository root, when specified the cluster sync will be scoped to this path")
bootstrapGitCmd.Flags().StringVarP(&gitArgs.username, "username", "u", "git", "basic authentication username")
bootstrapGitCmd.Flags().StringVarP(&gitArgs.password, "password", "p", "", "basic authentication password")
bootstrapGitCmd.Flags().BoolVarP(&gitArgs.silent, "silent", "s", false, "assumes the deploy key is already setup, skips confirmation")
bootstrapGitCmd.Flags().BoolVar(&gitArgs.insecureHttpAllowed, "allow-insecure-http", false, "allows insecure HTTP connections")
bootstrapGitCmd.Flags().BoolVar(&gitArgs.withBearerToken, "with-bearer-token", false, "use password as bearer token for Authorization header")
bootstrapCmd.AddCommand(bootstrapGitCmd)
}
func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
if gitArgs.withBearerToken {
bootstrapArgs.tokenAuth = true
}
gitPassword := os.Getenv(gitPasswordEnvVar)
if gitPassword != "" && gitArgs.password == "" {
gitArgs.password = gitPassword
}
if bootstrapArgs.tokenAuth && gitArgs.password == "" {
var err error
gitPassword, err = readPasswordFromStdin("Please enter your Git repository password: ")
if err != nil {
return fmt.Errorf("could not read token: %w", err)
}
gitArgs.password = gitPassword
}
if err := bootstrapValidate(); err != nil {
return err
}
repositoryURL, err := url.Parse(gitArgs.url)
if err != nil {
return err
}
if strings.Contains(repositoryURL.Hostname(), "git-codecommit") && strings.Contains(repositoryURL.Hostname(), "amazonaws.com") {
if repositoryURL.Scheme == string(git.SSH) {
if repositoryURL.User == nil {
return fmt.Errorf("invalid AWS CodeCommit url: ssh username should be specified in the url")
}
if repositoryURL.User.Username() == git.DefaultPublicKeyAuthUser {
return fmt.Errorf("invalid AWS CodeCommit url: ssh username should be the SSH key ID for the provided private key")
}
if bootstrapArgs.privateKeyFile == "" {
return fmt.Errorf("private key file is required for bootstrapping against AWS CodeCommit using ssh")
}
}
if repositoryURL.Scheme == string(git.HTTPS) && !bootstrapArgs.tokenAuth {
return fmt.Errorf("--token-auth=true must be specified for using an HTTPS AWS CodeCommit url")
}
}
ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
defer cancel()
kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
if err != nil {
return err
}
if !bootstrapArgs.force {
err = confirmBootstrap(ctx, kubeClient)
if err != nil {
return err
}
}
// Manifest base
if ver, err := getVersion(bootstrapArgs.version); err != nil {
return err
} else {
bootstrapArgs.version = ver
}
manifestsBase, err := buildEmbeddedManifestBase()
if err != nil {
return err
}
defer os.RemoveAll(manifestsBase)
// Lazy go-git repository
tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
if err != nil {
return fmt.Errorf("failed to create temporary working dir: %w", err)
}
defer os.RemoveAll(tmpDir)
var caBundle []byte
if bootstrapArgs.caFile != "" {
var err error
caBundle, err = os.ReadFile(bootstrapArgs.caFile)
if err != nil {
return fmt.Errorf("unable to read TLS CA file: %w", err)
}
}
authOpts, err := getAuthOpts(repositoryURL, caBundle)
if err != nil {
return fmt.Errorf("failed to create authentication options for %s: %w", repositoryURL.String(), err)
}
clientOpts := []gogit.ClientOption{gogit.WithDiskStorage(), gogit.WithFallbackToDefaultKnownHosts()}
if gitArgs.insecureHttpAllowed {
clientOpts = append(clientOpts, gogit.WithInsecureCredentialsOverHTTP())
}
gitClient, err := gogit.NewClient(tmpDir, authOpts, clientOpts...)
if err != nil {
return fmt.Errorf("failed to create a Git client: %w", err)
}
// Install manifest config
installOptions := install.Options{
BaseURL: rootArgs.defaults.BaseURL,
Version: bootstrapArgs.version,
Namespace: *kubeconfigArgs.Namespace,
Components: bootstrapComponents(),
Registry: bootstrapArgs.registry,
RegistryCredential: bootstrapArgs.registryCredential,
ImagePullSecret: bootstrapArgs.imagePullSecret,
WatchAllNamespaces: bootstrapArgs.watchAllNamespaces,
NetworkPolicy: bootstrapArgs.networkPolicy,
LogLevel: bootstrapArgs.logLevel.String(),
NotificationController: rootArgs.defaults.NotificationController,
ManifestFile: rootArgs.defaults.ManifestFile,
Timeout: rootArgs.timeout,
TargetPath: gitArgs.path.ToSlash(),
ClusterDomain: bootstrapArgs.clusterDomain,
TolerationKeys: bootstrapArgs.tolerationKeys,
}
if customBaseURL := bootstrapArgs.manifestsPath; customBaseURL != "" {
installOptions.BaseURL = customBaseURL
}
// Source generation and secret config
secretOpts := sourcesecret.Options{
Name: bootstrapArgs.secretName,
Namespace: *kubeconfigArgs.Namespace,
TargetPath: gitArgs.path.String(),
ManifestFile: sourcesecret.MakeDefaultOptions().ManifestFile,
}
if bootstrapArgs.tokenAuth {
if gitArgs.withBearerToken {
secretOpts.BearerToken = gitArgs.password
} else {
secretOpts.Username = gitArgs.username
secretOpts.Password = gitArgs.password
}
secretOpts.CACrt = caBundle
// Remove port of the given host when not syncing over HTTP/S to not assume port for protocol
// This _might_ be overwritten later on by e.g. --ssh-hostname
if repositoryURL.Scheme != "https" && repositoryURL.Scheme != "http" {
repositoryURL.Host = repositoryURL.Hostname()
}
// Configure repository URL to match auth config for sync.
repositoryURL.User = nil
if !gitArgs.insecureHttpAllowed {
repositoryURL.Scheme = "https"
}
} else {
secretOpts.PrivateKeyAlgorithm = sourcesecret.PrivateKeyAlgorithm(bootstrapArgs.keyAlgorithm)
secretOpts.Password = gitArgs.password
secretOpts.RSAKeyBits = int(bootstrapArgs.keyRSABits)
secretOpts.ECDSACurve = bootstrapArgs.keyECDSACurve.Curve
// Configure repository URL to match auth config for sync
// Override existing user when user is not already set
// or when a username was passed in
if repositoryURL.User == nil || gitArgs.username != "git" {
repositoryURL.User = url.User(gitArgs.username)
}
repositoryURL.Scheme = "ssh"
if bootstrapArgs.sshHostname != "" {
repositoryURL.Host = bootstrapArgs.sshHostname
}
keypair, err := sourcesecret.LoadKeyPairFromPath(bootstrapArgs.privateKeyFile, gitArgs.password)
if err != nil {
return err
}
secretOpts.Keypair = keypair
// Configure last as it depends on the config above.
secretOpts.SSHHostname = repositoryURL.Host
}
// Sync manifest config
syncOpts := sync.Options{
Interval: gitArgs.interval,
Name: *kubeconfigArgs.Namespace,
Namespace: *kubeconfigArgs.Namespace,
URL: repositoryURL.String(),
Branch: bootstrapArgs.branch,
Secret: bootstrapArgs.secretName,
TargetPath: gitArgs.path.ToSlash(),
ManifestFile: sync.MakeDefaultOptions().ManifestFile,
RecurseSubmodules: bootstrapArgs.recurseSubmodules,
}
entityList, err := bootstrap.LoadEntityListFromPath(bootstrapArgs.gpgKeyRingPath)
if err != nil {
return err
}
// Bootstrap config
bootstrapOpts := []bootstrap.GitOption{
bootstrap.WithRepositoryURL(gitArgs.url),
bootstrap.WithBranch(bootstrapArgs.branch),
bootstrap.WithSignature(bootstrapArgs.authorName, bootstrapArgs.authorEmail),
bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
bootstrap.WithPostGenerateSecretFunc(promptPublicKey),
bootstrap.WithLogger(logger),
bootstrap.WithGitCommitSigning(entityList, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
}
// Setup bootstrapper with constructed configs
b, err := bootstrap.NewPlainGitProvider(gitClient, kubeClient, bootstrapOpts...)
if err != nil {
return err
}
// Run
return bootstrap.Run(ctx, b, manifestsBase, installOptions, secretOpts, syncOpts, rootArgs.pollInterval, rootArgs.timeout)
}
// getAuthOpts retruns a AuthOptions based on the scheme
// of the given URL and the configured flags. If the protocol equals
// "ssh" but no private key is configured, authentication using the local
// SSH-agent is attempted.
func getAuthOpts(u *url.URL, caBundle []byte) (*git.AuthOptions, error) {
switch u.Scheme {
case "http":
if !gitArgs.insecureHttpAllowed {
return nil, fmt.Errorf("scheme http is insecure, pass --allow-insecure-http=true to allow it")
}
httpAuth := git.AuthOptions{
Transport: git.HTTP,
}
if gitArgs.withBearerToken {
httpAuth.BearerToken = gitArgs.password
} else {
httpAuth.Username = gitArgs.username
httpAuth.Password = gitArgs.password
}
return &httpAuth, nil
case "https":
httpsAuth := git.AuthOptions{
Transport: git.HTTPS,
CAFile: caBundle,
}
if gitArgs.withBearerToken {
httpsAuth.BearerToken = gitArgs.password
} else {
httpsAuth.Username = gitArgs.username
httpsAuth.Password = gitArgs.password
}
return &httpsAuth, nil
case "ssh":
authOpts := &git.AuthOptions{
Transport: git.SSH,
Username: u.User.Username(),
Password: gitArgs.password,
}
if bootstrapArgs.privateKeyFile != "" {
pk, err := os.ReadFile(bootstrapArgs.privateKeyFile)
if err != nil {
return nil, err
}
kh, err := sourcesecret.ScanHostKey(u.Host)
if err != nil {
return nil, err
}
authOpts.Identity = pk
authOpts.KnownHosts = kh
}
return authOpts, nil
default:
return nil, fmt.Errorf("scheme %q is not supported", u.Scheme)
}
}
func promptPublicKey(ctx context.Context, secret corev1.Secret, _ sourcesecret.Options) error {
ppk, ok := secret.StringData[sourcesecret.PublicKeySecretKey]
if !ok {
return nil
}
logger.Successf("public key: %s", strings.TrimSpace(ppk))
if !gitArgs.silent {
prompt := promptui.Prompt{
Label: "Please give the key access to your repository",
IsConfirm: true,
}
_, err := prompt.Run()
if err != nil {
return fmt.Errorf("aborting")
}
}
return nil
}
================================================
FILE: cmd/flux/bootstrap_gitea.go
================================================
/*
Copyright 2023 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"context"
"fmt"
"os"
"time"
"github.com/fluxcd/pkg/git"
"github.com/fluxcd/pkg/git/gogit"
"github.com/spf13/cobra"
"github.com/fluxcd/flux2/v2/internal/flags"
"github.com/fluxcd/flux2/v2/internal/utils"
"github.com/fluxcd/flux2/v2/pkg/bootstrap"
"github.com/fluxcd/flux2/v2/pkg/bootstrap/provider"
"github.com/fluxcd/flux2/v2/pkg/manifestgen"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/install"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sourcesecret"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sync"
)
var bootstrapGiteaCmd = &cobra.Command{
Use: "gitea",
Short: "Deploy Flux on a cluster connected to a Gitea repository",
Long: `The bootstrap gitea command creates the Gitea repository if it doesn't exists and
commits the Flux manifests to the specified branch.
Then it configures the target cluster to synchronize with that repository.
If the Flux components are present on the cluster,
the bootstrap command will perform an upgrade if needed.`,
Example: ` # Create a Gitea personal access token and export it as an env var
export GITEA_TOKEN=<my-token>
# Run bootstrap for a private repository owned by a Gitea organization
flux bootstrap gitea --owner=<organization> --repository=<repository name> --path=clusters/my-cluster
# Run bootstrap for a private repository and assign organization teams to it
flux bootstrap gitea --owner=<organization> --repository=<repository name> --team=<team1 slug> --team=<team2 slug> --path=clusters/my-cluster
# Run bootstrap for a private repository and assign organization teams with their access level(e.g maintain, admin) to it
flux bootstrap gitea --owner=<organization> --repository=<repository name> --team=<team1 slug>:<access-level> --path=clusters/my-cluster
# Run bootstrap for a public repository on a personal account
flux bootstrap gitea --owner=<user> --repository=<repository name> --private=false --personal=true --path=clusters/my-cluster
# Run bootstrap for a private repository hosted on Gitea Enterprise using SSH auth
flux bootstrap gitea --owner=<organization> --repository=<repository name> --hostname=<domain> --ssh-hostname=<domain> --path=clusters/my-cluster
# Run bootstrap for a private repository hosted on Gitea Enterprise using HTTPS auth
flux bootstrap gitea --owner=<organization> --repository=<repository name> --hostname=<domain> --token-auth --path=clusters/my-cluster
# Run bootstrap for an existing repository with a branch named main
flux bootstrap gitea --owner=<organization> --repository=<repository name> --branch=main --path=clusters/my-cluster`,
RunE: bootstrapGiteaCmdRun,
}
type giteaFlags struct {
owner string
repository string
interval time.Duration
personal bool
private bool
hostname string
path flags.SafeRelativePath
teams []string
readWriteKey bool
reconcile bool
}
const (
gtDefaultPermission = "maintain"
gtDefaultDomain = "gitea.com"
gtTokenEnvVar = "GITEA_TOKEN"
)
var giteaArgs giteaFlags
func init() {
bootstrapGiteaCmd.Flags().StringVar(&giteaArgs.owner, "owner", "", "Gitea user or organization name")
bootstrapGiteaCmd.Flags().StringVar(&giteaArgs.repository, "repository", "", "Gitea repository name")
bootstrapGiteaCmd.Flags().StringSliceVar(&giteaArgs.teams, "team", []string{}, "Gitea team and the access to be given to it(team:maintain). Defaults to maintainer access if no access level is specified (also accepts comma-separated values)")
bootstrapGiteaCmd.Flags().BoolVar(&giteaArgs.personal, "personal", false, "if true, the owner is assumed to be a Gitea user; otherwise an org")
bootstrapGiteaCmd.Flags().BoolVar(&giteaArgs.private, "private", true, "if true, the repository is setup or configured as private")
bootstrapGiteaCmd.Flags().DurationVar(&giteaArgs.interval, "interval", time.Minute, "sync interval")
bootstrapGiteaCmd.Flags().StringVar(&giteaArgs.hostname, "hostname", gtDefaultDomain, "Gitea hostname")
bootstrapGiteaCmd.Flags().Var(&giteaArgs.path, "path", "path relative to the repository root, when specified the cluster sync will be scoped to this path")
bootstrapGiteaCmd.Flags().BoolVar(&giteaArgs.readWriteKey, "read-write-key", false, "if true, the deploy key is configured with read/write permissions")
bootstrapGiteaCmd.Flags().BoolVar(&giteaArgs.reconcile, "reconcile", false, "if true, the configured options are also reconciled if the repository already exists")
bootstrapCmd.AddCommand(bootstrapGiteaCmd)
}
func bootstrapGiteaCmdRun(cmd *cobra.Command, args []string) error {
gtToken := os.Getenv(gtTokenEnvVar)
if gtToken == "" {
var err error
gtToken, err = readPasswordFromStdin("Please enter your Gitea personal access token (PAT): ")
if err != nil {
return fmt.Errorf("could not read token: %w", err)
}
}
if err := bootstrapValidate(); err != nil {
return err
}
ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
defer cancel()
kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
if err != nil {
return err
}
// Manifest base
if ver, err := getVersion(bootstrapArgs.version); err != nil {
return err
} else {
bootstrapArgs.version = ver
}
manifestsBase, err := buildEmbeddedManifestBase()
if err != nil {
return err
}
defer os.RemoveAll(manifestsBase)
var caBundle []byte
if bootstrapArgs.caFile != "" {
var err error
caBundle, err = os.ReadFile(bootstrapArgs.caFile)
if err != nil {
return fmt.Errorf("unable to read TLS CA file: %w", err)
}
}
// Build Gitea provider
providerCfg := provider.Config{
Provider: provider.GitProviderGitea,
Hostname: giteaArgs.hostname,
Token: gtToken,
CaBundle: caBundle,
}
providerClient, err := provider.BuildGitProvider(providerCfg)
if err != nil {
return err
}
tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
if err != nil {
return fmt.Errorf("failed to create temporary working dir: %w", err)
}
defer os.RemoveAll(tmpDir)
clientOpts := []gogit.ClientOption{gogit.WithDiskStorage(), gogit.WithFallbackToDefaultKnownHosts()}
gitClient, err := gogit.NewClient(tmpDir, &git.AuthOptions{
Transport: git.HTTPS,
Username: giteaArgs.owner,
Password: gtToken,
CAFile: caBundle,
}, clientOpts...)
if err != nil {
return fmt.Errorf("failed to create a Git client: %w", err)
}
// Install manifest config
installOptions := install.Options{
BaseURL: rootArgs.defaults.BaseURL,
Version: bootstrapArgs.version,
Namespace: *kubeconfigArgs.Namespace,
Components: bootstrapComponents(),
Registry: bootstrapArgs.registry,
RegistryCredential: bootstrapArgs.registryCredential,
ImagePullSecret: bootstrapArgs.imagePullSecret,
WatchAllNamespaces: bootstrapArgs.watchAllNamespaces,
NetworkPolicy: bootstrapArgs.networkPolicy,
LogLevel: bootstrapArgs.logLevel.String(),
NotificationController: rootArgs.defaults.NotificationController,
ManifestFile: rootArgs.defaults.ManifestFile,
Timeout: rootArgs.timeout,
TargetPath: giteaArgs.path.ToSlash(),
ClusterDomain: bootstrapArgs.clusterDomain,
TolerationKeys: bootstrapArgs.tolerationKeys,
}
if customBaseURL := bootstrapArgs.manifestsPath; customBaseURL != "" {
installOptions.BaseURL = customBaseURL
}
// Source generation and secret config
secretOpts := sourcesecret.Options{
Name: bootstrapArgs.secretName,
Namespace: *kubeconfigArgs.Namespace,
TargetPath: giteaArgs.path.ToSlash(),
ManifestFile: sourcesecret.MakeDefaultOptions().ManifestFile,
}
if bootstrapArgs.tokenAuth {
secretOpts.Username = "git"
secretOpts.Password = gtToken
secretOpts.CACrt = caBundle
} else {
secretOpts.PrivateKeyAlgorithm = sourcesecret.PrivateKeyAlgorithm(bootstrapArgs.keyAlgorithm)
secretOpts.RSAKeyBits = int(bootstrapArgs.keyRSABits)
secretOpts.ECDSACurve = bootstrapArgs.keyECDSACurve.Curve
secretOpts.SSHHostname = giteaArgs.hostname
if bootstrapArgs.sshHostname != "" {
secretOpts.SSHHostname = bootstrapArgs.sshHostname
}
}
// Sync manifest config
syncOpts := sync.Options{
Interval: giteaArgs.interval,
Name: *kubeconfigArgs.Namespace,
Namespace: *kubeconfigArgs.Namespace,
Branch: bootstrapArgs.branch,
Secret: bootstrapArgs.secretName,
TargetPath: giteaArgs.path.ToSlash(),
ManifestFile: sync.MakeDefaultOptions().ManifestFile,
RecurseSubmodules: bootstrapArgs.recurseSubmodules,
}
entityList, err := bootstrap.LoadEntityListFromPath(bootstrapArgs.gpgKeyRingPath)
if err != nil {
return err
}
// Bootstrap config
bootstrapOpts := []bootstrap.GitProviderOption{
bootstrap.WithProviderRepository(giteaArgs.owner, giteaArgs.repository, giteaArgs.personal),
bootstrap.WithBranch(bootstrapArgs.branch),
bootstrap.WithBootstrapTransportType("https"),
bootstrap.WithSignature(bootstrapArgs.authorName, bootstrapArgs.authorEmail),
bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
bootstrap.WithProviderTeamPermissions(mapTeamSlice(giteaArgs.teams, gtDefaultPermission)),
bootstrap.WithReadWriteKeyPermissions(giteaArgs.readWriteKey),
bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
bootstrap.WithLogger(logger),
bootstrap.WithGitCommitSigning(entityList, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
}
if bootstrapArgs.sshHostname != "" {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithSSHHostname(bootstrapArgs.sshHostname))
}
if bootstrapArgs.tokenAuth {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithSyncTransportType("https"))
}
if !giteaArgs.private {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithProviderRepositoryConfig("", "", "public"))
}
if giteaArgs.reconcile {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithReconcile())
}
// Setup bootstrapper with constructed configs
b, err := bootstrap.NewGitProviderBootstrapper(gitClient, providerClient, kubeClient, bootstrapOpts...)
if err != nil {
return err
}
// Run
return bootstrap.Run(ctx, b, manifestsBase, installOptions, secretOpts, syncOpts, rootArgs.pollInterval, rootArgs.timeout)
}
================================================
FILE: cmd/flux/bootstrap_github.go
================================================
/*
Copyright 2020 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"context"
"fmt"
"os"
"time"
"github.com/fluxcd/pkg/git"
"github.com/fluxcd/pkg/git/gogit"
"github.com/spf13/cobra"
"github.com/fluxcd/flux2/v2/internal/flags"
"github.com/fluxcd/flux2/v2/internal/utils"
"github.com/fluxcd/flux2/v2/pkg/bootstrap"
"github.com/fluxcd/flux2/v2/pkg/bootstrap/provider"
"github.com/fluxcd/flux2/v2/pkg/manifestgen"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/install"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sourcesecret"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sync"
)
var bootstrapGitHubCmd = &cobra.Command{
Use: "github",
Short: "Deploy Flux on a cluster connected to a GitHub repository",
Long: `The bootstrap github command creates the GitHub repository if it doesn't exists and
commits the Flux manifests to the specified branch.
Then it configures the target cluster to synchronize with that repository.
If the Flux components are present on the cluster,
the bootstrap command will perform an upgrade if needed.`,
Example: ` # Create a GitHub personal access token and export it as an env var
export GITHUB_TOKEN=<my-token>
# Run bootstrap for a private repository owned by a GitHub organization
flux bootstrap github --owner=<organization> --repository=<repository name> --path=clusters/my-cluster
# Run bootstrap for a private repository and assign organization teams to it
flux bootstrap github --owner=<organization> --repository=<repository name> --team=<team1 slug> --team=<team2 slug> --path=clusters/my-cluster
# Run bootstrap for a private repository and assign organization teams with their access level(e.g maintain, admin) to it
flux bootstrap github --owner=<organization> --repository=<repository name> --team=<team1 slug>:<access-level> --path=clusters/my-cluster
# Run bootstrap for a public repository on a personal account
flux bootstrap github --owner=<user> --repository=<repository name> --private=false --personal=true --path=clusters/my-cluster
# Run bootstrap for a private repository hosted on GitHub Enterprise using SSH auth
flux bootstrap github --owner=<organization> --repository=<repository name> --hostname=<domain> --ssh-hostname=<domain> --path=clusters/my-cluster
# Run bootstrap for a private repository hosted on GitHub Enterprise using HTTPS auth
flux bootstrap github --owner=<organization> --repository=<repository name> --hostname=<domain> --token-auth --path=clusters/my-cluster
# Run bootstrap for an existing repository with a branch named main
flux bootstrap github --owner=<organization> --repository=<repository name> --branch=main --path=clusters/my-cluster`,
RunE: bootstrapGitHubCmdRun,
}
type githubFlags struct {
owner string
repository string
interval time.Duration
personal bool
private bool
hostname string
path flags.SafeRelativePath
teams []string
readWriteKey bool
reconcile bool
}
const (
ghDefaultPermission = "maintain"
ghDefaultDomain = "github.com"
ghTokenEnvVar = "GITHUB_TOKEN"
)
var githubArgs githubFlags
func init() {
bootstrapGitHubCmd.Flags().StringVar(&githubArgs.owner, "owner", "", "GitHub user or organization name")
bootstrapGitHubCmd.Flags().StringVar(&githubArgs.repository, "repository", "", "GitHub repository name")
bootstrapGitHubCmd.Flags().StringSliceVar(&githubArgs.teams, "team", []string{}, "GitHub team and the access to be given to it(team:maintain). Defaults to maintainer access if no access level is specified (also accepts comma-separated values)")
bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.personal, "personal", false, "if true, the owner is assumed to be a GitHub user; otherwise an org")
bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.private, "private", true, "if true, the repository is setup or configured as private")
bootstrapGitHubCmd.Flags().DurationVar(&githubArgs.interval, "interval", time.Minute, "sync interval")
bootstrapGitHubCmd.Flags().StringVar(&githubArgs.hostname, "hostname", ghDefaultDomain, "GitHub hostname")
bootstrapGitHubCmd.Flags().Var(&githubArgs.path, "path", "path relative to the repository root, when specified the cluster sync will be scoped to this path")
bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.readWriteKey, "read-write-key", false, "if true, the deploy key is configured with read/write permissions")
bootstrapGitHubCmd.Flags().BoolVar(&githubArgs.reconcile, "reconcile", false, "if true, the configured options are also reconciled if the repository already exists")
bootstrapCmd.AddCommand(bootstrapGitHubCmd)
}
func bootstrapGitHubCmdRun(cmd *cobra.Command, args []string) error {
ghToken := os.Getenv(ghTokenEnvVar)
if ghToken == "" {
var err error
ghToken, err = readPasswordFromStdin("Please enter your GitHub personal access token (PAT): ")
if err != nil {
return fmt.Errorf("could not read token: %w", err)
}
}
if err := bootstrapValidate(); err != nil {
return err
}
ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
defer cancel()
kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
if err != nil {
return err
}
if !bootstrapArgs.force {
err = confirmBootstrap(ctx, kubeClient)
if err != nil {
return err
}
}
// Manifest base
if ver, err := getVersion(bootstrapArgs.version); err != nil {
return err
} else {
bootstrapArgs.version = ver
}
manifestsBase, err := buildEmbeddedManifestBase()
if err != nil {
return err
}
defer os.RemoveAll(manifestsBase)
var caBundle []byte
if bootstrapArgs.caFile != "" {
var err error
caBundle, err = os.ReadFile(bootstrapArgs.caFile)
if err != nil {
return fmt.Errorf("unable to read TLS CA file: %w", err)
}
}
// Build GitHub provider
providerCfg := provider.Config{
Provider: provider.GitProviderGitHub,
Hostname: githubArgs.hostname,
Token: ghToken,
CaBundle: caBundle,
}
providerClient, err := provider.BuildGitProvider(providerCfg)
if err != nil {
return err
}
tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
if err != nil {
return fmt.Errorf("failed to create temporary working dir: %w", err)
}
defer os.RemoveAll(tmpDir)
clientOpts := []gogit.ClientOption{gogit.WithDiskStorage(), gogit.WithFallbackToDefaultKnownHosts()}
gitClient, err := gogit.NewClient(tmpDir, &git.AuthOptions{
Transport: git.HTTPS,
Username: githubArgs.owner,
Password: ghToken,
CAFile: caBundle,
}, clientOpts...)
if err != nil {
return fmt.Errorf("failed to create a Git client: %w", err)
}
// Install manifest config
installOptions := install.Options{
BaseURL: rootArgs.defaults.BaseURL,
Version: bootstrapArgs.version,
Namespace: *kubeconfigArgs.Namespace,
Components: bootstrapComponents(),
Registry: bootstrapArgs.registry,
RegistryCredential: bootstrapArgs.registryCredential,
ImagePullSecret: bootstrapArgs.imagePullSecret,
WatchAllNamespaces: bootstrapArgs.watchAllNamespaces,
NetworkPolicy: bootstrapArgs.networkPolicy,
LogLevel: bootstrapArgs.logLevel.String(),
NotificationController: rootArgs.defaults.NotificationController,
ManifestFile: rootArgs.defaults.ManifestFile,
Timeout: rootArgs.timeout,
TargetPath: githubArgs.path.ToSlash(),
ClusterDomain: bootstrapArgs.clusterDomain,
TolerationKeys: bootstrapArgs.tolerationKeys,
}
if customBaseURL := bootstrapArgs.manifestsPath; customBaseURL != "" {
installOptions.BaseURL = customBaseURL
}
// Source generation and secret config
secretOpts := sourcesecret.Options{
Name: bootstrapArgs.secretName,
Namespace: *kubeconfigArgs.Namespace,
TargetPath: githubArgs.path.ToSlash(),
ManifestFile: sourcesecret.MakeDefaultOptions().ManifestFile,
}
if bootstrapArgs.tokenAuth {
secretOpts.Username = "git"
secretOpts.Password = ghToken
secretOpts.CACrt = caBundle
} else {
secretOpts.PrivateKeyAlgorithm = sourcesecret.PrivateKeyAlgorithm(bootstrapArgs.keyAlgorithm)
secretOpts.RSAKeyBits = int(bootstrapArgs.keyRSABits)
secretOpts.ECDSACurve = bootstrapArgs.keyECDSACurve.Curve
secretOpts.SSHHostname = githubArgs.hostname
if bootstrapArgs.sshHostname != "" {
secretOpts.SSHHostname = bootstrapArgs.sshHostname
}
}
// Sync manifest config
syncOpts := sync.Options{
Interval: githubArgs.interval,
Name: *kubeconfigArgs.Namespace,
Namespace: *kubeconfigArgs.Namespace,
Branch: bootstrapArgs.branch,
Secret: bootstrapArgs.secretName,
TargetPath: githubArgs.path.ToSlash(),
ManifestFile: sync.MakeDefaultOptions().ManifestFile,
RecurseSubmodules: bootstrapArgs.recurseSubmodules,
}
entityList, err := bootstrap.LoadEntityListFromPath(bootstrapArgs.gpgKeyRingPath)
if err != nil {
return err
}
// Bootstrap config
bootstrapOpts := []bootstrap.GitProviderOption{
bootstrap.WithProviderRepository(githubArgs.owner, githubArgs.repository, githubArgs.personal),
bootstrap.WithBranch(bootstrapArgs.branch),
bootstrap.WithBootstrapTransportType("https"),
bootstrap.WithSignature(bootstrapArgs.authorName, bootstrapArgs.authorEmail),
bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
bootstrap.WithProviderTeamPermissions(mapTeamSlice(githubArgs.teams, ghDefaultPermission)),
bootstrap.WithReadWriteKeyPermissions(githubArgs.readWriteKey),
bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
bootstrap.WithLogger(logger),
bootstrap.WithGitCommitSigning(entityList, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
}
if bootstrapArgs.sshHostname != "" {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithSSHHostname(bootstrapArgs.sshHostname))
}
if bootstrapArgs.tokenAuth {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithSyncTransportType("https"))
}
if !githubArgs.private {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithProviderRepositoryConfig("", "", "public"))
}
if githubArgs.reconcile {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithReconcile())
}
// Setup bootstrapper with constructed configs
b, err := bootstrap.NewGitProviderBootstrapper(gitClient, providerClient, kubeClient, bootstrapOpts...)
if err != nil {
return err
}
// Run
return bootstrap.Run(ctx, b, manifestsBase, installOptions, secretOpts, syncOpts, rootArgs.pollInterval, rootArgs.timeout)
}
================================================
FILE: cmd/flux/bootstrap_gitlab.go
================================================
/*
Copyright 2020 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"context"
"fmt"
"os"
"regexp"
"strings"
"time"
"github.com/fluxcd/go-git-providers/gitprovider"
"github.com/fluxcd/pkg/git"
"github.com/fluxcd/pkg/git/gogit"
"github.com/spf13/cobra"
"github.com/fluxcd/flux2/v2/internal/flags"
"github.com/fluxcd/flux2/v2/internal/utils"
"github.com/fluxcd/flux2/v2/pkg/bootstrap"
"github.com/fluxcd/flux2/v2/pkg/bootstrap/provider"
"github.com/fluxcd/flux2/v2/pkg/manifestgen"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/install"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sourcesecret"
"github.com/fluxcd/flux2/v2/pkg/manifestgen/sync"
)
var bootstrapGitLabCmd = &cobra.Command{
Use: "gitlab",
Short: "Deploy Flux on a cluster connected to a GitLab repository",
Long: `The bootstrap gitlab command creates the GitLab repository if it doesn't exist and
commits the Flux manifests to the specified branch.
Then it configures the target cluster to synchronize with that repository.
If the Flux components are present on the cluster,
the bootstrap command will perform an upgrade if needed.`,
Example: ` # Create a GitLab API token and export it as an env var
export GITLAB_TOKEN=<my-token>
# Run bootstrap for a private repository using HTTPS token authentication
flux bootstrap gitlab --owner=<group> --repository=<repository name> --token-auth
# Run bootstrap for a private repository using SSH authentication
flux bootstrap gitlab --owner=<group> --repository=<repository name>
# Run bootstrap for a repository path
flux bootstrap gitlab --owner=<group> --repository=<repository name> --path=dev-cluster
# Run bootstrap for a public repository
flux bootstrap gitlab --owner=<group> --repository=<repository name> --visibility=public --token-auth
# Run bootstrap for a private repository hosted on a GitLab server
flux bootstrap gitlab --owner=<group> --repository=<repository name> --hostname=<gitlab_url> --token-auth
# Run bootstrap for an existing repository with a branch named main
flux bootstrap gitlab --owner=<group> --repository=<repository name> --branch=main --token-auth
# Run bootstrap for a private repository using Deploy Token authentication
flux bootstrap gitlab --owner=<group> --repository=<repository name> --deploy-token-auth
`,
RunE: bootstrapGitLabCmdRun,
}
const (
glDefaultPermission = "maintain"
glDefaultDomain = "gitlab.com"
glTokenEnvVar = "GITLAB_TOKEN"
gitlabProjectRegex = `\A[[:alnum:]\x{00A9}-\x{1f9ff}_][[:alnum:]\p{Pd}\x{00A9}-\x{1f9ff}_\.]*\z`
)
type gitlabFlags struct {
owner string
repository string
interval time.Duration
personal bool
visibility flags.GitLabVisibility
private bool
hostname string
path flags.SafeRelativePath
teams []string
readWriteKey bool
reconcile bool
deployTokenAuth bool
}
func NewGitlabFlags() gitlabFlags {
return gitlabFlags{
visibility: flags.GitLabVisibility(gitprovider.RepositoryVisibilityPrivate),
}
}
var gitlabArgs = NewGitlabFlags()
func init() {
bootstrapGitLabCmd.Flags().StringVar(&gitlabArgs.owner, "owner", "", "GitLab user or group name")
bootstrapGitLabCmd.Flags().StringVar(&gitlabArgs.repository, "repository", "", "GitLab repository name")
bootstrapGitLabCmd.Flags().StringSliceVar(&gitlabArgs.teams, "team", []string{}, "GitLab teams to be given maintainer access (also accepts comma-separated values)")
bootstrapGitLabCmd.Flags().BoolVar(&gitlabArgs.personal, "personal", false, "if true, the owner is assumed to be a GitLab user; otherwise a group")
bootstrapGitLabCmd.Flags().BoolVar(&gitlabArgs.private, "private", true, "if true, the repository is setup or configured as private")
bootstrapGitLabCmd.Flags().MarkDeprecated("private", "use --visibility instead")
bootstrapGitLabCmd.Flags().Var(&gitlabArgs.visibility, "visibility", gitlabArgs.visibility.Description())
bootstrapGitLabCmd.Flags().DurationVar(&gitlabArgs.interval, "interval", time.Minute, "sync interval")
bootstrapGitLabCmd.Flags().StringVar(&gitlabArgs.hostname, "hostname", glDefaultDomain, "GitLab hostname")
bootstrapGitLabCmd.Flags().Var(&gitlabArgs.path, "path", "path relative to the repository root, when specified the cluster sync will be scoped to this path")
bootstrapGitLabCmd.Flags().BoolVar(&gitlabArgs.readWriteKey, "read-write-key", false, "if true, the deploy key is configured with read/write permissions")
bootstrapGitLabCmd.Flags().BoolVar(&gitlabArgs.reconcile, "reconcile", false, "if true, the configured options are also reconciled if the repository already exists")
bootstrapGitLabCmd.Flags().BoolVar(&gitlabArgs.deployTokenAuth, "deploy-token-auth", false, "when enabled, a Project Deploy Token is generated and will be used instead of the SSH deploy token")
bootstrapCmd.AddCommand(bootstrapGitLabCmd)
}
func bootstrapGitLabCmdRun(cmd *cobra.Command, args []string) error {
glToken := os.Getenv(glTokenEnvVar)
if glToken == "" {
var err error
glToken, err = readPasswordFromStdin("Please enter your GitLab personal access token (PAT): ")
if err != nil {
return fmt.Errorf("could not read token: %w", err)
}
}
if projectNameIsValid, err := regexp.MatchString(gitlabProjectRegex, gitlabArgs.repository); err != nil || !projectNameIsValid {
if err == nil {
err = fmt.Errorf("%s is an invalid project name for gitlab.\nIt can contain only letters, digits, emojis, '_', '.', dash, space. It must start with letter, digit, emoji or '_'.", gitlabArgs.repository)
}
return err
}
if bootstrapArgs.tokenAuth && gitlabArgs.deployTokenAuth {
return fmt.Errorf("--token-auth and --deploy-token-auth cannot be set both.")
}
if !gitlabArgs.private {
gitlabArgs.visibility.Set(string(gitprovider.RepositoryVisibilityPublic))
cmd.Println("Using visibility public as --private=false")
}
if err := bootstrapValidate(); err != nil {
return err
}
ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
defer cancel()
kubeClient, err := utils.KubeClient(kubeconfigArgs, kubeclientOptions)
if err != nil {
return err
}
if !bootstrapArgs.force {
err = confirmBootstrap(ctx, kubeClient)
if err != nil {
return err
}
}
// Manifest base
if ver, err := getVersion(bootstrapArgs.version); err != nil {
return err
} else {
bootstrapArgs.version = ver
}
manifestsBase, err := buildEmbeddedManifestBase()
if err != nil {
return err
}
defer os.RemoveAll(manifestsBase)
var caBundle []byte
if bootstrapArgs.caFile != "" {
var err error
caBundle, err = os.ReadFile(bootstrapArgs.caFile)
if err != nil {
return fmt.Errorf("unable to read TLS CA file: %w", err)
}
}
// Build GitLab provider
providerCfg := provider.Config{
Provider: provider.GitProviderGitLab,
Hostname: gitlabArgs.hostname,
Token: glToken,
CaBundle: caBundle,
}
// Workaround for: https://github.com/fluxcd/go-git-providers/issues/55
if hostname := providerCfg.Hostname; hostname != glDefaultDomain &&
!strings.HasPrefix(hostname, "https://") &&
!strings.HasPrefix(hostname, "http://") {
providerCfg.Hostname = "https://" + providerCfg.Hostname
}
providerClient, err := provider.BuildGitProvider(providerCfg)
if err != nil {
return err
}
// Lazy go-git repository
tmpDir, err := manifestgen.MkdirTempAbs("", "flux-bootstrap-")
if err != nil {
return fmt.Errorf("failed to create temporary working dir: %w", err)
}
defer os.RemoveAll(tmpDir)
clientOpts := []gogit.ClientOption{gogit.WithDiskStorage(), gogit.WithFallbackToDefaultKnownHosts()}
gitClient, err := gogit.NewClient(tmpDir, &git.AuthOptions{
Transport: git.HTTPS,
Username: gitlabArgs.owner,
Password: glToken,
CAFile: caBundle,
}, clientOpts...)
if err != nil {
return fmt.Errorf("failed to create a Git client: %w", err)
}
// Install manifest config
installOptions := install.Options{
BaseURL: rootArgs.defaults.BaseURL,
Version: bootstrapArgs.version,
Namespace: *kubeconfigArgs.Namespace,
Components: bootstrapComponents(),
Registry: bootstrapArgs.registry,
RegistryCredential: bootstrapArgs.registryCredential,
ImagePullSecret: bootstrapArgs.imagePullSecret,
WatchAllNamespaces: bootstrapArgs.watchAllNamespaces,
NetworkPolicy: bootstrapArgs.networkPolicy,
LogLevel: bootstrapArgs.logLevel.String(),
NotificationController: rootArgs.defaults.NotificationController,
ManifestFile: rootArgs.defaults.ManifestFile,
Timeout: rootArgs.timeout,
TargetPath: gitlabArgs.path.ToSlash(),
ClusterDomain: bootstrapArgs.clusterDomain,
TolerationKeys: bootstrapArgs.tolerationKeys,
}
if customBaseURL := bootstrapArgs.manifestsPath; customBaseURL != "" {
installOptions.BaseURL = customBaseURL
}
// Source generation and secret config
secretOpts := sourcesecret.Options{
Name: bootstrapArgs.secretName,
Namespace: *kubeconfigArgs.Namespace,
TargetPath: gitlabArgs.path.String(),
ManifestFile: sourcesecret.MakeDefaultOptions().ManifestFile,
}
if bootstrapArgs.tokenAuth {
secretOpts.Username = "git"
secretOpts.Password = glToken
secretOpts.CACrt = caBundle
} else if gitlabArgs.deployTokenAuth {
// the actual deploy token will be reconciled later
secretOpts.CACrt = caBundle
} else {
keypair, err := sourcesecret.LoadKeyPairFromPath(bootstrapArgs.privateKeyFile, gitArgs.password)
if err != nil {
return err
}
secretOpts.Keypair = keypair
secretOpts.PrivateKeyAlgorithm = sourcesecret.PrivateKeyAlgorithm(bootstrapArgs.keyAlgorithm)
secretOpts.RSAKeyBits = int(bootstrapArgs.keyRSABits)
secretOpts.ECDSACurve = bootstrapArgs.keyECDSACurve.Curve
secretOpts.SSHHostname = gitlabArgs.hostname
if bootstrapArgs.sshHostname != "" {
secretOpts.SSHHostname = bootstrapArgs.sshHostname
}
}
// Sync manifest config
syncOpts := sync.Options{
Interval: gitlabArgs.interval,
Name: *kubeconfigArgs.Namespace,
Namespace: *kubeconfigArgs.Namespace,
Branch: bootstrapArgs.branch,
Secret: bootstrapArgs.secretName,
TargetPath: gitlabArgs.path.ToSlash(),
ManifestFile: sync.MakeDefaultOptions().ManifestFile,
RecurseSubmodules: bootstrapArgs.recurseSubmodules,
}
entityList, err := bootstrap.LoadEntityListFromPath(bootstrapArgs.gpgKeyRingPath)
if err != nil {
return err
}
// Bootstrap config
bootstrapOpts := []bootstrap.GitProviderOption{
bootstrap.WithProviderRepository(gitlabArgs.owner, gitlabArgs.repository, gitlabArgs.personal),
bootstrap.WithProviderVisibility(gitlabArgs.visibility.String()),
bootstrap.WithBranch(bootstrapArgs.branch),
bootstrap.WithBootstrapTransportType("https"),
bootstrap.WithSignature(bootstrapArgs.authorName, bootstrapArgs.authorEmail),
bootstrap.WithCommitMessageAppendix(bootstrapArgs.commitMessageAppendix),
bootstrap.WithProviderTeamPermissions(mapTeamSlice(gitlabArgs.teams, glDefaultPermission)),
bootstrap.WithReadWriteKeyPermissions(gitlabArgs.readWriteKey),
bootstrap.WithKubeconfig(kubeconfigArgs, kubeclientOptions),
bootstrap.WithLogger(logger),
bootstrap.WithGitCommitSigning(entityList, bootstrapArgs.gpgPassphrase, bootstrapArgs.gpgKeyID),
}
if bootstrapArgs.sshHostname != "" {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithSSHHostname(bootstrapArgs.sshHostname))
}
if bootstrapArgs.tokenAuth || gitlabArgs.deployTokenAuth {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithSyncTransportType("https"))
}
if gitlabArgs.deployTokenAuth {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithDeployTokenAuth())
}
if gitlabArgs.reconcile {
bootstrapOpts = append(bootstrapOpts, bootstrap.WithReconcile())
}
// Setup bootstrapper with constructed configs
b, err := bootstrap.NewGitProviderBootstrapper(gitClient, providerClient, kubeClient, bootstrapOpts...)
if err != nil {
return err
}
// Run
return bootstrap.Run(ctx, b, manifestsBase, installOptions, secretOpts, syncOpts, rootArgs.pollInterval, rootArgs.timeout)
}
================================================
FILE: cmd/flux/build.go
================================================
/*
Copyright 2021 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"github.com/spf13/cobra"
)
var buildCmd = &cobra.Command{
Use: "build",
Short: "Build a flux resource",
Long: `The build command is used to build flux resources.`,
}
func init() {
rootCmd.AddCommand(buildCmd)
}
================================================
FILE: cmd/flux/build_artifact.go
================================================
/*
Copyright 2022 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package main
import (
"bufio"
"bytes"
"fmt"
"io"
"os"
"strings"
"github.com/spf13/cobra"
"github.com/fluxcd/pkg/oci"
"
gitextract_vsl03042/
├── .github/
│ ├── ISSUE_TEMPLATE/
│ │ ├── bug_report.yaml
│ │ └── config.yml
│ ├── aur/
│ │ ├── flux-bin/
│ │ │ ├── .SRCINFO.template
│ │ │ ├── .gitignore
│ │ │ ├── PKGBUILD.template
│ │ │ └── publish.sh
│ │ ├── flux-go/
│ │ │ ├── .SRCINFO.template
│ │ │ ├── .gitignore
│ │ │ ├── PKGBUILD.template
│ │ │ └── publish.sh
│ │ └── flux-scm/
│ │ ├── .SRCINFO.template
│ │ ├── .gitignore
│ │ ├── PKGBUILD.template
│ │ └── publish.sh
│ ├── dependabot.yml
│ ├── kind/
│ │ └── config.yaml
│ ├── labels.yaml
│ ├── runners/
│ │ ├── README.md
│ │ ├── prereq.sh
│ │ └── runner-setup.sh
│ └── workflows/
│ ├── README.md
│ ├── action.yaml
│ ├── backport.yaml
│ ├── conformance.yaml
│ ├── e2e-azure.yaml
│ ├── e2e-bootstrap.yaml
│ ├── e2e-gcp.yaml
│ ├── e2e.yaml
│ ├── ossf.yaml
│ ├── release.yaml
│ ├── scan.yaml
│ ├── sync-labels.yaml
│ ├── update.yaml
│ └── upgrade-fluxcd-pkg.yaml
├── .gitignore
├── .goreleaser.yml
├── .scorecard.yml
├── CODE_OF_CONDUCT.md
├── CONTRIBUTING.md
├── DCO
├── Dockerfile
├── LICENSE
├── MAINTAINERS
├── Makefile
├── README.md
├── action/
│ ├── README.md
│ └── action.yml
├── cmd/
│ └── flux/
│ ├── alert.go
│ ├── alert_provider.go
│ ├── artifact.go
│ ├── bootstrap.go
│ ├── bootstrap_bitbucket_server.go
│ ├── bootstrap_git.go
│ ├── bootstrap_gitea.go
│ ├── bootstrap_github.go
│ ├── bootstrap_gitlab.go
│ ├── build.go
│ ├── build_artifact.go
│ ├── build_artifact_test.go
│ ├── build_kustomization.go
│ ├── build_kustomization_test.go
│ ├── check.go
│ ├── check_test.go
│ ├── cluster_info.go
│ ├── cluster_info_test.go
│ ├── completion.go
│ ├── completion_bash.go
│ ├── completion_fish.go
│ ├── completion_powershell.go
│ ├── completion_zsh.go
│ ├── create.go
│ ├── create_alert.go
│ ├── create_alertprovider.go
│ ├── create_helmrelease.go
│ ├── create_helmrelease_test.go
│ ├── create_image.go
│ ├── create_image_policy.go
│ ├── create_image_repository.go
│ ├── create_image_update.go
│ ├── create_kustomization.go
│ ├── create_receiver.go
│ ├── create_secret.go
│ ├── create_secret_git.go
│ ├── create_secret_git_test.go
│ ├── create_secret_github_app.go
│ ├── create_secret_githubapp_test.go
│ ├── create_secret_helm.go
│ ├── create_secret_helm_test.go
│ ├── create_secret_notation.go
│ ├── create_secret_notation_test.go
│ ├── create_secret_oci.go
│ ├── create_secret_oci_test.go
│ ├── create_secret_proxy.go
│ ├── create_secret_proxy_test.go
│ ├── create_secret_tls.go
│ ├── create_secret_tls_test.go
│ ├── create_source.go
│ ├── create_source_bucket.go
│ ├── create_source_chart.go
│ ├── create_source_chart_test.go
│ ├── create_source_git.go
│ ├── create_source_git_test.go
│ ├── create_source_helm.go
│ ├── create_source_helm_test.go
│ ├── create_source_oci.go
│ ├── create_source_oci_test.go
│ ├── create_tenant.go
│ ├── create_tenant_test.go
│ ├── create_test.go
│ ├── debug.go
│ ├── debug_helmrelease.go
│ ├── debug_helmrelease_test.go
│ ├── debug_kustomization.go
│ ├── debug_kustomization_test.go
│ ├── delete.go
│ ├── delete_alert.go
│ ├── delete_alertprovider.go
│ ├── delete_helmrelease.go
│ ├── delete_image.go
│ ├── delete_image_policy.go
│ ├── delete_image_repository.go
│ ├── delete_image_update.go
│ ├── delete_kustomization.go
│ ├── delete_receiver.go
│ ├── delete_source.go
│ ├── delete_source_bucket.go
│ ├── delete_source_chart.go
│ ├── delete_source_git.go
│ ├── delete_source_helm.go
│ ├── delete_source_oci.go
│ ├── diff.go
│ ├── diff_artifact.go
│ ├── diff_artifact_test.go
│ ├── diff_kustomization.go
│ ├── diff_kustomization_test.go
│ ├── docgen.go
│ ├── envsubst.go
│ ├── envsubst_test.go
│ ├── events.go
│ ├── events_test.go
│ ├── export.go
│ ├── export_alert.go
│ ├── export_alertprovider.go
│ ├── export_artifact.go
│ ├── export_artifact_generator.go
│ ├── export_helmrelease.go
│ ├── export_image.go
│ ├── export_image_policy.go
│ ├── export_image_repository.go
│ ├── export_image_update.go
│ ├── export_kustomization.go
│ ├── export_receiver.go
│ ├── export_secret.go
│ ├── export_source.go
│ ├── export_source_bucket.go
│ ├── export_source_chart.go
│ ├── export_source_external.go
│ ├── export_source_git.go
│ ├── export_source_helm.go
│ ├── export_source_oci.go
│ ├── export_test.go
│ ├── get.go
│ ├── get_alert.go
│ ├── get_alertprovider.go
│ ├── get_all.go
│ ├── get_artifact.go
│ ├── get_artifact_generator.go
│ ├── get_helmrelease.go
│ ├── get_image.go
│ ├── get_image_all.go
│ ├── get_image_policy.go
│ ├── get_image_repository.go
│ ├── get_image_update.go
│ ├── get_kustomization.go
│ ├── get_receiver.go
│ ├── get_source.go
│ ├── get_source_all.go
│ ├── get_source_bucket.go
│ ├── get_source_chart.go
│ ├── get_source_external.go
│ ├── get_source_git.go
│ ├── get_source_helm.go
│ ├── get_source_oci.go
│ ├── get_test.go
│ ├── helmrelease.go
│ ├── helmrelease_test.go
│ ├── image.go
│ ├── image_test.go
│ ├── install.go
│ ├── install_test.go
│ ├── kustomization.go
│ ├── kustomization_test.go
│ ├── list.go
│ ├── list_artifact.go
│ ├── log.go
│ ├── logs.go
│ ├── logs_e2e_test.go
│ ├── logs_unit_test.go
│ ├── main.go
│ ├── main_e2e_test.go
│ ├── main_test.go
│ ├── main_unit_test.go
│ ├── manifests.embed.go
│ ├── migrate.go
│ ├── migrate_test.go
│ ├── object.go
│ ├── oci.go
│ ├── pull.go
│ ├── pull_artifact.go
│ ├── push.go
│ ├── push_artifact.go
│ ├── readiness.go
│ ├── readiness_test.go
│ ├── receiver.go
│ ├── reconcile.go
│ ├── reconcile_helmrelease.go
│ ├── reconcile_image.go
│ ├── reconcile_image_policy.go
│ ├── reconcile_image_repository.go
│ ├── reconcile_image_updateauto.go
│ ├── reconcile_kustomization.go
│ ├── reconcile_receiver.go
│ ├── reconcile_source.go
│ ├── reconcile_source_bucket.go
│ ├── reconcile_source_chart.go
│ ├── reconcile_source_git.go
│ ├── reconcile_source_helm.go
│ ├── reconcile_source_oci.go
│ ├── reconcile_with_source.go
│ ├── resume.go
│ ├── resume_alert.go
│ ├── resume_alertprovider.go
│ ├── resume_helmrelease.go
│ ├── resume_image.go
│ ├── resume_image_policy.go
│ ├── resume_image_repository.go
│ ├── resume_image_updateauto.go
│ ├── resume_kustomization.go
│ ├── resume_receiver.go
│ ├── resume_source.go
│ ├── resume_source_bucket.go
│ ├── resume_source_chart.go
│ ├── resume_source_git.go
│ ├── resume_source_helm.go
│ ├── resume_source_oci.go
│ ├── source.go
│ ├── source_oci_test.go
│ ├── stats.go
│ ├── status.go
│ ├── suspend.go
│ ├── suspend_alert.go
│ ├── suspend_alertprovider.go
│ ├── suspend_helmrelease.go
│ ├── suspend_image.go
│ ├── suspend_image_policy.go
│ ├── suspend_image_repository.go
│ ├── suspend_image_updateauto.go
│ ├── suspend_kustomization.go
│ ├── suspend_receiver.go
│ ├── suspend_source.go
│ ├── suspend_source_bucket.go
│ ├── suspend_source_chart.go
│ ├── suspend_source_git.go
│ ├── suspend_source_helm.go
│ ├── suspend_source_oci.go
│ ├── tag.go
│ ├── tag_artifact.go
│ ├── testdata/
│ │ ├── build-kustomization/
│ │ │ ├── delete-service/
│ │ │ │ ├── deployment.yaml
│ │ │ │ ├── hpa.yaml
│ │ │ │ └── kustomization.yaml
│ │ │ ├── ignore/
│ │ │ │ ├── .sourceignore
│ │ │ │ ├── configmap.yaml
│ │ │ │ ├── not_deployable/
│ │ │ │ │ └── ignore_svc.yaml
│ │ │ │ └── secret.yaml
│ │ │ ├── my-app/
│ │ │ │ └── configmap.yaml
│ │ │ ├── podinfo/
│ │ │ │ ├── deployment.yaml
│ │ │ │ ├── dockerconfigjson-sops-secret.yaml
│ │ │ │ ├── hpa.yaml
│ │ │ │ ├── kustomization.yaml
│ │ │ │ ├── service.yaml
│ │ │ │ ├── stringdata-secret.yaml
│ │ │ │ └── token.encrypted
│ │ │ ├── podinfo-kustomization.yaml
│ │ │ ├── podinfo-result.yaml
│ │ │ ├── podinfo-source.yaml
│ │ │ ├── podinfo-with-ignore-result.yaml
│ │ │ ├── podinfo-with-my-app/
│ │ │ │ ├── kustomization.yaml
│ │ │ │ └── my-app.yaml
│ │ │ ├── podinfo-with-my-app-result.yaml
│ │ │ ├── podinfo-with-var-substitution-result.yaml
│ │ │ ├── podinfo-without-service-result.yaml
│ │ │ └── var-substitution/
│ │ │ ├── cluster.json
│ │ │ ├── deployment.yaml
│ │ │ └── kustomization.yaml
│ │ ├── check/
│ │ │ └── check_pre.golden
│ │ ├── cluster_info/
│ │ │ └── gitrepositories.yaml
│ │ ├── create_hr/
│ │ │ ├── basic.yaml
│ │ │ ├── hc_basic.yaml
│ │ │ ├── or_basic.yaml
│ │ │ └── setup-source.yaml
│ │ ├── create_secret/
│ │ │ ├── git/
│ │ │ │ ├── ecdsa-password.private
│ │ │ │ ├── ecdsa.private
│ │ │ │ ├── git-bearer-token.yaml
│ │ │ │ ├── git-ssh-secret-password.yaml
│ │ │ │ ├── git-ssh-secret.yaml
│ │ │ │ ├── secret-ca-crt.yaml
│ │ │ │ └── secret-git-basic.yaml
│ │ │ ├── githubapp/
│ │ │ │ ├── secret-with-baseurl.yaml
│ │ │ │ ├── secret.yaml
│ │ │ │ └── test-private-key.pem
│ │ │ ├── helm/
│ │ │ │ └── secret-helm.yaml
│ │ │ ├── notation/
│ │ │ │ ├── invalid-trust-policy.json
│ │ │ │ ├── invalid.json
│ │ │ │ ├── secret-ca-crt.yaml
│ │ │ │ ├── secret-ca-multi.yaml
│ │ │ │ ├── secret-ca-pem.yaml
│ │ │ │ ├── test-ca.crt
│ │ │ │ ├── test-ca2.crt
│ │ │ │ └── test-trust-policy.json
│ │ │ ├── oci/
│ │ │ │ └── create-secret.yaml
│ │ │ ├── proxy/
│ │ │ │ └── secret-proxy.yaml
│ │ │ └── tls/
│ │ │ ├── secret-tls.yaml
│ │ │ ├── test-ca.pem
│ │ │ ├── test-cert.pem
│ │ │ └── test-key.pem
│ │ ├── create_source_chart/
│ │ │ ├── basic.yaml
│ │ │ ├── setup-source.yaml
│ │ │ ├── verify_basic.yaml
│ │ │ └── verify_complete.yaml
│ │ ├── create_source_git/
│ │ │ ├── export.golden
│ │ │ ├── source-git-branch-commit.yaml
│ │ │ ├── source-git-branch.yaml
│ │ │ ├── source-git-commit.yaml
│ │ │ ├── source-git-provider-azure.yaml
│ │ │ ├── source-git-provider-generic.yaml
│ │ │ ├── source-git-provider-github.yaml
│ │ │ ├── source-git-refname.yaml
│ │ │ ├── source-git-semver.yaml
│ │ │ ├── source-git-tag.yaml
│ │ │ └── success.golden
│ │ ├── create_source_helm/
│ │ │ ├── https.golden
│ │ │ ├── oci-with-secret.golden
│ │ │ └── oci.golden
│ │ ├── create_tenant/
│ │ │ ├── tenant-basic.yaml
│ │ │ ├── tenant-with-cluster-role.yaml
│ │ │ ├── tenant-with-service-account.yaml
│ │ │ └── tenant-with-skip-namespace.yaml
│ │ ├── debug_helmrelease/
│ │ │ ├── history-empty.golden.yaml
│ │ │ ├── history.golden.yaml
│ │ │ ├── objects.yaml
│ │ │ ├── status.golden.yaml
│ │ │ ├── values-from.golden.yaml
│ │ │ └── values-inline.golden.yaml
│ │ ├── debug_kustomization/
│ │ │ ├── history-empty.golden.yaml
│ │ │ ├── history.golden.yaml
│ │ │ ├── objects.yaml
│ │ │ ├── status.golden.yaml
│ │ │ ├── vars-from.golden.env
│ │ │ └── vars.golden.env
│ │ ├── diff-artifact/
│ │ │ ├── deployment-diff.yaml
│ │ │ ├── deployment.yaml
│ │ │ └── success.golden
│ │ ├── diff-kustomization/
│ │ │ ├── deployment.yaml
│ │ │ ├── diff-with-deployment.golden
│ │ │ ├── diff-with-dockerconfigjson-sops-secret.golden
│ │ │ ├── diff-with-drifted-key-sops-secret.golden
│ │ │ ├── diff-with-drifted-secret.golden
│ │ │ ├── diff-with-drifted-service.golden
│ │ │ ├── diff-with-drifted-stringdata-sops-secret.golden
│ │ │ ├── diff-with-drifted-value-sops-secret.golden
│ │ │ ├── diff-with-recursive.golden
│ │ │ ├── dockerconfigjson-sops-secret.yaml
│ │ │ ├── flux-kustomization-multiobj.yaml
│ │ │ ├── key-sops-secret.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── my-app.yaml
│ │ │ ├── nothing-is-deployed.golden
│ │ │ ├── secret.yaml
│ │ │ ├── service.yaml
│ │ │ ├── stringdata-sops-secret.yaml
│ │ │ └── value-sops-secret.yaml
│ │ ├── envsubst/
│ │ │ ├── file.gold
│ │ │ └── file.yaml
│ │ ├── export/
│ │ │ ├── alert.yaml
│ │ │ ├── bucket.yaml
│ │ │ ├── external-artifact.yaml
│ │ │ ├── git-repo.yaml
│ │ │ ├── helm-chart.yaml
│ │ │ ├── helm-release.yaml
│ │ │ ├── helm-repo.yaml
│ │ │ ├── image-policy.yaml
│ │ │ ├── image-repo.yaml
│ │ │ ├── image-update.yaml
│ │ │ ├── ks.yaml
│ │ │ ├── objects.yaml
│ │ │ ├── provider.yaml
│ │ │ └── receiver.yaml
│ │ ├── get/
│ │ │ ├── get.golden
│ │ │ ├── get_label_one.golden
│ │ │ ├── get_label_two.golden
│ │ │ └── objects.yaml
│ │ ├── helmrelease/
│ │ │ ├── create_helmrelease_from_git.golden
│ │ │ ├── create_source_git.golden
│ │ │ ├── delete_helmrelease_from_git.golden
│ │ │ ├── get_helmrelease_from_git.golden
│ │ │ ├── reconcile_helmrelease_from_git.golden
│ │ │ ├── resume_helmrelease_from_git.golden
│ │ │ └── suspend_helmrelease_from_git.golden
│ │ ├── image/
│ │ │ ├── create_image_policy.golden
│ │ │ ├── create_image_repository.golden
│ │ │ ├── get_image_policy_regex.golden
│ │ │ ├── get_image_policy_semver.golden
│ │ │ ├── reconcile_image_policy.golden
│ │ │ ├── resume_image_policy.golden
│ │ │ └── suspend_image_policy.golden
│ │ ├── kustomization/
│ │ │ ├── create_kustomization_from_git.golden
│ │ │ ├── create_source_git.golden
│ │ │ ├── delete_kustomization_from_git.golden
│ │ │ ├── get_kustomization_from_git.golden
│ │ │ ├── reconcile_kustomization_from_git.golden
│ │ │ ├── resume_kustomization_from_git.golden
│ │ │ ├── resume_kustomization_from_git_multiple_args.golden
│ │ │ ├── resume_kustomization_from_git_multiple_args_wait.golden
│ │ │ ├── suspend_kustomization_from_git.golden
│ │ │ └── suspend_kustomization_from_git_multiple_args.golden
│ │ ├── logs/
│ │ │ ├── all-logs.txt
│ │ │ ├── kind.txt
│ │ │ ├── log-level.txt
│ │ │ ├── multiple-filters.txt
│ │ │ └── namespace.txt
│ │ ├── migrate/
│ │ │ └── file-system/
│ │ │ ├── dir/
│ │ │ │ ├── some-dir/
│ │ │ │ │ ├── another-file
│ │ │ │ │ ├── another-file.yaml
│ │ │ │ │ └── another-file.yml
│ │ │ │ ├── some-file
│ │ │ │ ├── some-file.yaml
│ │ │ │ └── some-file.yml
│ │ │ ├── dir.golden/
│ │ │ │ ├── some-dir/
│ │ │ │ │ ├── another-file
│ │ │ │ │ ├── another-file.yaml
│ │ │ │ │ └── another-file.yml
│ │ │ │ ├── some-file
│ │ │ │ ├── some-file.yaml
│ │ │ │ └── some-file.yml
│ │ │ ├── dir.output.golden
│ │ │ ├── single-file-wrong-ext.json
│ │ │ ├── single-file.yaml
│ │ │ ├── single-file.yaml.golden
│ │ │ └── single-file.yaml.output.golden
│ │ ├── oci/
│ │ │ ├── create_source_oci.golden
│ │ │ ├── delete_oci.golden
│ │ │ ├── export.golden
│ │ │ ├── export_with_complete_verification.golden
│ │ │ ├── export_with_issuer.golden
│ │ │ ├── export_with_secret.golden
│ │ │ ├── export_with_subject.golden
│ │ │ ├── export_with_verify_secret.golden
│ │ │ ├── get_oci.golden
│ │ │ ├── reconcile_oci.golden
│ │ │ ├── resume_oci.golden
│ │ │ └── suspend_oci.golden
│ │ ├── trace/
│ │ │ ├── deployment-hr-ocirepo.golden
│ │ │ ├── deployment-hr-ocirepo.yaml
│ │ │ ├── deployment.golden
│ │ │ ├── deployment.yaml
│ │ │ ├── helmrelease-oci.golden
│ │ │ ├── helmrelease-oci.yaml
│ │ │ ├── helmrelease.golden
│ │ │ └── helmrelease.yaml
│ │ └── tree/
│ │ ├── kustomizations.yaml
│ │ ├── tree-compact.golden
│ │ ├── tree-empty.golden
│ │ └── tree.golden
│ ├── trace.go
│ ├── trace_test.go
│ ├── tree.go
│ ├── tree_artifact.go
│ ├── tree_artifact_generator.go
│ ├── tree_kustomization.go
│ ├── tree_kustomization_test.go
│ ├── uninstall.go
│ ├── version.go
│ ├── version_test.go
│ ├── version_utils.go
│ └── version_utils_test.go
├── docs/
│ └── release/
│ ├── README.md
│ └── release-notes-template.md
├── go.mod
├── go.sum
├── install/
│ ├── README.md
│ └── flux.sh
├── internal/
│ ├── build/
│ │ ├── build.go
│ │ ├── build_test.go
│ │ ├── diff.go
│ │ └── testdata/
│ │ └── local-kustomization/
│ │ ├── different-name.yaml
│ │ ├── invalid-resource.yaml
│ │ ├── multi-doc-reset.yaml
│ │ ├── multi-doc-valid.yaml
│ │ ├── no-ns.yaml
│ │ └── valid.yaml
│ ├── flags/
│ │ ├── crds.go
│ │ ├── crds_test.go
│ │ ├── decryption_provider.go
│ │ ├── decryption_provider_test.go
│ │ ├── ecdsa_curve.go
│ │ ├── ecdsa_curve_test.go
│ │ ├── gitlab_visibility.go
│ │ ├── gitlab_visibility_test.go
│ │ ├── helm_chart_source.go
│ │ ├── helm_chart_source_test.go
│ │ ├── kustomization_source.go
│ │ ├── kustomization_source_test.go
│ │ ├── local_helm_chart_source.go
│ │ ├── log_level.go
│ │ ├── log_level_test.go
│ │ ├── public_key_algorithm.go
│ │ ├── public_key_algorithm_test.go
│ │ ├── rsa_key_bits.go
│ │ ├── rsa_key_bits_test.go
│ │ ├── safe_relative_path.go
│ │ ├── safe_relative_path_test.go
│ │ ├── source_bucket_provider.go
│ │ ├── source_bucket_provider_test.go
│ │ ├── source_git_provider.go
│ │ ├── source_oci_provider.go
│ │ ├── source_oci_verify_provider.go
│ │ └── source_oci_verify_provider_test.go
│ ├── tree/
│ │ └── tree.go
│ └── utils/
│ ├── apply.go
│ ├── hex.go
│ ├── hex_test.go
│ ├── testdata/
│ │ ├── components-with-crds.yaml
│ │ └── components-without-crds.yaml
│ ├── utils.go
│ └── utils_test.go
├── manifests/
│ ├── bases/
│ │ ├── helm-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── image-automation-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── image-reflector-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── kustomize-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── notification-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ ├── source-controller/
│ │ │ ├── account.yaml
│ │ │ ├── kustomization.yaml
│ │ │ ├── labels.yaml
│ │ │ └── patch.yaml
│ │ └── source-watcher/
│ │ ├── account.yaml
│ │ ├── kustomization.yaml
│ │ ├── labels.yaml
│ │ └── patch.yaml
│ ├── crds/
│ │ └── kustomization.yaml
│ ├── install/
│ │ ├── kustomization.yaml
│ │ ├── labels.yaml
│ │ └── namespace.yaml
│ ├── monitoring/
│ │ └── README.md
│ ├── openshift/
│ │ ├── kustomization.yaml
│ │ ├── labels.yaml
│ │ ├── namespace.yaml
│ │ └── scc.yaml
│ ├── policies/
│ │ ├── allow-egress.yaml
│ │ ├── allow-scraping.yaml
│ │ ├── allow-webhooks.yaml
│ │ └── kustomization.yaml
│ ├── rbac/
│ │ ├── controller.yaml
│ │ ├── edit.yaml
│ │ ├── kustomization.yaml
│ │ ├── reconciler.yaml
│ │ ├── resourcequota.yaml
│ │ └── view.yaml
│ ├── scripts/
│ │ └── bundle.sh
│ └── test/
│ ├── kustomization.yaml
│ ├── labels.yaml
│ └── namespace.yaml
├── netlify.toml
├── pkg/
│ ├── bootstrap/
│ │ ├── bootstrap.go
│ │ ├── bootstrap_plain_git.go
│ │ ├── bootstrap_provider.go
│ │ ├── bootstrap_test.go
│ │ ├── options.go
│ │ └── provider/
│ │ ├── factory.go
│ │ └── provider.go
│ ├── log/
│ │ ├── log.go
│ │ └── nop.go
│ ├── manifestgen/
│ │ ├── doc.go
│ │ ├── install/
│ │ │ ├── install.go
│ │ │ ├── install_test.go
│ │ │ ├── manifests.go
│ │ │ ├── options.go
│ │ │ └── templates.go
│ │ ├── kustomization/
│ │ │ ├── kustomization.go
│ │ │ └── options.go
│ │ ├── labels.go
│ │ ├── manifest.go
│ │ ├── sourcesecret/
│ │ │ ├── options.go
│ │ │ ├── sourcesecret.go
│ │ │ ├── sourcesecret_test.go
│ │ │ └── testdata/
│ │ │ ├── password_rsa
│ │ │ ├── password_rsa.pub
│ │ │ ├── rsa
│ │ │ └── rsa.pub
│ │ ├── sync/
│ │ │ ├── options.go
│ │ │ ├── sync.go
│ │ │ └── sync_test.go
│ │ └── tmpdir.go
│ ├── printers/
│ │ ├── dyff.go
│ │ ├── interface.go
│ │ └── table_printer.go
│ ├── status/
│ │ └── status.go
│ └── uninstall/
│ └── uninstall.go
├── rfcs/
│ ├── 0001-authorization/
│ │ └── README.md
│ ├── 0002-helm-oci/
│ │ └── README.md
│ ├── 0003-kubernetes-oci/
│ │ └── README.md
│ ├── 0004-insecure-http/
│ │ └── README.md
│ ├── 0005-artifact-revision-and-digest/
│ │ └── README.md
│ ├── 0006-cdevents/
│ │ └── README.md
│ ├── 0007-git-repo-passwordless-auth/
│ │ └── README.md
│ ├── 0008-custom-event-metadata-from-annotations/
│ │ └── README.md
│ ├── 0009-custom-health-checks/
│ │ └── README.md
│ ├── 0010-multi-tenant-workload-identity/
│ │ └── README.md
│ ├── 0011-opentelemetry-tracing/
│ │ └── README.md
│ ├── 0012-external-artifact/
│ │ └── README.md
│ ├── README.md
│ └── RFC-0000/
│ └── README.md
└── tests/
├── .gitignore
├── bootstrap/
│ └── main.go
├── image-automation/
│ ├── auto.yaml
│ ├── kustomization.yaml
│ └── main.go
└── integration/
├── Makefile
├── README.md
├── azure_specific_test.go
├── azure_test.go
├── flux_test.go
├── gcp_test.go
├── go.mod
├── go.sum
├── image_repo_test.go
├── notification_test.go
├── oci_test.go
├── sops_encryption_test.go
├── suite_test.go
├── terraform/
│ ├── azure/
│ │ ├── aks.tf
│ │ ├── azuredevops.tf
│ │ ├── event-hub.tf
│ │ ├── keyvault.tf
│ │ ├── main.tf
│ │ ├── outputs.tf
│ │ └── variables.tf
│ └── gcp/
│ ├── gke.tf
│ ├── kms.tf
│ ├── main.tf
│ ├── outputs.tf
│ ├── pubsub.tf
│ ├── sourcerepo.tf
│ └── variables.tf
└── util_test.go
SYMBOL INDEX (1431 symbols across 310 files)
FILE: cmd/flux/alert.go
type alertAdapter (line 33) | type alertAdapter struct
method asClientObject (line 37) | func (a alertAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 41) | func (a alertAdapter) deepCopyClientObject() client.Object {
type alertListAdapter (line 47) | type alertListAdapter struct
method asClientList (line 51) | func (a alertListAdapter) asClientList() client.ObjectList {
method len (line 55) | func (a alertListAdapter) len() int {
FILE: cmd/flux/alert_provider.go
type alertProviderAdapter (line 33) | type alertProviderAdapter struct
method asClientObject (line 37) | func (a alertProviderAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 41) | func (a alertProviderAdapter) deepCopyClientObject() client.Object {
type alertProviderListAdapter (line 47) | type alertProviderListAdapter struct
method asClientList (line 51) | func (a alertProviderListAdapter) asClientList() client.ObjectList {
method len (line 55) | func (a alertProviderListAdapter) len() int {
FILE: cmd/flux/artifact.go
type artifactGeneratorAdapter (line 33) | type artifactGeneratorAdapter struct
method asClientObject (line 37) | func (h artifactGeneratorAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 41) | func (h artifactGeneratorAdapter) deepCopyClientObject() client.Object {
type artifactGeneratorListAdapter (line 47) | type artifactGeneratorListAdapter struct
method asClientList (line 51) | func (h artifactGeneratorListAdapter) asClientList() client.ObjectList {
method len (line 55) | func (h artifactGeneratorListAdapter) len() int {
FILE: cmd/flux/bootstrap.go
type bootstrapFlags (line 44) | type bootstrapFlags struct
constant bootstrapDefaultBranch (line 88) | bootstrapDefaultBranch = "main"
function init (line 93) | func init() {
function NewBootstrapFlags (line 150) | func NewBootstrapFlags() bootstrapFlags {
function bootstrapComponents (line 160) | func bootstrapComponents() []string {
function buildEmbeddedManifestBase (line 164) | func buildEmbeddedManifestBase() (string, error) {
function bootstrapValidate (line 178) | func bootstrapValidate() error {
function mapTeamSlice (line 205) | func mapTeamSlice(s []string, defaultPermission string) map[string]string {
function confirmBootstrap (line 219) | func confirmBootstrap(ctx context.Context, kubeClient client.Client) err...
FILE: cmd/flux/bootstrap_bitbucket_server.go
constant bServerDefaultPermission (line 65) | bServerDefaultPermission = "push"
constant bServerTokenEnvVar (line 66) | bServerTokenEnvVar = "BITBUCKET_TOKEN"
type bServerFlags (line 69) | type bServerFlags struct
function init (line 85) | func init() {
function bootstrapBServerCmdRun (line 101) | func bootstrapBServerCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/bootstrap_git.go
type gitFlags (line 77) | type gitFlags struct
constant gitPasswordEnvVar (line 89) | gitPasswordEnvVar = "GIT_PASSWORD"
function init (line 94) | func init() {
function bootstrapGitCmdRun (line 107) | func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error {
function getAuthOpts (line 332) | func getAuthOpts(u *url.URL, caBundle []byte) (*git.AuthOptions, error) {
function promptPublicKey (line 384) | func promptPublicKey(ctx context.Context, secret corev1.Secret, _ source...
FILE: cmd/flux/bootstrap_gitea.go
type giteaFlags (line 73) | type giteaFlags struct
constant gtDefaultPermission (line 87) | gtDefaultPermission = "maintain"
constant gtDefaultDomain (line 88) | gtDefaultDomain = "gitea.com"
constant gtTokenEnvVar (line 89) | gtTokenEnvVar = "GITEA_TOKEN"
function init (line 94) | func init() {
function bootstrapGiteaCmdRun (line 109) | func bootstrapGiteaCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/bootstrap_github.go
type githubFlags (line 73) | type githubFlags struct
constant ghDefaultPermission (line 87) | ghDefaultPermission = "maintain"
constant ghDefaultDomain (line 88) | ghDefaultDomain = "github.com"
constant ghTokenEnvVar (line 89) | ghTokenEnvVar = "GITHUB_TOKEN"
function init (line 94) | func init() {
function bootstrapGitHubCmdRun (line 109) | func bootstrapGitHubCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/bootstrap_gitlab.go
constant glDefaultPermission (line 78) | glDefaultPermission = "maintain"
constant glDefaultDomain (line 79) | glDefaultDomain = "gitlab.com"
constant glTokenEnvVar (line 80) | glTokenEnvVar = "GITLAB_TOKEN"
constant gitlabProjectRegex (line 81) | gitlabProjectRegex = `\A[[:alnum:]\x{00A9}-\x{1f9ff}_][[:alnum:]\p{Pd}\...
type gitlabFlags (line 84) | type gitlabFlags struct
function NewGitlabFlags (line 99) | func NewGitlabFlags() gitlabFlags {
function init (line 107) | func init() {
function bootstrapGitLabCmdRun (line 125) | func bootstrapGitLabCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/build.go
function init (line 29) | func init() {
FILE: cmd/flux/build_artifact.go
type buildArtifactFlags (line 50) | type buildArtifactFlags struct
function init (line 60) | func init() {
function buildArtifactCmdRun (line 68) | func buildArtifactCmdRun(cmd *cobra.Command, args []string) error {
function saveReaderToFile (line 99) | func saveReaderToFile(reader io.Reader) (string, error) {
FILE: cmd/flux/build_artifact_test.go
function Test_saveReaderToFile (line 27) | func Test_saveReaderToFile(t *testing.T) {
FILE: cmd/flux/build_kustomization.go
type buildKsFlags (line 67) | type buildKsFlags struct
function init (line 79) | func init() {
function buildKsCmdRun (line 91) | func buildKsCmdRun(cmd *cobra.Command, args []string) (err error) {
FILE: cmd/flux/build_kustomization_test.go
function setup (line 30) | func setup(t *testing.T, tmpl map[string]string) {
function TestBuildKustomization (line 36) | func TestBuildKustomization(t *testing.T) {
function TestBuildLocalKustomization (line 107) | func TestBuildLocalKustomization(t *testing.T) {
function TestBuildKustomizationPathNormalization (line 225) | func TestBuildKustomizationPathNormalization(t *testing.T) {
FILE: cmd/flux/check.go
type checkFlags (line 55) | type checkFlags struct
function init (line 68) | func init() {
function runCheckCmd (line 80) | func runCheckCmd(cmd *cobra.Command, args []string) error {
function fluxCheck (line 135) | func fluxCheck() {
function kubernetesCheck (line 157) | func kubernetesCheck(cfg *rest.Config, constraints []string) bool {
function componentsCheck (line 196) | func componentsCheck(ctx context.Context, kubeClient client.Client) bool {
function crdsCheck (line 227) | func crdsCheck(ctx context.Context, kubeClient client.Client) bool {
function fluxClusterVersionCheck (line 251) | func fluxClusterVersionCheck(ctx context.Context, kubeClient client.Clie...
FILE: cmd/flux/check_test.go
function TestCheckPre (line 31) | func TestCheckPre(t *testing.T) {
FILE: cmd/flux/cluster_info.go
type fluxClusterInfo (line 42) | type fluxClusterInfo struct
method distribution (line 116) | func (info fluxClusterInfo) distribution() string {
function getFluxClusterInfo (line 60) | func getFluxClusterInfo(ctx context.Context, c client.Client) (fluxClust...
function confirmFluxInstallOverride (line 100) | func confirmFluxInstallOverride(info fluxClusterInfo) error {
function installManagedByFlux (line 124) | func installManagedByFlux(manager string) bool {
FILE: cmd/flux/cluster_info_test.go
function Test_getFluxClusterInfo (line 35) | func Test_getFluxClusterInfo(t *testing.T) {
FILE: cmd/flux/completion.go
function init (line 37) | func init() {
function contextsCompletionFunc (line 41) | func contextsCompletionFunc(cmd *cobra.Command, args []string, toComplet...
function resourceNamesCompletionFunc (line 58) | func resourceNamesCompletionFunc(gvk schema.GroupVersionKind) func(cmd *...
function completionError (line 109) | func completionError(err error) ([]string, cobra.ShellCompDirective) {
FILE: cmd/flux/completion_bash.go
function init (line 42) | func init() {
FILE: cmd/flux/completion_fish.go
function init (line 39) | func init() {
FILE: cmd/flux/completion_powershell.go
function init (line 49) | func init() {
FILE: cmd/flux/completion_zsh.go
function init (line 53) | func init() {
FILE: cmd/flux/create.go
type createFlags (line 42) | type createFlags struct
function init (line 50) | func init() {
type upsertable (line 71) | type upsertable interface
method upsert (line 88) | func (names apiType) upsert(ctx context.Context, kubeClient client.Clien...
type upsertWaitable (line 108) | type upsertWaitable interface
method upsertAndWait (line 116) | func (names apiType) upsertAndWait(object upsertWaitable, mutate func() ...
function parseLabels (line 142) | func parseLabels() (map[string]string, error) {
function validateObjectName (line 167) | func validateObjectName(name string) bool {
FILE: cmd/flux/create_alert.go
type alertFlags (line 50) | type alertFlags struct
function init (line 58) | func init() {
function createAlertCmdRun (line 65) | func createAlertCmdRun(cmd *cobra.Command, args []string) error {
function upsertAlert (line 142) | func upsertAlert(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_alertprovider.go
type alertProviderFlags (line 55) | type alertProviderFlags struct
function init (line 65) | func init() {
function createAlertProviderCmdRun (line 74) | func createAlertProviderCmdRun(cmd *cobra.Command, args []string) error {
function upsertAlertProvider (line 139) | func upsertAlertProvider(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_helmrelease.go
type helmReleaseFlags (line 129) | type helmReleaseFlags struct
function init (line 154) | func init() {
function createHelmReleaseCmdRun (line 174) | func createHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
function upsertHelmRelease (line 372) | func upsertHelmRelease(ctx context.Context, kubeClient client.Client,
function validateStrategy (line 403) | func validateStrategy(input string) bool {
FILE: cmd/flux/create_helmrelease_test.go
function TestCreateHelmRelease (line 24) | func TestCreateHelmRelease(t *testing.T) {
function setupHRSource (line 88) | func setupHRSource(t *testing.T, tmpl map[string]string) {
FILE: cmd/flux/create_image.go
function init (line 31) | func init() {
FILE: cmd/flux/create_image_policy.go
type imagePolicyFlags (line 57) | type imagePolicyFlags struct
function init (line 70) | func init() {
function createImagePolicyRun (line 84) | func createImagePolicyRun(cmd *cobra.Command, args []string) error {
function validateExtractStr (line 184) | func validateExtractStr(template string, capNames []string) error {
function extract (line 222) | func extract(str string) (name string, num int, rest string, ok bool) {
FILE: cmd/flux/create_image_repository.go
type imageRepoFlags (line 64) | type imageRepoFlags struct
function init (line 73) | func init() {
function createImageRepositoryRun (line 85) | func createImageRepositoryRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_image_update.go
type imageUpdateFlags (line 69) | type imageUpdateFlags struct
function init (line 82) | func init() {
function createImageUpdateRun (line 96) | func createImageUpdateRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_kustomization.go
type kustomizationFlags (line 85) | type kustomizationFlags struct
function init (line 104) | func init() {
function NewKustomizationFlags (line 124) | func NewKustomizationFlags() kustomizationFlags {
function createKsCmdRun (line 130) | func createKsCmdRun(cmd *cobra.Command, args []string) error {
function upsertKustomization (line 286) | func upsertKustomization(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_receiver.go
type receiverFlags (line 51) | type receiverFlags struct
function init (line 60) | func init() {
function createReceiverCmdRun (line 68) | func createReceiverCmdRun(cmd *cobra.Command, args []string) error {
function upsertReceiver (line 151) | func upsertReceiver(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_secret.go
function init (line 35) | func init() {
function upsertSecret (line 39) | func upsertSecret(ctx context.Context, kubeClient client.Client, secret ...
FILE: cmd/flux/create_secret_git.go
type secretGitFlags (line 83) | type secretGitFlags struct
function init (line 97) | func init() {
function NewSecretGitFlags (line 111) | func NewSecretGitFlags() secretGitFlags {
function createSecretGitCmdRun (line 119) | func createSecretGitCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_secret_git_test.go
function TestCreateGitSecret (line 9) | func TestCreateGitSecret(t *testing.T) {
FILE: cmd/flux/create_secret_github_app.go
type secretGitHubAppFlags (line 48) | type secretGitHubAppFlags struct
function init (line 58) | func init() {
function createSecretGitHubAppCmdRun (line 68) | func createSecretGitHubAppCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_secret_githubapp_test.go
function TestCreateSecretGitHubApp (line 23) | func TestCreateSecretGitHubApp(t *testing.T) {
FILE: cmd/flux/create_secret_helm.go
type secretHelmFlags (line 49) | type secretHelmFlags struct
function init (line 57) | func init() {
function createSecretHelmCmdRun (line 68) | func createSecretHelmCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_secret_helm_test.go
function TestCreateHelmSecret (line 23) | func TestCreateHelmSecret(t *testing.T) {
FILE: cmd/flux/create_secret_notation.go
type secretNotationFlags (line 53) | type secretNotationFlags struct
function init (line 60) | func init() {
function createSecretNotationCmdRun (line 67) | func createSecretNotationCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_secret_notation_test.go
constant trustPolicy (line 27) | trustPolicy = "./testdata/create_secret/notation/test-trust-polic...
constant invalidTrustPolicy (line 28) | invalidTrustPolicy = "./testdata/create_secret/notation/invalid-trust-po...
constant invalidJson (line 29) | invalidJson = "./testdata/create_secret/notation/invalid.json"
constant testCertFolder (line 30) | testCertFolder = "./testdata/create_secret/notation"
function TestCreateNotationSecret (line 33) | func TestCreateNotationSecret(t *testing.T) {
FILE: cmd/flux/create_secret_oci.go
type secretOCIFlags (line 48) | type secretOCIFlags struct
function init (line 56) | func init() {
function createSecretOCICmdRun (line 64) | func createSecretOCICmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_secret_oci_test.go
function TestCreateSecretOCI (line 23) | func TestCreateSecretOCI(t *testing.T) {
FILE: cmd/flux/create_secret_proxy.go
type secretProxyFlags (line 50) | type secretProxyFlags struct
function init (line 58) | func init() {
function createSecretProxyCmdRun (line 66) | func createSecretProxyCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_secret_proxy_test.go
function TestCreateProxySecret (line 23) | func TestCreateProxySecret(t *testing.T) {
FILE: cmd/flux/create_secret_tls.go
type secretTLSFlags (line 50) | type secretTLSFlags struct
function init (line 58) | func init() {
function createSecretTLSCmdRun (line 66) | func createSecretTLSCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/create_secret_tls_test.go
function TestCreateTlsSecret (line 7) | func TestCreateTlsSecret(t *testing.T) {
FILE: cmd/flux/create_source.go
type createSourceFlags (line 31) | type createSourceFlags struct
function init (line 37) | func init() {
FILE: cmd/flux/create_source_bucket.go
type sourceBucketFlags (line 64) | type sourceBucketFlags struct
function init (line 79) | func init() {
function newSourceBucketFlags (line 94) | func newSourceBucketFlags() sourceBucketFlags {
function createSourceBucketCmdRun (line 100) | func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
function upsertBucket (line 220) | func upsertBucket(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_source_chart.go
type sourceChartFlags (line 68) | type sourceChartFlags struct
function init (line 81) | func init() {
function createSourceChartCmdRun (line 94) | func createSourceChartCmdRun(cmd *cobra.Command, args []string) error {
function upsertHelmChart (line 188) | func upsertHelmChart(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_source_chart_test.go
function TestCreateSourceChart (line 24) | func TestCreateSourceChart(t *testing.T) {
function setupSourceChart (line 88) | func setupSourceChart(t *testing.T, tmpl map[string]string) {
FILE: cmd/flux/create_source_git.go
type sourceGitFlags (line 46) | type sourceGitFlags struct
function init (line 137) | func init() {
function newSourceGitFlags (line 163) | func newSourceGitFlags() sourceGitFlags {
function createSourceGitCmdRun (line 171) | func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
function upsertGitRepository (line 357) | func upsertGitRepository(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_source_git_test.go
type reconcileFunc (line 42) | type reconcileFunc
type reconciler (line 49) | type reconciler struct
method run (line 57) | func (r *reconciler) run(t *testing.T) {
method conditionFunc (line 76) | func (r *reconciler) conditionFunc() (bool, error) {
function TestCreateSourceGitExport (line 89) | func TestCreateSourceGitExport(t *testing.T) {
function TestCreateSourceGit (line 179) | func TestCreateSourceGit(t *testing.T) {
FILE: cmd/flux/create_source_helm.go
type sourceHelmFlags (line 77) | type sourceHelmFlags struct
function init (line 91) | func init() {
function createSourceHelmCmdRun (line 105) | func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
function upsertHelmRepository (line 249) | func upsertHelmRepository(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_source_helm_test.go
function TestCreateSourceHelm (line 26) | func TestCreateSourceHelm(t *testing.T) {
FILE: cmd/flux/create_source_oci.go
type sourceOCIRepositoryFlags (line 60) | type sourceOCIRepositoryFlags struct
function newSourceOCIFlags (line 80) | func newSourceOCIFlags() sourceOCIRepositoryFlags {
function init (line 86) | func init() {
function createSourceOCIRepositoryCmdRun (line 106) | func createSourceOCIRepositoryCmdRun(cmd *cobra.Command, args []string) ...
function upsertOCIRepository (line 237) | func upsertOCIRepository(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/create_source_oci_test.go
function TestCreateSourceOCI (line 23) | func TestCreateSourceOCI(t *testing.T) {
FILE: cmd/flux/create_tenant.go
constant tenantLabel (line 57) | tenantLabel = "toolkit.fluxcd.io/tenant"
type tenantFlags (line 60) | type tenantFlags struct
function init (line 69) | func init() {
function createTenantCmdRun (line 77) | func createTenantCmdRun(cmd *cobra.Command, args []string) error {
function upsertNamespace (line 200) | func upsertNamespace(ctx context.Context, kubeClient client.Client, name...
function upsertServiceAccount (line 229) | func upsertServiceAccount(ctx context.Context, kubeClient client.Client,...
function upsertRoleBinding (line 258) | func upsertRoleBinding(ctx context.Context, kubeClient client.Client, ro...
function exportTenant (line 291) | func exportTenant(namespace corev1.Namespace, account corev1.ServiceAcco...
FILE: cmd/flux/create_tenant_test.go
function TestCreateTenant (line 26) | func TestCreateTenant(t *testing.T) {
FILE: cmd/flux/create_test.go
function Test_validateObjectName (line 9) | func Test_validateObjectName(t *testing.T) {
FILE: cmd/flux/debug.go
function init (line 29) | func init() {
FILE: cmd/flux/debug_helmrelease.go
type debugHelmReleaseFlags (line 52) | type debugHelmReleaseFlags struct
function init (line 60) | func init() {
function debugHelmReleaseCmdRun (line 67) | func debugHelmReleaseCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/debug_helmrelease_test.go
function TestDebugHelmRelease (line 26) | func TestDebugHelmRelease(t *testing.T) {
FILE: cmd/flux/debug_kustomization.go
type debugKustomizationFlags (line 57) | type debugKustomizationFlags struct
function init (line 65) | func init() {
function debugKustomizationCmdRun (line 72) | func debugKustomizationCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/debug_kustomization_test.go
function TestDebugKustomization (line 26) | func TestDebugKustomization(t *testing.T) {
FILE: cmd/flux/delete.go
type deleteFlags (line 36) | type deleteFlags struct
function init (line 42) | func init() {
type deleteCommand (line 49) | type deleteCommand struct
method run (line 54) | func (del deleteCommand) run(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/delete_alert.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_alertprovider.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_helmrelease.go
function init (line 39) | func init() {
FILE: cmd/flux/delete_image.go
function init (line 29) | func init() {
FILE: cmd/flux/delete_image_policy.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_image_repository.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_image_update.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_kustomization.go
function init (line 39) | func init() {
FILE: cmd/flux/delete_receiver.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_source.go
function init (line 29) | func init() {
FILE: cmd/flux/delete_source_bucket.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_source_chart.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_source_git.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_source_helm.go
function init (line 38) | func init() {
FILE: cmd/flux/delete_source_oci.go
function init (line 38) | func init() {
FILE: cmd/flux/diff.go
function init (line 29) | func init() {
FILE: cmd/flux/diff_artifact.go
type diffArtifactFlags (line 41) | type diffArtifactFlags struct
function newDiffArtifactArgs (line 51) | func newDiffArtifactArgs() diffArtifactFlags {
function init (line 57) | func init() {
function diffArtifactCmdRun (line 66) | func diffArtifactCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/diff_artifact_test.go
function setupRegistryServer (line 38) | func setupRegistryServer(ctx context.Context) error {
function TestDiffArtifact (line 61) | func TestDiffArtifact(t *testing.T) {
FILE: cmd/flux/diff_kustomization.go
type diffKsFlags (line 57) | type diffKsFlags struct
function init (line 69) | func init() {
function diffKsCmdRun (line 81) | func diffKsCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/diff_kustomization_test.go
function TestDiffKustomization (line 34) | func TestDiffKustomization(t *testing.T) {
function createObjectFromFile (line 141) | func createObjectFromFile(objectFile string, templateValues map[string]s...
FILE: cmd/flux/docgen.go
constant fmTemplate (line 29) | fmTemplate = `---
function init (line 45) | func init() {
function docgenCmdRun (line 51) | func docgenCmdRun(cmd *cobra.Command, args []string) error {
function frontmatterPrepender (line 59) | func frontmatterPrepender(filename string) string {
function linkHandler (line 66) | func linkHandler(name string) string {
FILE: cmd/flux/envsubst.go
type envsubstFlags (line 44) | type envsubstFlags struct
function init (line 50) | func init() {
function runEnvsubstCmd (line 56) | func runEnvsubstCmd(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/envsubst_test.go
function TestEnvsubst (line 27) | func TestEnvsubst(t *testing.T) {
function TestEnvsubst_Strinct (line 42) | func TestEnvsubst_Strinct(t *testing.T) {
FILE: cmd/flux/events.go
type eventFlags (line 76) | type eventFlags struct
function init (line 85) | func init() {
function eventsCmdRun (line 96) | func eventsCmdRun(cmd *cobra.Command, args []string) error {
function getRows (line 172) | func getRows(ctx context.Context, kubeclient client.Client, clientListOp...
function addEventsToList (line 197) | func addEventsToList(ctx context.Context, kubeclient client.Client, el *...
function getListOpt (line 216) | func getListOpt(kind, name string) client.ListOption {
function eventsCmdWatchRun (line 229) | func eventsCmdWatchRun(ctx context.Context, kubeclient client.WithWatch,...
function receiveEventChan (line 275) | func receiveEventChan(ctx context.Context, eventWatch watch.Interface, f...
function getHeaders (line 293) | func getHeaders(showNs bool) []string {
function getEventRow (line 302) | func getEventRow(e corev1.Event, showNs bool) []string {
function getObjectRef (line 315) | func getObjectRef(ctx context.Context, kubeclient client.Client, ref ref...
type refMap (line 380) | type refMap
method getRefInfo (line 382) | func (r refMap) getRefInfo(kind string) (refInfo, error) {
method hasKind (line 391) | func (r refMap) hasKind(kind string) bool {
function validateEventTypes (line 399) | func validateEventTypes(eventTypes []string) error {
type refInfo (line 409) | type refInfo struct
function ignoreEvent (line 464) | func ignoreEvent(e corev1.Event) bool {
function getKindNameFromSelector (line 479) | func getKindNameFromSelector(selector string) (string, string) {
type SortableEvents (line 494) | type SortableEvents
method Len (line 496) | func (list SortableEvents) Len() int {
method Swap (line 500) | func (list SortableEvents) Swap(i, j int) {
method Less (line 516) | func (list SortableEvents) Less(i, j int) bool {
function eventTime (line 506) | func eventTime(event corev1.Event) time.Time {
function getLastSeen (line 520) | func getLastSeen(e corev1.Event) string {
function translateMicroTimestampSince (line 539) | func translateMicroTimestampSince(timestamp metav1.MicroTime) string {
function translateTimestampSince (line 549) | func translateTimestampSince(timestamp metav1.Time) string {
FILE: cmd/flux/events_test.go
function Test_getObjectRef (line 163) | func Test_getObjectRef(t *testing.T) {
function Test_getRows (line 247) | func Test_getRows(t *testing.T) {
function getTestListOpt (line 396) | func getTestListOpt(kind, name string) client.ListOption {
function createEvent (line 406) | func createEvent(obj client.Object, eventType, msg, reason string) corev...
type paginatedClient (line 427) | type paginatedClient struct
method List (line 432) | func (c *paginatedClient) List(ctx context.Context, list client.Object...
function Test_addEventsToList_pagination (line 493) | func Test_addEventsToList_pagination(t *testing.T) {
function kindNameIndexer (line 526) | func kindNameIndexer(obj client.Object) []string {
function kindIndexer (line 535) | func kindIndexer(obj client.Object) []string {
FILE: cmd/flux/export.go
type exportFlags (line 38) | type exportFlags struct
function init (line 44) | func init() {
type exportable (line 52) | type exportable interface
type exportableList (line 59) | type exportableList interface
type exportCommand (line 64) | type exportCommand struct
method run (line 69) | func (export exportCommand) run(cmd *cobra.Command, args []string) err...
function printExport (line 112) | func printExport(export any) error {
function resourceToString (line 122) | func resourceToString(data []byte) string {
FILE: cmd/flux/export_alert.go
function init (line 42) | func init() {
function exportAlert (line 46) | func exportAlert(alert *notificationv1.Alert) interface{} {
method export (line 65) | func (ex alertAdapter) export() interface{} {
method exportItem (line 69) | func (ex alertListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_alertprovider.go
function init (line 42) | func init() {
function exportAlertProvider (line 46) | func exportAlertProvider(alertProvider *notificationv1.Provider) interfa...
method export (line 64) | func (ex alertProviderAdapter) export() interface{} {
method exportItem (line 68) | func (ex alertProviderListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_artifact.go
function init (line 29) | func init() {
FILE: cmd/flux/export_artifact_generator.go
function init (line 42) | func init() {
function exportArtifactGenerator (line 48) | func exportArtifactGenerator(item *swapi.ArtifactGenerator) interface{} {
method export (line 66) | func (ex artifactGeneratorAdapter) export() interface{} {
method exportItem (line 70) | func (ex artifactGeneratorListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_helmrelease.go
function init (line 43) | func init() {
function exportHelmRelease (line 47) | func exportHelmRelease(helmRelease *helmv2.HelmRelease) interface{} {
method export (line 65) | func (ex helmReleaseAdapter) export() interface{} {
method exportItem (line 69) | func (ex helmReleaseListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_image.go
function init (line 29) | func init() {
FILE: cmd/flux/export_image_policy.go
function init (line 42) | func init() {
function exportImagePolicy (line 48) | func exportImagePolicy(item *imagev1.ImagePolicy) interface{} {
method export (line 66) | func (ex imagePolicyAdapter) export() interface{} {
method exportItem (line 70) | func (ex imagePolicyListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_image_repository.go
function init (line 42) | func init() {
function exportImageRepository (line 46) | func exportImageRepository(repo *imagev1.ImageRepository) interface{} {
method export (line 64) | func (ex imageRepositoryAdapter) export() interface{} {
method exportItem (line 68) | func (ex imageRepositoryListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_image_update.go
function init (line 42) | func init() {
function exportImageUpdate (line 48) | func exportImageUpdate(item *autov1.ImageUpdateAutomation) interface{} {
method export (line 66) | func (ex imageUpdateAutomationAdapter) export() interface{} {
method exportItem (line 70) | func (ex imageUpdateAutomationListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_kustomization.go
function init (line 43) | func init() {
function exportKs (line 47) | func exportKs(kustomization *kustomizev1.Kustomization) interface{} {
method export (line 66) | func (ex kustomizationAdapter) export() interface{} {
method exportItem (line 70) | func (ex kustomizationListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_receiver.go
function init (line 42) | func init() {
function exportReceiver (line 46) | func exportReceiver(receiver *notificationv1.Receiver) interface{} {
method export (line 65) | func (ex receiverAdapter) export() interface{} {
method exportItem (line 69) | func (ex receiverListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_secret.go
type exportableWithSecret (line 34) | type exportableWithSecret interface
type exportableWithSecretList (line 42) | type exportableWithSecretList interface
type exportWithSecretCommand (line 48) | type exportWithSecretCommand struct
method run (line 53) | func (export exportWithSecretCommand) run(cmd *cobra.Command, args []s...
function printSecretCredentials (line 114) | func printSecretCredentials(ctx context.Context, kubeClient client.Clien...
FILE: cmd/flux/export_source.go
function init (line 33) | func init() {
FILE: cmd/flux/export_source_bucket.go
function init (line 43) | func init() {
function exportBucket (line 47) | func exportBucket(source *sourcev1.Bucket) interface{} {
function getBucketSecret (line 65) | func getBucketSecret(source *sourcev1.Bucket) *types.NamespacedName {
method secret (line 78) | func (ex bucketAdapter) secret() *types.NamespacedName {
method secretItem (line 82) | func (ex bucketListAdapter) secretItem(i int) *types.NamespacedName {
method export (line 86) | func (ex bucketAdapter) export() interface{} {
method exportItem (line 90) | func (ex bucketListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_source_chart.go
function init (line 39) | func init() {
function exportHelmChart (line 43) | func exportHelmChart(source *sourcev1.HelmChart) interface{} {
method export (line 61) | func (ex helmChartAdapter) export() interface{} {
method exportItem (line 65) | func (ex helmChartListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_source_external.go
function init (line 43) | func init() {
function exportExternalArtifact (line 47) | func exportExternalArtifact(source *sourcev1.ExternalArtifact) any {
function getExternalArtifactSecret (line 65) | func getExternalArtifactSecret(source *sourcev1.ExternalArtifact) *types...
method secret (line 70) | func (ex externalArtifactAdapter) secret() *types.NamespacedName {
method secretItem (line 74) | func (ex externalArtifactListAdapter) secretItem(i int) *types.Namespace...
method export (line 78) | func (ex externalArtifactAdapter) export() any {
method exportItem (line 82) | func (ex externalArtifactListAdapter) exportItem(i int) any {
FILE: cmd/flux/export_source_git.go
function init (line 43) | func init() {
function exportGit (line 47) | func exportGit(source *sourcev1.GitRepository) interface{} {
function getGitSecret (line 66) | func getGitSecret(source *sourcev1.GitRepository) *types.NamespacedName {
method secret (line 78) | func (ex gitRepositoryAdapter) secret() *types.NamespacedName {
method secretItem (line 82) | func (ex gitRepositoryListAdapter) secretItem(i int) *types.NamespacedNa...
method export (line 86) | func (ex gitRepositoryAdapter) export() interface{} {
method exportItem (line 90) | func (ex gitRepositoryListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_source_helm.go
function init (line 43) | func init() {
function exportHelmRepository (line 47) | func exportHelmRepository(source *sourcev1.HelmRepository) interface{} {
function getHelmSecret (line 65) | func getHelmSecret(source *sourcev1.HelmRepository) *types.NamespacedName {
method secret (line 76) | func (ex helmRepositoryAdapter) secret() *types.NamespacedName {
method secretItem (line 80) | func (ex helmRepositoryListAdapter) secretItem(i int) *types.NamespacedN...
method export (line 84) | func (ex helmRepositoryAdapter) export() interface{} {
method exportItem (line 88) | func (ex helmRepositoryListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_source_oci.go
function init (line 43) | func init() {
function exportOCIRepository (line 47) | func exportOCIRepository(source *sourcev1.OCIRepository) interface{} {
function getOCIRepositorySecret (line 65) | func getOCIRepositorySecret(source *sourcev1.OCIRepository) *types.Names...
method secret (line 78) | func (ex ociRepositoryAdapter) secret() *types.NamespacedName {
method secretItem (line 82) | func (ex ociRepositoryListAdapter) secretItem(i int) *types.NamespacedNa...
method export (line 86) | func (ex ociRepositoryAdapter) export() interface{} {
method exportItem (line 90) | func (ex ociRepositoryListAdapter) exportItem(i int) interface{} {
FILE: cmd/flux/export_test.go
function TestExport (line 26) | func TestExport(t *testing.T) {
FILE: cmd/flux/get.go
type deriveType (line 39) | type deriveType
type typeMap (line 41) | type typeMap
method registerCommand (line 43) | func (m typeMap) registerCommand(t string, f deriveType) error {
method execute (line 51) | func (m typeMap) execute(t string, obj runtime.Object) (summarisable, ...
type GetFlags (line 65) | type GetFlags struct
function init (line 75) | func init() {
type summarisable (line 87) | type summarisable interface
function statusAndMessage (line 96) | func statusAndMessage(conditions []metav1.Condition) (string, string) {
function statusMatches (line 103) | func statusMatches(conditionType, conditionStatus string, conditions []m...
function nameColumns (line 117) | func nameColumns(item named, includeNamespace bool, includeKind bool) []...
type getCommand (line 132) | type getCommand struct
method run (line 138) | func (get getCommand) run(cmd *cobra.Command, args []string) error {
method watch (line 253) | func (get *getCommand) watch(ctx context.Context, kubeClient client.Wi...
function namespaceNameOrAny (line 223) | func namespaceNameOrAny(allNamespaces bool, namespaceName string) string {
function getRowsToPrint (line 230) | func getRowsToPrint(getAll bool, list summarisable) ([][]string, error) {
function watchUntil (line 267) | func watchUntil(ctx context.Context, w watch.Interface, get *getCommand)...
function validateWatchOption (line 303) | func validateWatchOption(cmd *cobra.Command, toMatch string) error {
FILE: cmd/flux/get_alert.go
function init (line 75) | func init() {
method summariseItem (line 79) | func (s alertListAdapter) summariseItem(i int, includeNamespace bool, in...
method headers (line 86) | func (s alertListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 94) | func (s alertListAdapter) statusSelectorMatches(i int, conditionType, co...
FILE: cmd/flux/get_alertprovider.go
function init (line 72) | func init() {
method summariseItem (line 76) | func (s alertProviderListAdapter) summariseItem(i int, includeNamespace ...
method headers (line 82) | func (s alertProviderListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 90) | func (s alertProviderListAdapter) statusSelectorMatches(i int, condition...
FILE: cmd/flux/get_all.go
function logError (line 88) | func logError(err error) {
function init (line 94) | func init() {
FILE: cmd/flux/get_artifact.go
function init (line 30) | func init() {
FILE: cmd/flux/get_artifact_generator.go
function init (line 71) | func init() {
method summariseItem (line 75) | func (s artifactGeneratorListAdapter) summariseItem(i int, includeNamesp...
method headers (line 82) | func (s artifactGeneratorListAdapter) headers(includeNamespace bool) []s...
method statusSelectorMatches (line 90) | func (s artifactGeneratorListAdapter) statusSelectorMatches(i int, condi...
FILE: cmd/flux/get_helmrelease.go
function init (line 71) | func init() {
function getHelmReleaseRevision (line 75) | func getHelmReleaseRevision(helmRelease helmv2.HelmRelease) string {
method summariseItem (line 82) | func (a helmReleaseListAdapter) summariseItem(i int, includeNamespace bo...
method headers (line 90) | func (a helmReleaseListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 98) | func (a helmReleaseListAdapter) statusSelectorMatches(i int, conditionTy...
FILE: cmd/flux/get_image.go
function init (line 30) | func init() {
FILE: cmd/flux/get_image_all.go
function init (line 66) | func init() {
FILE: cmd/flux/get_image_policy.go
function init (line 70) | func init() {
method summariseItem (line 74) | func (s imagePolicyListAdapter) summariseItem(i int, includeNamespace bo...
method headers (line 85) | func (s imagePolicyListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 93) | func (s imagePolicyListAdapter) statusSelectorMatches(i int, conditionTy...
FILE: cmd/flux/get_image_repository.go
function init (line 74) | func init() {
method summariseItem (line 78) | func (s imageRepositoryListAdapter) summariseItem(i int, includeNamespac...
method headers (line 89) | func (s imageRepositoryListAdapter) headers(includeNamespace bool) []str...
method statusSelectorMatches (line 97) | func (s imageRepositoryListAdapter) statusSelectorMatches(i int, conditi...
FILE: cmd/flux/get_image_update.go
function init (line 74) | func init() {
method summariseItem (line 78) | func (s imageUpdateAutomationListAdapter) summariseItem(i int, includeNa...
method headers (line 89) | func (s imageUpdateAutomationListAdapter) headers(includeNamespace bool)...
method statusSelectorMatches (line 97) | func (s imageUpdateAutomationListAdapter) statusSelectorMatches(i int, c...
FILE: cmd/flux/get_kustomization.go
function init (line 76) | func init() {
method summariseItem (line 80) | func (a kustomizationListAdapter) summariseItem(i int, includeNamespace ...
method headers (line 90) | func (a kustomizationListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 98) | func (a kustomizationListAdapter) statusSelectorMatches(i int, condition...
FILE: cmd/flux/get_receiver.go
function init (line 71) | func init() {
method summariseItem (line 75) | func (s receiverListAdapter) summariseItem(i int, includeNamespace bool,...
method headers (line 82) | func (s receiverListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 90) | func (s receiverListAdapter) statusSelectorMatches(i int, conditionType,...
FILE: cmd/flux/get_source.go
function init (line 30) | func init() {
FILE: cmd/flux/get_source_all.go
function init (line 80) | func init() {
FILE: cmd/flux/get_source_bucket.go
function init (line 75) | func init() {
method summariseItem (line 79) | func (a *bucketListAdapter) summariseItem(i int, includeNamespace bool, ...
method headers (line 92) | func (a bucketListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 100) | func (a bucketListAdapter) statusSelectorMatches(i int, conditionType, c...
FILE: cmd/flux/get_source_chart.go
function init (line 75) | func init() {
method summariseItem (line 79) | func (a *helmChartListAdapter) summariseItem(i int, includeNamespace boo...
method headers (line 93) | func (a helmChartListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 101) | func (a helmChartListAdapter) statusSelectorMatches(i int, conditionType...
FILE: cmd/flux/get_source_external.go
function init (line 72) | func init() {
method summariseItem (line 76) | func (a *externalArtifactListAdapter) summariseItem(i int, includeNamesp...
method headers (line 97) | func (a externalArtifactListAdapter) headers(includeNamespace bool) []st...
method statusSelectorMatches (line 105) | func (a externalArtifactListAdapter) statusSelectorMatches(i int, condit...
FILE: cmd/flux/get_source_git.go
function init (line 75) | func init() {
method summariseItem (line 79) | func (a *gitRepositoryListAdapter) summariseItem(i int, includeNamespace...
method headers (line 92) | func (a gitRepositoryListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 100) | func (a gitRepositoryListAdapter) statusSelectorMatches(i int, condition...
FILE: cmd/flux/get_source_helm.go
function init (line 76) | func init() {
method summariseItem (line 80) | func (a *helmRepositoryListAdapter) summariseItem(i int, includeNamespac...
method headers (line 98) | func (a helmRepositoryListAdapter) headers(includeNamespace bool) []stri...
method statusSelectorMatches (line 106) | func (a helmRepositoryListAdapter) statusSelectorMatches(i int, conditio...
FILE: cmd/flux/get_source_oci.go
function init (line 75) | func init() {
method summariseItem (line 79) | func (a *ociRepositoryListAdapter) summariseItem(i int, includeNamespace...
method headers (line 92) | func (a ociRepositoryListAdapter) headers(includeNamespace bool) []string {
method statusSelectorMatches (line 100) | func (a ociRepositoryListAdapter) statusSelectorMatches(i int, condition...
FILE: cmd/flux/get_test.go
function Test_GetCmd (line 27) | func Test_GetCmd(t *testing.T) {
function Test_GetCmdErrors (line 66) | func Test_GetCmdErrors(t *testing.T) {
function Test_GetCmdSuccess (line 100) | func Test_GetCmdSuccess(t *testing.T) {
FILE: cmd/flux/helmrelease.go
type helmReleaseAdapter (line 33) | type helmReleaseAdapter struct
method asClientObject (line 37) | func (h helmReleaseAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 41) | func (h helmReleaseAdapter) deepCopyClientObject() client.Object {
type helmReleaseListAdapter (line 47) | type helmReleaseListAdapter struct
method asClientList (line 51) | func (h helmReleaseListAdapter) asClientList() client.ObjectList {
method len (line 55) | func (h helmReleaseListAdapter) len() int {
FILE: cmd/flux/helmrelease_test.go
function TestHelmReleaseFromGit (line 24) | func TestHelmReleaseFromGit(t *testing.T) {
FILE: cmd/flux/image.go
type imageRepositoryAdapter (line 40) | type imageRepositoryAdapter struct
method asClientObject (line 44) | func (a imageRepositoryAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 48) | func (a imageRepositoryAdapter) deepCopyClientObject() client.Object {
type imageRepositoryListAdapter (line 54) | type imageRepositoryListAdapter struct
method asClientList (line 58) | func (a imageRepositoryListAdapter) asClientList() client.ObjectList {
method len (line 62) | func (a imageRepositoryListAdapter) len() int {
type imagePolicyAdapter (line 74) | type imagePolicyAdapter struct
method asClientObject (line 78) | func (a imagePolicyAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 82) | func (a imagePolicyAdapter) deepCopyClientObject() client.Object {
method isStatic (line 86) | func (a imagePolicyAdapter) isStatic() bool {
method lastHandledReconcileRequest (line 90) | func (a imagePolicyAdapter) lastHandledReconcileRequest() string {
method isSuspended (line 94) | func (a imagePolicyAdapter) isSuspended() bool {
method setSuspended (line 98) | func (a imagePolicyAdapter) setSuspended() {
method successMessage (line 102) | func (a imagePolicyAdapter) successMessage() string {
method setUnsuspended (line 106) | func (a imagePolicyAdapter) setUnsuspended() {
method getObservedGeneration (line 128) | func (obj imagePolicyAdapter) getObservedGeneration() int64 {
type imagePolicyListAdapter (line 112) | type imagePolicyListAdapter struct
method asClientList (line 116) | func (a imagePolicyListAdapter) asClientList() client.ObjectList {
method len (line 120) | func (a imagePolicyListAdapter) len() int {
method resumeItem (line 124) | func (a imagePolicyListAdapter) resumeItem(i int) resumable {
method item (line 132) | func (a imagePolicyListAdapter) item(i int) suspendable {
type imageUpdateAutomationAdapter (line 144) | type imageUpdateAutomationAdapter struct
method asClientObject (line 148) | func (a imageUpdateAutomationAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 152) | func (a imageUpdateAutomationAdapter) deepCopyClientObject() client.Ob...
type imageUpdateAutomationListAdapter (line 158) | type imageUpdateAutomationListAdapter struct
method asClientList (line 162) | func (a imageUpdateAutomationListAdapter) asClientList() client.Object...
method len (line 166) | func (a imageUpdateAutomationListAdapter) len() int {
FILE: cmd/flux/image_test.go
function TestImageScanning (line 24) | func TestImageScanning(t *testing.T) {
FILE: cmd/flux/install.go
type installFlags (line 67) | type installFlags struct
function init (line 88) | func init() {
function newInstallFlags (line 118) | func newInstallFlags() installFlags {
function installCmdRun (line 129) | func installCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/install_test.go
function TestInstall (line 31) | func TestInstall(t *testing.T) {
function TestInstall_ComponentsExtra (line 73) | func TestInstall_ComponentsExtra(t *testing.T) {
FILE: cmd/flux/kustomization.go
type kustomizationAdapter (line 33) | type kustomizationAdapter struct
method asClientObject (line 37) | func (a kustomizationAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 41) | func (a kustomizationAdapter) deepCopyClientObject() client.Object {
type kustomizationListAdapter (line 47) | type kustomizationListAdapter struct
method asClientList (line 51) | func (a kustomizationListAdapter) asClientList() client.ObjectList {
method len (line 55) | func (a kustomizationListAdapter) len() int {
FILE: cmd/flux/kustomization_test.go
function TestKustomizationFromGit (line 24) | func TestKustomizationFromGit(t *testing.T) {
FILE: cmd/flux/list.go
function init (line 29) | func init() {
FILE: cmd/flux/list_artifact.go
type listArtifactFlags (line 33) | type listArtifactFlags struct
function newListArtifactFlags (line 43) | func newListArtifactFlags() listArtifactFlags {
function init (line 60) | func init() {
function listArtifactsCmdRun (line 70) | func listArtifactsCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/log.go
type stderrLogger (line 24) | type stderrLogger struct
method Actionf (line 28) | func (l stderrLogger) Actionf(format string, a ...interface{}) {
method Generatef (line 32) | func (l stderrLogger) Generatef(format string, a ...interface{}) {
method Waitingf (line 36) | func (l stderrLogger) Waitingf(format string, a ...interface{}) {
method Successf (line 40) | func (l stderrLogger) Successf(format string, a ...interface{}) {
method Warningf (line 44) | func (l stderrLogger) Warningf(format string, a ...interface{}) {
method Failuref (line 48) | func (l stderrLogger) Failuref(format string, a ...interface{}) {
FILE: cmd/flux/logs.go
type logsFlags (line 68) | type logsFlags struct
constant controllerContainer (line 84) | controllerContainer = "manager"
function init (line 86) | func init() {
function logsCmdRun (line 99) | func logsCmdRun(cmd *cobra.Command, args []string) error {
function getPods (line 170) | func getPods(ctx context.Context, c *kubernetes.Clientset, ns string, la...
function parallelPodLogs (line 210) | func parallelPodLogs(ctx context.Context, requests []rest.ResponseWrappe...
function asyncCopy (line 242) | func asyncCopy(dst io.Writer, src io.Reader) <-chan error {
function podLogs (line 252) | func podLogs(ctx context.Context, requests []rest.ResponseWrapper) error {
function createLabelStringFromMap (line 265) | func createLabelStringFromMap(m map[string]string) string {
function logRequest (line 275) | func logRequest(ctx context.Context, request rest.ResponseWrapper, w io....
function filterPrintLog (line 308) | func filterPrintLog(t *template.Template, l *ControllerLogEntry, w io.Wr...
type ControllerLogEntry (line 320) | type ControllerLogEntry struct
FILE: cmd/flux/logs_e2e_test.go
function TestLogsNoArgs (line 26) | func TestLogsNoArgs(t *testing.T) {
function TestLogsWrongNamespace (line 34) | func TestLogsWrongNamespace(t *testing.T) {
function TestLogsAllNamespaces (line 42) | func TestLogsAllNamespaces(t *testing.T) {
function TestLogsSince (line 50) | func TestLogsSince(t *testing.T) {
function TestLogsSinceInvalid (line 58) | func TestLogsSinceInvalid(t *testing.T) {
function TestLogsSinceTime (line 66) | func TestLogsSinceTime(t *testing.T) {
function TestLogsSinceTimeInvalid (line 74) | func TestLogsSinceTimeInvalid(t *testing.T) {
function TestLogsSinceOnlyOneAllowed (line 82) | func TestLogsSinceOnlyOneAllowed(t *testing.T) {
FILE: cmd/flux/logs_unit_test.go
function TestLogRequest (line 33) | func TestLogRequest(t *testing.T) {
type testResponseMapper (line 125) | type testResponseMapper struct
method DoRaw (line 128) | func (t *testResponseMapper) DoRaw(_ context.Context) ([]byte, error) {
method Stream (line 132) | func (t *testResponseMapper) Stream(_ context.Context) (io.ReadCloser,...
FILE: cmd/flux/main.go
type rootFlags (line 118) | type rootFlags struct
type RequestError (line 126) | type RequestError struct
method Error (line 131) | func (r *RequestError) Error() string {
function init (line 139) | func init() {
function NewRootFlags (line 169) | func NewRootFlags() rootFlags {
function main (line 178) | func main() {
function configureDefaultNamespace (line 206) | func configureDefaultNamespace() {
function readPasswordFromStdin (line 225) | func readPasswordFromStdin(prompt string) (string, error) {
function withPreviewNote (line 246) | func withPreviewNote(desc string) string {
function printlnStdout (line 254) | func printlnStdout(txt string) {
FILE: cmd/flux/main_e2e_test.go
function TestMain (line 34) | func TestMain(m *testing.M) {
function execSetupTestNamespace (line 73) | func execSetupTestNamespace(namespace string) (func(), error) {
FILE: cmd/flux/main_test.go
function allocateNamespace (line 53) | func allocateNamespace(prefix string) string {
function readYamlObjects (line 58) | func readYamlObjects(rdr io.Reader) ([]*unstructured.Unstructured, error) {
type testEnvKubeManager (line 80) | type testEnvKubeManager struct
method CreateObjectFile (line 86) | func (m *testEnvKubeManager) CreateObjectFile(objectFile string, templ...
method CreateObjects (line 105) | func (m *testEnvKubeManager) CreateObjects(clientObjects []*unstructur...
method DeleteObjectFile (line 125) | func (m *testEnvKubeManager) DeleteObjectFile(objectFile string, templ...
method DeleteObjects (line 144) | func (m *testEnvKubeManager) DeleteObjects(clientObjects []*unstructur...
method Stop (line 155) | func (m *testEnvKubeManager) Stop() error {
function NewTestEnvKubeManager (line 162) | func NewTestEnvKubeManager(testClusterMode TestClusterMode) (*testEnvKub...
type assertFunc (line 238) | type assertFunc
function assert (line 241) | func assert(fns ...assertFunc) assertFunc {
function assertSuccess (line 253) | func assertSuccess() assertFunc {
function assertError (line 263) | func assertError(expected string) assertFunc {
function assertGoldenValue (line 276) | func assertGoldenValue(expected string) assertFunc {
function assertGoldenFile (line 289) | func assertGoldenFile(goldenFile string) assertFunc {
function assertGoldenTemplateFile (line 295) | func assertGoldenTemplateFile(goldenFile string, templateValues map[stri...
type TestClusterMode (line 331) | type TestClusterMode
constant TestEnvClusterMode (line 334) | TestEnvClusterMode = TestClusterMode(iota + 1)
constant ExistingClusterMode (line 335) | ExistingClusterMode
type cmdTestCase (line 340) | type cmdTestCase struct
method runTestCmd (line 348) | func (cmd *cmdTestCase) runTestCmd(t *testing.T) {
function executeTemplate (line 360) | func executeTemplate(content string, templateValues map[string]string) (...
function executeCommand (line 370) | func executeCommand(cmd string) (string, error) {
function executeCommandWithIn (line 398) | func executeCommandWithIn(cmd string, in io.Reader) (string, error) {
function resetCmdArgs (line 422) | func resetCmdArgs() {
function isChangeError (line 478) | func isChangeError(err error) bool {
FILE: cmd/flux/main_unit_test.go
function TestMain (line 39) | func TestMain(m *testing.M) {
function setupTestNamespace (line 62) | func setupTestNamespace(namespace string, t *testing.T) {
FILE: cmd/flux/manifests.embed.go
function writeEmbeddedManifests (line 30) | func writeEmbeddedManifests(dir string) error {
FILE: cmd/flux/migrate.go
type APIVersions (line 55) | type APIVersions struct
function init (line 185) | func init() {
function runMigrateCmd (line 200) | func runMigrateCmd(*cobra.Command, []string) error {
function migrateCluster (line 207) | func migrateCluster() error {
function migrateFileSystem (line 234) | func migrateFileSystem() error {
type ClusterMigrator (line 270) | type ClusterMigrator struct
method Run (line 283) | func (c *ClusterMigrator) Run(ctx context.Context) error {
method migrateCRD (line 299) | func (c *ClusterMigrator) migrateCRD(ctx context.Context, name string)...
method migrateCR (line 332) | func (c *ClusterMigrator) migrateCR(ctx context.Context, crd *apiexten...
method getStorageVersion (line 392) | func (c *ClusterMigrator) getStorageVersion(crd *apiextensionsv1.Custo...
function NewClusterMigrator (line 276) | func NewClusterMigrator(kubeClient client.Client, labelSelector client.M...
type WritableFS (line 405) | type WritableFS interface
type osFS (line 411) | type osFS struct
method WriteFile (line 415) | func (o *osFS) WriteFile(name string, data []byte, perm os.FileMode) e...
type FileSystemMigrator (line 420) | type FileSystemMigrator struct
method Run (line 456) | func (f *FileSystemMigrator) Run() error {
method listFiles (line 502) | func (f *FileSystemMigrator) listFiles() ([]string, error) {
method listDirectoryFiles (line 516) | func (f *FileSystemMigrator) listDirectoryFiles() ([]string, error) {
method validateSingleFile (line 542) | func (f *FileSystemMigrator) validateSingleFile() error {
method matchesExtensions (line 575) | func (f *FileSystemMigrator) matchesExtensions(file string) bool {
method detectUpgrades (line 584) | func (f *FileSystemMigrator) detectUpgrades(files []string) ([]FileAPI...
method detectFileUpgrades (line 604) | func (f *FileSystemMigrator) detectFileUpgrades(file string) ([]APIUpg...
method printDetectedUpgrades (line 663) | func (f *FileSystemMigrator) printDetectedUpgrades(fileUpgrades *FileA...
method migrateFile (line 674) | func (f *FileSystemMigrator) migrateFile(fileUpgrades *FileAPIUpgrades...
type FileAPIUpgrades (line 430) | type FileAPIUpgrades struct
type APIUpgrade (line 436) | type APIUpgrade struct
function NewFileSystemMigrator (line 444) | func NewFileSystemMigrator(fileSystem WritableFS, yes, dryRun bool, path...
FILE: cmd/flux/migrate_test.go
type writeToMemoryFS (line 29) | type writeToMemoryFS struct
method WriteFile (line 35) | func (m *writeToMemoryFS) WriteFile(name string, data []byte, perm os....
type writtenFile (line 40) | type writtenFile struct
function TestFileSystemMigrator (line 45) | func TestFileSystemMigrator(t *testing.T) {
FILE: cmd/flux/object.go
type apiType (line 29) | type apiType struct
type adapter (line 39) | type adapter interface
type copyable (line 46) | type copyable interface
type listAdapter (line 53) | type listAdapter interface
type universalAdapter (line 60) | type universalAdapter struct
method asClientObject (line 64) | func (c universalAdapter) asClientObject() client.Object {
type named (line 71) | type named interface
function copyName (line 79) | func copyName(target, source named) {
FILE: cmd/flux/oci.go
function loginWithProvider (line 32) | func loginWithProvider(ctx context.Context, url, provider string) (crane...
FILE: cmd/flux/pull.go
function init (line 29) | func init() {
FILE: cmd/flux/pull_artifact.go
type pullArtifactFlags (line 44) | type pullArtifactFlags struct
function newPullArtifactFlags (line 53) | func newPullArtifactFlags() pullArtifactFlags {
function init (line 59) | func init() {
function pullArtifactCmdRun (line 67) | func pullArtifactCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/push.go
function init (line 29) | func init() {
FILE: cmd/flux/push_artifact.go
type pushArtifactFlags (line 105) | type pushArtifactFlags struct
function newPushArtifactFlags (line 121) | func newPushArtifactFlags() pushArtifactFlags {
function init (line 127) | func init() {
function pushArtifactCmdRun (line 144) | func pushArtifactCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/readiness.go
type objectStatusType (line 39) | type objectStatusType
constant objectStatusDynamic (line 42) | objectStatusDynamic objectStatusType = iota
constant objectStatusStatic (line 43) | objectStatusStatic
function isObjectReady (line 50) | func isObjectReady(obj client.Object, statusType objectStatusType) (bool...
function isObjectReadyConditionFunc (line 117) | func isObjectReadyConditionFunc(kubeClient client.Client, namespaceName ...
function isStaticObjectReadyConditionFunc (line 131) | func isStaticObjectReadyConditionFunc(kubeClient client.Client, namespac...
function kstatusCompute (line 143) | func kstatusCompute(obj client.Object) (result *kstatus.Result, err erro...
FILE: cmd/flux/readiness_test.go
function Test_isObjectReady (line 31) | func Test_isObjectReady(t *testing.T) {
FILE: cmd/flux/receiver.go
type receiverAdapter (line 33) | type receiverAdapter struct
method asClientObject (line 37) | func (a receiverAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 41) | func (a receiverAdapter) deepCopyClientObject() client.Object {
type receiverListAdapter (line 47) | type receiverListAdapter struct
method asClientList (line 51) | func (a receiverListAdapter) asClientList() client.ObjectList {
method len (line 55) | func (a receiverListAdapter) len() int {
FILE: cmd/flux/reconcile.go
function init (line 46) | func init() {
type reconcileCommand (line 50) | type reconcileCommand struct
method run (line 81) | func (reconcile reconcileCommand) run(cmd *cobra.Command, args []strin...
type reconcilable (line 55) | type reconcilable interface
function reconcilableConditions (line 69) | func reconcilableConditions(object reconcilable) []metav1.Condition {
function reconciliationHandled (line 139) | func reconciliationHandled(kubeClient client.Client, namespacedName type...
function requestReconciliation (line 166) | func requestReconciliation(ctx context.Context, kubeClient client.Client,
FILE: cmd/flux/reconcile_helmrelease.go
type reconcileHelmReleaseFlags (line 46) | type reconcileHelmReleaseFlags struct
function init (line 54) | func init() {
method lastHandledReconcileRequest (line 61) | func (obj helmReleaseAdapter) lastHandledReconcileRequest() string {
method reconcileSource (line 65) | func (obj helmReleaseAdapter) reconcileSource() bool {
method getSource (line 69) | func (obj helmReleaseAdapter) getSource() (reconcileSource, sourceRefere...
method isStatic (line 119) | func (obj helmReleaseAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_image.go
function init (line 29) | func init() {
FILE: cmd/flux/reconcile_image_policy.go
function init (line 38) | func init() {
FILE: cmd/flux/reconcile_image_repository.go
function init (line 40) | func init() {
method lastHandledReconcileRequest (line 44) | func (obj imageRepositoryAdapter) lastHandledReconcileRequest() string {
method successMessage (line 48) | func (obj imageRepositoryAdapter) successMessage() string {
method isStatic (line 52) | func (obj imageRepositoryAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_image_updateauto.go
function init (line 42) | func init() {
method lastHandledReconcileRequest (line 46) | func (obj imageUpdateAutomationAdapter) lastHandledReconcileRequest() st...
method successMessage (line 50) | func (obj imageUpdateAutomationAdapter) successMessage() string {
method isStatic (line 60) | func (obj imageUpdateAutomationAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_kustomization.go
type reconcileKsFlags (line 44) | type reconcileKsFlags struct
function init (line 50) | func init() {
method lastHandledReconcileRequest (line 56) | func (obj kustomizationAdapter) lastHandledReconcileRequest() string {
method reconcileSource (line 60) | func (obj kustomizationAdapter) reconcileSource() bool {
method getSource (line 64) | func (obj kustomizationAdapter) getSource() (reconcileSource, sourceRefe...
method isStatic (line 91) | func (obj kustomizationAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_receiver.go
function init (line 38) | func init() {
method lastHandledReconcileRequest (line 42) | func (obj receiverAdapter) lastHandledReconcileRequest() string {
method isStatic (line 46) | func (obj receiverAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_source.go
function init (line 29) | func init() {
FILE: cmd/flux/reconcile_source_bucket.go
function init (line 40) | func init() {
method lastHandledReconcileRequest (line 44) | func (obj bucketAdapter) lastHandledReconcileRequest() string {
method successMessage (line 48) | func (obj bucketAdapter) successMessage() string {
method isStatic (line 52) | func (obj bucketAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_source_chart.go
function init (line 41) | func init() {
method lastHandledReconcileRequest (line 46) | func (obj helmChartAdapter) lastHandledReconcileRequest() string {
type reconcileHelmChartFlags (line 50) | type reconcileHelmChartFlags struct
method reconcileSource (line 56) | func (obj helmChartAdapter) reconcileSource() bool {
method getSource (line 60) | func (obj helmChartAdapter) getSource() (reconcileSource, sourceReferenc...
method isStatic (line 87) | func (obj helmChartAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_source_git.go
function init (line 40) | func init() {
method lastHandledReconcileRequest (line 44) | func (obj gitRepositoryAdapter) lastHandledReconcileRequest() string {
method successMessage (line 48) | func (obj gitRepositoryAdapter) successMessage() string {
method isStatic (line 52) | func (obj gitRepositoryAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_source_helm.go
function init (line 42) | func init() {
method lastHandledReconcileRequest (line 46) | func (obj helmRepositoryAdapter) lastHandledReconcileRequest() string {
method successMessage (line 50) | func (obj helmRepositoryAdapter) successMessage() string {
method isStatic (line 64) | func (obj helmRepositoryAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_source_oci.go
function init (line 40) | func init() {
method lastHandledReconcileRequest (line 44) | func (obj ociRepositoryAdapter) lastHandledReconcileRequest() string {
method successMessage (line 48) | func (obj ociRepositoryAdapter) successMessage() string {
method isStatic (line 52) | func (obj ociRepositoryAdapter) isStatic() bool {
FILE: cmd/flux/reconcile_with_source.go
type sourceReference (line 18) | type sourceReference struct
type reconcileWithSource (line 24) | type reconcileWithSource interface
type reconcileSource (line 31) | type reconcileSource interface
type reconcileWithSourceCommand (line 35) | type reconcileWithSourceCommand struct
method run (line 41) | func (reconcile reconcileWithSourceCommand) run(cmd *cobra.Command, ar...
FILE: cmd/flux/resume.go
type ResumeFlags (line 39) | type ResumeFlags struct
function init (line 46) | func init() {
type resumable (line 54) | type resumable interface
type resumeCommand (line 63) | type resumeCommand struct
method run (line 81) | func (resume resumeCommand) run(cmd *cobra.Command, args []string) err...
method getPatchedResumables (line 145) | func (resume *resumeCommand) getPatchedResumables(ctx context.Context,...
method patch (line 183) | func (resume resumeCommand) patch(ctx context.Context, args []string, ...
method reconcile (line 219) | func (resume resumeCommand) reconcile(ctx context.Context, res resumab...
method printMessage (line 250) | func (resume resumeCommand) printMessage(responses []reconcileResponse) {
type listResumable (line 71) | type listResumable interface
type reconcileResponse (line 76) | type reconcileResponse struct
FILE: cmd/flux/resume_alert.go
function init (line 42) | func init() {
method getObservedGeneration (line 46) | func (obj alertAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 50) | func (obj alertAdapter) setUnsuspended() {
method successMessage (line 54) | func (obj alertAdapter) successMessage() string {
method isStatic (line 58) | func (a alertAdapter) isStatic() bool {
method resumeItem (line 62) | func (a alertListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_alertprovider.go
function init (line 42) | func init() {
method getObservedGeneration (line 46) | func (obj alertProviderAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 50) | func (obj alertProviderAdapter) setUnsuspended() {
method successMessage (line 54) | func (obj alertProviderAdapter) successMessage() string {
method isStatic (line 58) | func (a alertProviderAdapter) isStatic() bool {
method resumeItem (line 62) | func (a alertProviderListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_helmrelease.go
function init (line 45) | func init() {
method getObservedGeneration (line 49) | func (obj helmReleaseAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 53) | func (obj helmReleaseAdapter) setUnsuspended() {
method successMessage (line 57) | func (obj helmReleaseAdapter) successMessage() string {
method resumeItem (line 61) | func (a helmReleaseListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_image.go
function init (line 29) | func init() {
FILE: cmd/flux/resume_image_policy.go
function init (line 38) | func init() {
FILE: cmd/flux/resume_image_repository.go
function init (line 41) | func init() {
method getObservedGeneration (line 45) | func (obj imageRepositoryAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 49) | func (obj imageRepositoryAdapter) setUnsuspended() {
method resumeItem (line 53) | func (a imageRepositoryListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_image_updateauto.go
function init (line 41) | func init() {
method setUnsuspended (line 45) | func (obj imageUpdateAutomationAdapter) setUnsuspended() {
method getObservedGeneration (line 49) | func (obj imageUpdateAutomationAdapter) getObservedGeneration() int64 {
method resumeItem (line 53) | func (a imageUpdateAutomationListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_kustomization.go
function init (line 45) | func init() {
method getObservedGeneration (line 49) | func (obj kustomizationAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 53) | func (obj kustomizationAdapter) setUnsuspended() {
method successMessage (line 57) | func (obj kustomizationAdapter) successMessage() string {
method resumeItem (line 61) | func (a kustomizationListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_receiver.go
function init (line 42) | func init() {
method getObservedGeneration (line 46) | func (obj receiverAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 50) | func (obj receiverAdapter) setUnsuspended() {
method successMessage (line 54) | func (obj receiverAdapter) successMessage() string {
method resumeItem (line 58) | func (a receiverListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_source.go
function init (line 29) | func init() {
FILE: cmd/flux/resume_source_bucket.go
function init (line 41) | func init() {
method getObservedGeneration (line 45) | func (obj bucketAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 49) | func (obj bucketAdapter) setUnsuspended() {
method resumeItem (line 53) | func (a bucketListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_source_chart.go
function init (line 43) | func init() {
method getObservedGeneration (line 47) | func (obj helmChartAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 51) | func (obj helmChartAdapter) setUnsuspended() {
method successMessage (line 55) | func (obj helmChartAdapter) successMessage() string {
method resumeItem (line 59) | func (a helmChartListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_source_git.go
function init (line 41) | func init() {
method getObservedGeneration (line 45) | func (obj gitRepositoryAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 49) | func (obj gitRepositoryAdapter) setUnsuspended() {
method resumeItem (line 53) | func (a gitRepositoryListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_source_helm.go
function init (line 41) | func init() {
method getObservedGeneration (line 45) | func (obj helmRepositoryAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 49) | func (obj helmRepositoryAdapter) setUnsuspended() {
method resumeItem (line 53) | func (a helmRepositoryListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/resume_source_oci.go
function init (line 41) | func init() {
method getObservedGeneration (line 45) | func (obj ociRepositoryAdapter) getObservedGeneration() int64 {
method setUnsuspended (line 49) | func (obj ociRepositoryAdapter) setUnsuspended() {
method resumeItem (line 53) | func (a ociRepositoryListAdapter) resumeItem(i int) resumable {
FILE: cmd/flux/source.go
type ociRepositoryAdapter (line 37) | type ociRepositoryAdapter struct
method asClientObject (line 41) | func (a ociRepositoryAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 45) | func (a ociRepositoryAdapter) deepCopyClientObject() client.Object {
type ociRepositoryListAdapter (line 51) | type ociRepositoryListAdapter struct
method asClientList (line 55) | func (a ociRepositoryListAdapter) asClientList() client.ObjectList {
method len (line 59) | func (a ociRepositoryListAdapter) len() int {
type bucketAdapter (line 71) | type bucketAdapter struct
method asClientObject (line 75) | func (a bucketAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 79) | func (a bucketAdapter) deepCopyClientObject() client.Object {
type bucketListAdapter (line 85) | type bucketListAdapter struct
method asClientList (line 89) | func (a bucketListAdapter) asClientList() client.ObjectList {
method len (line 93) | func (a bucketListAdapter) len() int {
type helmChartAdapter (line 105) | type helmChartAdapter struct
method asClientObject (line 109) | func (a helmChartAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 113) | func (a helmChartAdapter) deepCopyClientObject() client.Object {
type helmChartListAdapter (line 119) | type helmChartListAdapter struct
method asClientList (line 123) | func (a helmChartListAdapter) asClientList() client.ObjectList {
method len (line 127) | func (a helmChartListAdapter) len() int {
type gitRepositoryAdapter (line 139) | type gitRepositoryAdapter struct
method asClientObject (line 143) | func (a gitRepositoryAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 147) | func (a gitRepositoryAdapter) deepCopyClientObject() client.Object {
type gitRepositoryListAdapter (line 153) | type gitRepositoryListAdapter struct
method asClientList (line 157) | func (a gitRepositoryListAdapter) asClientList() client.ObjectList {
method len (line 161) | func (a gitRepositoryListAdapter) len() int {
type helmRepositoryAdapter (line 173) | type helmRepositoryAdapter struct
method asClientObject (line 177) | func (a helmRepositoryAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 181) | func (a helmRepositoryAdapter) deepCopyClientObject() client.Object {
type helmRepositoryListAdapter (line 187) | type helmRepositoryListAdapter struct
method asClientList (line 191) | func (a helmRepositoryListAdapter) asClientList() client.ObjectList {
method len (line 195) | func (a helmRepositoryListAdapter) len() int {
type externalArtifactAdapter (line 207) | type externalArtifactAdapter struct
method asClientObject (line 211) | func (a externalArtifactAdapter) asClientObject() client.Object {
method deepCopyClientObject (line 215) | func (a externalArtifactAdapter) deepCopyClientObject() client.Object {
type externalArtifactListAdapter (line 221) | type externalArtifactListAdapter struct
method asClientList (line 225) | func (a externalArtifactListAdapter) asClientList() client.ObjectList {
method len (line 229) | func (a externalArtifactListAdapter) len() int {
FILE: cmd/flux/source_oci_test.go
function TestSourceOCI (line 26) | func TestSourceOCI(t *testing.T) {
FILE: cmd/flux/stats.go
type StatsFlags (line 56) | type StatsFlags struct
function init (line 62) | func init() {
function runStatsCmd (line 68) | func runStatsCmd(cmd *cobra.Command, args []string) error {
function formatInt (line 205) | func formatInt(i int) string {
function formatSize (line 209) | func formatSize(b int64) string {
FILE: cmd/flux/status.go
type statusable (line 26) | type statusable interface
type oldConditions (line 34) | type oldConditions interface
function buildComponentObjectRefs (line 39) | func buildComponentObjectRefs(components ...string) ([]object.ObjMetadat...
FILE: cmd/flux/suspend.go
type SuspendFlags (line 36) | type SuspendFlags struct
function init (line 42) | func init() {
type suspendable (line 48) | type suspendable interface
type suspendCommand (line 55) | type suspendCommand struct
method run (line 66) | func (suspend suspendCommand) run(cmd *cobra.Command, args []string) e...
method patch (line 119) | func (suspend suspendCommand) patch(ctx context.Context, kubeClient cl...
type listSuspendable (line 61) | type listSuspendable interface
FILE: cmd/flux/suspend_alert.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj alertAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj alertAdapter) setSuspended() {
method item (line 54) | func (a alertListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_alertprovider.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj alertProviderAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj alertProviderAdapter) setSuspended() {
method item (line 54) | func (a alertProviderListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_helmrelease.go
function init (line 43) | func init() {
method isSuspended (line 47) | func (obj helmReleaseAdapter) isSuspended() bool {
method setSuspended (line 51) | func (obj helmReleaseAdapter) setSuspended() {
method item (line 55) | func (a helmReleaseListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_image.go
function init (line 29) | func init() {
FILE: cmd/flux/suspend_image_policy.go
function init (line 35) | func init() {
FILE: cmd/flux/suspend_image_repository.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj imageRepositoryAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj imageRepositoryAdapter) setSuspended() {
method item (line 54) | func (a imageRepositoryListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_image_updateauto.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (update imageUpdateAutomationAdapter) isSuspended() bool {
method setSuspended (line 50) | func (update imageUpdateAutomationAdapter) setSuspended() {
method item (line 54) | func (a imageUpdateAutomationListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_kustomization.go
function init (line 43) | func init() {
method isSuspended (line 47) | func (obj kustomizationAdapter) isSuspended() bool {
method setSuspended (line 51) | func (obj kustomizationAdapter) setSuspended() {
method item (line 55) | func (a kustomizationListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_receiver.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj receiverAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj receiverAdapter) setSuspended() {
method item (line 54) | func (a receiverListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_source.go
function init (line 29) | func init() {
FILE: cmd/flux/suspend_source_bucket.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj bucketAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj bucketAdapter) setSuspended() {
method item (line 54) | func (a bucketListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_source_chart.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj helmChartAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj helmChartAdapter) setSuspended() {
method item (line 54) | func (a helmChartListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_source_git.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj gitRepositoryAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj gitRepositoryAdapter) setSuspended() {
method item (line 54) | func (a gitRepositoryListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_source_helm.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj helmRepositoryAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj helmRepositoryAdapter) setSuspended() {
method item (line 54) | func (a helmRepositoryListAdapter) item(i int) suspendable {
FILE: cmd/flux/suspend_source_oci.go
function init (line 42) | func init() {
method isSuspended (line 46) | func (obj ociRepositoryAdapter) isSuspended() bool {
method setSuspended (line 50) | func (obj ociRepositoryAdapter) setSuspended() {
method item (line 54) | func (a ociRepositoryListAdapter) item(i int) suspendable {
FILE: cmd/flux/tag.go
function init (line 29) | func init() {
FILE: cmd/flux/tag_artifact.go
type tagArtifactFlags (line 42) | type tagArtifactFlags struct
function newTagArtifactFlags (line 50) | func newTagArtifactFlags() tagArtifactFlags {
function init (line 56) | func init() {
function tagArtifactCmdRun (line 63) | func tagArtifactCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/trace.go
type traceFlags (line 70) | type traceFlags struct
function init (line 77) | func init() {
function traceCmdRun (line 85) | func traceCmdRun(cmd *cobra.Command, args []string) error {
function traceObjects (line 109) | func traceObjects(ctx context.Context, kubeClient client.Client, objects...
function traceObject (line 122) | func traceObject(ctx context.Context, kubeClient client.Client, obj *uns...
function getObjectStatic (line 144) | func getObjectStatic(ctx context.Context, kubeClient client.Client, args...
function getObjectDynamic (line 180) | func getObjectDynamic(args []string) ([]*unstructured.Unstructured, erro...
function traceKustomization (line 216) | func traceKustomization(ctx context.Context, kubeClient client.Client, k...
function traceHelm (line 427) | func traceHelm(ctx context.Context, kubeClient client.Client, hrName typ...
function isManagedByFlux (line 704) | func isManagedByFlux(obj *unstructured.Unstructured, group string) (type...
function isOwnerManagedByFlux (line 724) | func isOwnerManagedByFlux(ctx context.Context, kubeClient client.Client,...
FILE: cmd/flux/trace_test.go
function TestTraceNoArgs (line 27) | func TestTraceNoArgs(t *testing.T) {
function toLocalTime (line 35) | func toLocalTime(t *testing.T, in string) string {
function TestTrace (line 43) | func TestTrace(t *testing.T) {
FILE: cmd/flux/tree.go
function init (line 29) | func init() {
FILE: cmd/flux/tree_artifact.go
function init (line 29) | func init() {
FILE: cmd/flux/tree_artifact_generator.go
type TreeArtifactGeneratorFlags (line 48) | type TreeArtifactGeneratorFlags struct
function init (line 54) | func init() {
function treeArtifactGeneratorCmdRun (line 60) | func treeArtifactGeneratorCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/tree_kustomization.go
type TreeKsFlags (line 61) | type TreeKsFlags struct
function init (line 68) | func init() {
function treeKsCmdRun (line 75) | func treeKsCmdRun(cmd *cobra.Command, args []string) error {
function treeKustomization (line 129) | func treeKustomization(ctx context.Context, tree tree.ObjMetadataTree, i...
type hrStorage (line 196) | type hrStorage struct
function getHelmReleaseInventory (line 201) | func getHelmReleaseInventory(ctx context.Context, objectKey client.Objec...
FILE: cmd/flux/tree_kustomization_test.go
function TestTree (line 26) | func TestTree(t *testing.T) {
FILE: cmd/flux/uninstall.go
type uninstallFlags (line 44) | type uninstallFlags struct
function init (line 52) | func init() {
function uninstallCmdRun (line 63) | func uninstallCmdRun(cmd *cobra.Command, args []string) error {
FILE: cmd/flux/version.go
type versionFlags (line 52) | type versionFlags struct
type versionInfo (line 59) | type versionInfo struct
method toJSON (line 143) | func (info versionInfo) toJSON() ([]byte, error) {
function init (line 65) | func init() {
function versionCmdRun (line 73) | func versionCmdRun(cmd *cobra.Command, args []string) error {
function splitImageStr (line 157) | func splitImageStr(image string) (string, string, error) {
FILE: cmd/flux/version_test.go
function TestSplitImageStr (line 25) | func TestSplitImageStr(t *testing.T) {
FILE: cmd/flux/version_utils.go
function getVersion (line 27) | func getVersion(input string) (string, error) {
function isEmbeddedVersion (line 61) | func isEmbeddedVersion(input string) bool {
FILE: cmd/flux/version_utils_test.go
function TestVersion (line 26) | func TestVersion(t *testing.T) {
function TestVersionCmd (line 34) | func TestVersionCmd(t *testing.T) {
FILE: internal/build/build.go
constant controllerName (line 56) | controllerName = "kustomize-controller"
constant controllerGroup (line 57) | controllerGroup = "kustomize.toolkit.fluxcd.io"
constant mask (line 58) | mask = "**SOPS**"
constant dockercfgSecretType (line 59) | dockercfgSecretType = "kubernetes.io/dockerconfigjson"
constant typeField (line 60) | typeField = "type"
constant dataField (line 61) | dataField = "data"
constant stringDataField (line 62) | stringDataField = "stringData"
constant spinnerDryRunMessage (line 63) | spinnerDryRunMessage = "running dry-run"
type Builder (line 71) | type Builder struct
method resolveKustomization (line 272) | func (b *Builder) resolveKustomization(liveKus *kustomizev1.Kustomizat...
method getKustomization (line 290) | func (b *Builder) getKustomization(ctx context.Context) (*kustomizev1....
method Build (line 308) | func (b *Builder) Build() ([]*unstructured.Unstructured, error) {
method build (line 352) | func (b *Builder) build() (m resmap.ResMap, err error) {
method kustomizationBuild (line 421) | func (b *Builder) kustomizationBuild(k *kustomizev1.Kustomization) ([]...
method kustomizationPath (line 447) | func (b *Builder) kustomizationPath(k *kustomizev1.Kustomization) (str...
method unMarshallKustomization (line 462) | func (b *Builder) unMarshallKustomization() (*kustomizev1.Kustomizatio...
method generate (line 493) | func (b *Builder) generate(kustomization kustomizev1.Kustomization, di...
method do (line 511) | func (b *Builder) do(ctx context.Context, kustomization kustomizev1.Ku...
method setOwnerLabels (line 577) | func (b *Builder) setOwnerLabels(res *resource.Resource) error {
method Cancel (line 732) | func (b *Builder) Cancel() error {
method StartSpinner (line 745) | func (b *Builder) StartSpinner() error {
method StopSpinner (line 758) | func (b *Builder) StopSpinner() error {
type BuilderOptionFunc (line 94) | type BuilderOptionFunc
function WithKustomizationFile (line 97) | func WithKustomizationFile(file string) BuilderOptionFunc {
function WithTimeout (line 105) | func WithTimeout(timeout time.Duration) BuilderOptionFunc {
function WithProgressBar (line 112) | func WithProgressBar() BuilderOptionFunc {
function WithClientConfig (line 135) | func WithClientConfig(rcg *genericclioptions.ConfigFlags, clientOpts *ru...
function WithNamespace (line 154) | func WithNamespace(namespace string) BuilderOptionFunc {
function WithDryRun (line 162) | func WithDryRun(dryRun bool) BuilderOptionFunc {
function WithStrictSubstitute (line 170) | func WithStrictSubstitute(strictSubstitute bool) BuilderOptionFunc {
function WithIgnore (line 178) | func WithIgnore(ignore []string) BuilderOptionFunc {
function WithRecursive (line 186) | func WithRecursive(recursive bool) BuilderOptionFunc {
function WithLocalSources (line 194) | func WithLocalSources(localSources map[string]string) BuilderOptionFunc {
function WithSingleKustomization (line 202) | func WithSingleKustomization() BuilderOptionFunc {
function withClientConfigFrom (line 210) | func withClientConfigFrom(in *Builder) BuilderOptionFunc {
function withSpinnerFrom (line 219) | func withSpinnerFrom(in *Builder) BuilderOptionFunc {
function withKustomization (line 227) | func withKustomization(k *kustomizev1.Kustomization) BuilderOptionFunc {
function NewBuilder (line 245) | func NewBuilder(name, resources string, opts ...BuilderOptionFunc) (*Bui...
function isKustomization (line 555) | func isKustomization(object *unstructured.Unstructured) bool {
function toKustomization (line 560) | func toKustomization(object *unstructured.Unstructured) (*kustomizev1.Ku...
function kustomizationsEqual (line 573) | func kustomizationsEqual(k1 *kustomizev1.Kustomization, k2 *kustomizev1....
function maskSopsData (line 591) | func maskSopsData(res *resource.Resource) error {
function getStringDataMap (line 666) | func getStringDataMap(rn *resource.Resource) map[string]string {
function maskDockerconfigjsonSopsData (line 679) | func maskDockerconfigjsonSopsData(dataMap map[string]string, encode bool...
function maskBase64EncryptedSopsData (line 705) | func maskBase64EncryptedSopsData(dataMap map[string]string, mask string)...
function maskSopsDataInStringDataSecret (line 720) | func maskSopsDataInStringDataSecret(stringDataMap map[string]string, mas...
FILE: internal/build/build_test.go
function TestTrimSopsData (line 34) | func TestTrimSopsData(t *testing.T) {
function Test_unMarshallKustomization (line 168) | func Test_unMarshallKustomization(t *testing.T) {
function Test_ResolveKustomization (line 241) | func Test_ResolveKustomization(t *testing.T) {
function Test_isKustomization (line 376) | func Test_isKustomization(t *testing.T) {
function Test_kustomizationsEqual (line 434) | func Test_kustomizationsEqual(t *testing.T) {
function Test_kustomizationPath (line 517) | func Test_kustomizationPath(t *testing.T) {
FILE: internal/build/diff.go
method Manager (line 50) | func (b *Builder) Manager() (*ssa.ResourceManager, error) {
method Diff (line 60) | func (b *Builder) Diff() (string, bool, error) {
method diff (line 76) | func (b *Builder) diff() (string, bool, error) {
method kustomizationDiff (line 205) | func (b *Builder) kustomizationDiff(kustomization *kustomizev1.Kustomiza...
function writeYamls (line 241) | func writeYamls(liveObject, mergedObject *unstructured.Unstructured) (st...
function writeString (line 262) | func writeString(t string, color colorful.Color) string {
function cleanupDir (line 270) | func cleanupDir(dir string) error {
function diff (line 274) | func diff(liveFile, mergedFile string, output io.Writer) error {
function diffSopsSecret (line 295) | func diffSopsSecret(obj, liveObject, mergedObject *unstructured.Unstruct...
function applySopsDiff (line 304) | func applySopsDiff(data map[string]interface{}, liveObject, mergedObject...
function sopsComparableByKeys (line 323) | func sopsComparableByKeys(object *unstructured.Unstructured) []string {
function diffInventory (line 342) | func diffInventory(inv *kustomizev1.ResourceInventory, target *kustomize...
function listMetaInInventory (line 385) | func listMetaInInventory(inv *kustomizev1.ResourceInventory) (object.Obj...
function newInventory (line 398) | func newInventory() *kustomizev1.ResourceInventory {
function addObjectsToInventory (line 405) | func addObjectsToInventory(inv *kustomizev1.ResourceInventory, entry *ss...
FILE: internal/flags/crds.go
type CRDsPolicy (line 34) | type CRDsPolicy
method String (line 36) | func (a *CRDsPolicy) String() string {
method Set (line 40) | func (a *CRDsPolicy) Set(str string) error {
method Type (line 54) | func (a *CRDsPolicy) Type() string {
method Description (line 58) | func (a *CRDsPolicy) Description() string {
FILE: internal/flags/crds_test.go
function TestCRDsPolicy_Set (line 26) | func TestCRDsPolicy_Set(t *testing.T) {
FILE: internal/flags/decryption_provider.go
type DecryptionProvider (line 28) | type DecryptionProvider
method String (line 30) | func (d *DecryptionProvider) String() string {
method Set (line 34) | func (d *DecryptionProvider) Set(str string) error {
method Type (line 48) | func (d *DecryptionProvider) Type() string {
method Description (line 52) | func (d *DecryptionProvider) Description() string {
FILE: internal/flags/decryption_provider_test.go
function TestDecryptionProvider_Set (line 26) | func TestDecryptionProvider_Set(t *testing.T) {
FILE: internal/flags/ecdsa_curve.go
type ECDSACurve (line 26) | type ECDSACurve struct
method String (line 36) | func (c *ECDSACurve) String() string {
method Set (line 43) | func (c *ECDSACurve) Set(str string) error {
method Type (line 51) | func (c *ECDSACurve) Type() string {
method Description (line 60) | func (c *ECDSACurve) Description() string {
function ecdsaCurves (line 64) | func ecdsaCurves() []string {
FILE: internal/flags/ecdsa_curve_test.go
function TestECDSACurve_Set (line 26) | func TestECDSACurve_Set(t *testing.T) {
FILE: internal/flags/gitlab_visibility.go
function ValidateRepositoryVisibility (line 34) | func ValidateRepositoryVisibility(r gitprovider.RepositoryVisibility) er...
type GitLabVisibility (line 42) | type GitLabVisibility
method String (line 44) | func (d *GitLabVisibility) String() string {
method Set (line 48) | func (d *GitLabVisibility) Set(str string) error {
method Type (line 60) | func (d *GitLabVisibility) Type() string {
method Description (line 68) | func (d *GitLabVisibility) Description() string {
FILE: internal/flags/gitlab_visibility_test.go
function TestGitLabVisibility_Set (line 23) | func TestGitLabVisibility_Set(t *testing.T) {
FILE: internal/flags/helm_chart_source.go
type HelmChartSource (line 30) | type HelmChartSource struct
method String (line 36) | func (s *HelmChartSource) String() string {
method Set (line 43) | func (s *HelmChartSource) Set(str string) error {
method Type (line 66) | func (s *HelmChartSource) Type() string {
method Description (line 70) | func (s *HelmChartSource) Description() string {
FILE: internal/flags/helm_chart_source_test.go
function TestHelmChartSource_Set (line 29) | func TestHelmChartSource_Set(t *testing.T) {
FILE: internal/flags/kustomization_source.go
type KustomizationSource (line 30) | type KustomizationSource struct
method String (line 36) | func (s *KustomizationSource) String() string {
method Set (line 43) | func (s *KustomizationSource) Set(str string) error {
method Type (line 72) | func (s *KustomizationSource) Type() string {
method Description (line 76) | func (s *KustomizationSource) Description() string {
FILE: internal/flags/kustomization_source_test.go
function TestKustomizationSource_Set (line 29) | func TestKustomizationSource_Set(t *testing.T) {
FILE: internal/flags/local_helm_chart_source.go
type LocalHelmChartSource (line 26) | type LocalHelmChartSource struct
method String (line 31) | func (s *LocalHelmChartSource) String() string {
method Set (line 38) | func (s *LocalHelmChartSource) Set(str string) error {
method Type (line 60) | func (s *LocalHelmChartSource) Type() string {
method Description (line 64) | func (s *LocalHelmChartSource) Description() string {
FILE: internal/flags/log_level.go
type LogLevel (line 28) | type LogLevel
method String (line 30) | func (l *LogLevel) String() string {
method Set (line 34) | func (l *LogLevel) Set(str string) error {
method Type (line 48) | func (l *LogLevel) Type() string {
method Description (line 52) | func (l *LogLevel) Description() string {
FILE: internal/flags/log_level_test.go
function TestLogLevel_Set (line 26) | func TestLogLevel_Set(t *testing.T) {
FILE: internal/flags/public_key_algorithm.go
type PublicKeyAlgorithm (line 26) | type PublicKeyAlgorithm
method String (line 28) | func (a *PublicKeyAlgorithm) String() string {
method Set (line 32) | func (a *PublicKeyAlgorithm) Set(str string) error {
method Type (line 47) | func (a *PublicKeyAlgorithm) Type() string {
method Description (line 51) | func (a *PublicKeyAlgorithm) Description() string {
FILE: internal/flags/public_key_algorithm_test.go
function TestPublicKeyAlgorithm_Set (line 26) | func TestPublicKeyAlgorithm_Set(t *testing.T) {
FILE: internal/flags/rsa_key_bits.go
type RSAKeyBits (line 27) | type RSAKeyBits
method String (line 29) | func (b *RSAKeyBits) String() string {
method Set (line 33) | func (b *RSAKeyBits) Set(str string) error {
method Type (line 52) | func (b *RSAKeyBits) Type() string {
method Description (line 56) | func (b *RSAKeyBits) Description() string {
FILE: internal/flags/rsa_key_bits_test.go
function TestRSAKeyBits_Set (line 26) | func TestRSAKeyBits_Set(t *testing.T) {
FILE: internal/flags/safe_relative_path.go
type SafeRelativePath (line 27) | type SafeRelativePath
method String (line 29) | func (p *SafeRelativePath) String() string {
method ToSlash (line 33) | func (p *SafeRelativePath) ToSlash() string {
method Set (line 37) | func (p *SafeRelativePath) Set(str string) error {
method Type (line 52) | func (p *SafeRelativePath) Type() string {
method Description (line 56) | func (p *SafeRelativePath) Description() string {
FILE: internal/flags/safe_relative_path_test.go
function TestRelativePath_Set (line 26) | func TestRelativePath_Set(t *testing.T) {
FILE: internal/flags/source_bucket_provider.go
type SourceBucketProvider (line 35) | type SourceBucketProvider
method String (line 37) | func (p *SourceBucketProvider) String() string {
method Set (line 41) | func (p *SourceBucketProvider) Set(str string) error {
method Type (line 54) | func (p *SourceBucketProvider) Type() string {
method Description (line 58) | func (p *SourceBucketProvider) Description() string {
FILE: internal/flags/source_bucket_provider_test.go
function TestSourceBucketProvider_Set (line 28) | func TestSourceBucketProvider_Set(t *testing.T) {
FILE: internal/flags/source_git_provider.go
type SourceGitProvider (line 33) | type SourceGitProvider
method String (line 35) | func (p *SourceGitProvider) String() string {
method Set (line 39) | func (p *SourceGitProvider) Set(str string) error {
method Type (line 52) | func (p *SourceGitProvider) Type() string {
method Description (line 56) | func (p *SourceGitProvider) Description() string {
FILE: internal/flags/source_oci_provider.go
type SourceOCIProvider (line 35) | type SourceOCIProvider
method String (line 37) | func (p *SourceOCIProvider) String() string {
method Set (line 41) | func (p *SourceOCIProvider) Set(str string) error {
method Type (line 54) | func (p *SourceOCIProvider) Type() string {
method Description (line 58) | func (p *SourceOCIProvider) Description() string {
FILE: internal/flags/source_oci_verify_provider.go
type SourceOCIVerifyProvider (line 30) | type SourceOCIVerifyProvider
method String (line 32) | func (p *SourceOCIVerifyProvider) String() string {
method Set (line 36) | func (p *SourceOCIVerifyProvider) Set(str string) error {
method Type (line 49) | func (p *SourceOCIVerifyProvider) Type() string {
method Description (line 53) | func (p *SourceOCIVerifyProvider) Description() string {
FILE: internal/flags/source_oci_verify_provider_test.go
function TestSourceOCIVerifyProvider_Set (line 26) | func TestSourceOCIVerifyProvider_Set(t *testing.T) {
FILE: internal/tree/tree.go
constant newLine (line 30) | newLine = "\n"
constant emptySpace (line 31) | emptySpace = " "
constant middleItem (line 32) | middleItem = "├── "
constant continueItem (line 33) | continueItem = "│ "
constant lastItem (line 34) | lastItem = "└── "
type objMetadataTree (line 38) | type objMetadataTree struct
method Add (line 66) | func (t *objMetadataTree) Add(objMetadata object.ObjMetadata) ObjMetad...
method AddTree (line 72) | func (t *objMetadataTree) AddTree(tree ObjMetadataTree) {
method Text (line 76) | func (t *objMetadataTree) Text() string {
method Items (line 80) | func (t *objMetadataTree) Items() []ObjMetadataTree {
method Print (line 84) | func (t *objMetadataTree) Print() string {
type ObjMetadataTree (line 43) | type ObjMetadataTree interface
type printer (line 51) | type printer struct
method Print (line 92) | func (p *printer) Print(t ObjMetadataTree) string {
method printText (line 96) | func (p *printer) printText(text string, spaces []bool, last bool) str...
method printItems (line 130) | func (p *printer) printItems(t []ObjMetadataTree, spaces []bool) string {
type Printer (line 54) | type Printer interface
function New (line 59) | func New(objMetadata object.ObjMetadata) ObjMetadataTree {
function newPrinter (line 88) | func newPrinter() Printer {
FILE: internal/utils/apply.go
function Apply (line 44) | func Apply(ctx context.Context, rcg genericclioptions.RESTClientGetter, ...
function readObjects (line 99) | func readObjects(root, manifestPath string) ([]*unstructured.Unstructure...
function newManager (line 125) | func newManager(rcg genericclioptions.RESTClientGetter, opts *runclient....
function applySet (line 147) | func applySet(ctx context.Context, rcg genericclioptions.RESTClientGette...
function waitForSet (line 156) | func waitForSet(rcg genericclioptions.RESTClientGetter, opts *runclient....
function isRecognizedKustomizationFile (line 164) | func isRecognizedKustomizationFile(path string) bool {
FILE: internal/utils/hex.go
function TruncateHex (line 30) | func TruncateHex(str string) string {
FILE: internal/utils/hex_test.go
function TestTruncateHex (line 25) | func TestTruncateHex(t *testing.T) {
FILE: internal/utils/utils.go
type ExecMode (line 59) | type ExecMode
constant ModeOS (line 62) | ModeOS ExecMode = "os.stderr|stdout"
constant ModeStderrOS (line 63) | ModeStderrOS ExecMode = "os.stderr"
constant ModeCapture (line 64) | ModeCapture ExecMode = "capture.stderr|stdout"
function ExecKubectlCommand (line 67) | func ExecKubectlCommand(ctx context.Context, mode ExecMode, kubeConfigPa...
function KubeConfig (line 109) | func KubeConfig(rcg genericclioptions.RESTClientGetter, opts *runclient....
function NewScheme (line 124) | func NewScheme() *apiruntime.Scheme {
function KubeClient (line 142) | func KubeClient(rcg genericclioptions.RESTClientGetter, opts *runclient....
function SplitKubeConfigPath (line 166) | func SplitKubeConfigPath(path string) []string {
function ContainsItemString (line 177) | func ContainsItemString(s []string, e string) bool {
function ContainsEqualFoldItemString (line 186) | func ContainsEqualFoldItemString(s []string, e string) (string, bool) {
function ParseNamespacedName (line 197) | func ParseNamespacedName(input string) types.NamespacedName {
function ParseObjectKindName (line 212) | func ParseObjectKindName(input string) (kind, name string) {
function ParseObjectKindNameNamespace (line 223) | func ParseObjectKindNameNamespace(input string) (kind, name, namespace s...
function MakeDependsOn (line 234) | func MakeDependsOn(deps []string) []meta.NamespacedObjectReference {
function ValidateComponents (line 254) | func ValidateComponents(components []string) error {
function CompatibleVersion (line 270) | func CompatibleVersion(binary, target string) bool {
function ExtractCRDs (line 286) | func ExtractCRDs(inManifestPath, outManifestPath string) error {
FILE: internal/utils/utils_test.go
function TestCompatibleVersion (line 30) | func TestCompatibleVersion(t *testing.T) {
function TestParseObjectKindNameNamespace (line 53) | func TestParseObjectKindNameNamespace(t *testing.T) {
function TestMakeDependsOn (line 82) | func TestMakeDependsOn(t *testing.T) {
function TestValidateComponents (line 104) | func TestValidateComponents(t *testing.T) {
function TestExtractCRDs (line 124) | func TestExtractCRDs(t *testing.T) {
FILE: pkg/bootstrap/bootstrap.go
type Reconciler (line 56) | type Reconciler interface
type RepositoryReconciler (line 83) | type RepositoryReconciler interface
type ReconcilerWithSyncCheck (line 90) | type ReconcilerWithSyncCheck interface
type PostGenerateSecretFunc (line 96) | type PostGenerateSecretFunc
function Run (line 98) | func Run(ctx context.Context, reconciler Reconciler, manifestsBase string,
function mustInstallManifests (line 140) | func mustInstallManifests(ctx context.Context, kube client.Client, names...
function secretExists (line 152) | func secretExists(ctx context.Context, kube client.Client, objKey client...
function reconcileSecret (line 162) | func reconcileSecret(ctx context.Context, kube client.Client, secret cor...
function reconcileImagePullSecret (line 176) | func reconcileImagePullSecret(ctx context.Context, kube client.Client, i...
function kustomizationPathDiffers (line 196) | func kustomizationPathDiffers(ctx context.Context, kube client.Client, o...
type objectWithConditions (line 217) | type objectWithConditions interface
function objectReconciled (line 222) | func objectReconciled(kube client.Client, objKey client.ObjectKey, clien...
function hasRevision (line 268) | func hasRevision(kind string, obj map[string]interface{}, expectedRev st...
function retry (line 281) | func retry(retries int, wait time.Duration, fn func() error) (err error) {
FILE: pkg/bootstrap/bootstrap_plain_git.go
type PlainGitBootstrapper (line 59) | type PlainGitBootstrapper struct
method ReconcileComponents (line 115) | func (b *PlainGitBootstrapper) ReconcileComponents(ctx context.Context...
method ReconcileSourceSecret (line 222) | func (b *PlainGitBootstrapper) ReconcileSourceSecret(ctx context.Conte...
method ReconcileSyncConfig (line 264) | func (b *PlainGitBootstrapper) ReconcileSyncConfig(ctx context.Context...
method ReportKustomizationHealth (line 404) | func (b *PlainGitBootstrapper) ReportKustomizationHealth(ctx context.C...
method ReportGitRepoHealth (line 436) | func (b *PlainGitBootstrapper) ReportGitRepoHealth(ctx context.Context...
method ReportComponentsHealth (line 468) | func (b *PlainGitBootstrapper) ReportComponentsHealth(ctx context.Cont...
method cleanGitRepoDir (line 500) | func (b *PlainGitBootstrapper) cleanGitRepoDir() error {
type GitOption (line 80) | type GitOption interface
function WithRepositoryURL (line 84) | func WithRepositoryURL(url string) GitOption {
type repositoryURLOption (line 88) | type repositoryURLOption
method applyGit (line 90) | func (o repositoryURLOption) applyGit(b *PlainGitBootstrapper) {
function WithPostGenerateSecretFunc (line 94) | func WithPostGenerateSecretFunc(callback PostGenerateSecretFunc) GitOpti...
type postGenerateSecret (line 98) | type postGenerateSecret
method applyGit (line 100) | func (o postGenerateSecret) applyGit(b *PlainGitBootstrapper) {
function NewPlainGitProvider (line 104) | func NewPlainGitProvider(git repository.Client, kube client.Client, opts...
function getOpenPgpEntity (line 514) | func getOpenPgpEntity(keyRing openpgp.EntityList, passphrase, keyID stri...
FILE: pkg/bootstrap/bootstrap_provider.go
type GitProviderBootstrapper (line 38) | type GitProviderBootstrapper struct
method ReconcileSyncConfig (line 205) | func (b *GitProviderBootstrapper) ReconcileSyncConfig(ctx context.Cont...
method ReconcileSourceSecret (line 229) | func (b *GitProviderBootstrapper) ReconcileSourceSecret(ctx context.Co...
method ReconcileRepository (line 255) | func (b *GitProviderBootstrapper) ReconcileRepository(ctx context.Cont...
method reconcileDeployKey (line 278) | func (b *GitProviderBootstrapper) reconcileDeployKey(ctx context.Conte...
method reconcileDeployToken (line 302) | func (b *GitProviderBootstrapper) reconcileDeployToken(ctx context.Con...
method reconcileOrgRepository (line 335) | func (b *GitProviderBootstrapper) reconcileOrgRepository(ctx context.C...
method reconcileUserRepository (line 411) | func (b *GitProviderBootstrapper) reconcileUserRepository(ctx context....
method getOrganization (line 460) | func (b *GitProviderBootstrapper) getOrganization(ctx context.Context,...
method getCloneURL (line 480) | func (b *GitProviderBootstrapper) getCloneURL(repository gitprovider.U...
function NewGitProviderBootstrapper (line 67) | func NewGitProviderBootstrapper(git repository.Client, provider gitprovi...
type GitProviderOption (line 85) | type GitProviderOption interface
function WithProviderRepository (line 89) | func WithProviderRepository(owner, repositoryName string, personal bool)...
function WithProviderVisibility (line 97) | func WithProviderVisibility(visibility string) GitProviderOption {
type providerRepositoryOption (line 103) | type providerRepositoryOption struct
method applyGitProvider (line 109) | func (o providerRepositoryOption) applyGitProvider(b *GitProviderBoots...
function WithProviderRepositoryConfig (line 115) | func WithProviderRepositoryConfig(description, defaultBranch, visibility...
type providerRepositoryConfigOption (line 123) | type providerRepositoryConfigOption struct
method applyGitProvider (line 129) | func (o providerRepositoryConfigOption) applyGitProvider(b *GitProvide...
function WithProviderTeamPermissions (line 135) | func WithProviderTeamPermissions(teams map[string]string) GitProviderOpt...
type providerRepositoryTeamPermissionsOption (line 139) | type providerRepositoryTeamPermissionsOption
method applyGitProvider (line 141) | func (o providerRepositoryTeamPermissionsOption) applyGitProvider(b *G...
function WithReadWriteKeyPermissions (line 145) | func WithReadWriteKeyPermissions(b bool) GitProviderOption {
type withReadWriteKeyPermissionsOption (line 149) | type withReadWriteKeyPermissionsOption
method applyGitProvider (line 151) | func (o withReadWriteKeyPermissionsOption) applyGitProvider(b *GitProv...
function WithBootstrapTransportType (line 155) | func WithBootstrapTransportType(protocol string) GitProviderOption {
type bootstrapTransportTypeOption (line 159) | type bootstrapTransportTypeOption
method applyGitProvider (line 161) | func (o bootstrapTransportTypeOption) applyGitProvider(b *GitProviderB...
function WithSyncTransportType (line 165) | func WithSyncTransportType(protocol string) GitProviderOption {
type syncProtocolOption (line 169) | type syncProtocolOption
method applyGitProvider (line 171) | func (o syncProtocolOption) applyGitProvider(b *GitProviderBootstrappe...
function WithSSHHostname (line 175) | func WithSSHHostname(hostname string) GitProviderOption {
type sshHostnameOption (line 179) | type sshHostnameOption
method applyGitProvider (line 181) | func (o sshHostnameOption) applyGitProvider(b *GitProviderBootstrapper) {
function WithReconcile (line 185) | func WithReconcile() GitProviderOption {
type reconcileOption (line 189) | type reconcileOption
method applyGitProvider (line 191) | func (o reconcileOption) applyGitProvider(b *GitProviderBootstrapper) {
function WithDeployTokenAuth (line 195) | func WithDeployTokenAuth() GitProviderOption {
type deployTokenAuthOption (line 199) | type deployTokenAuthOption
method applyGitProvider (line 201) | func (o deployTokenAuthOption) applyGitProvider(b *GitProviderBootstra...
function splitSubOrganizationsFromRepositoryName (line 502) | func splitSubOrganizationsFromRepositoryName(name string) ([]string, str...
function buildTeamAccessInfo (line 520) | func buildTeamAccessInfo(m map[string]string, defaultPermissions *gitpro...
function newOrganizationRef (line 547) | func newOrganizationRef(domain, organization string, subOrganizations []...
function newOrgRepositoryRef (line 557) | func newOrgRepositoryRef(organizationRef gitprovider.OrganizationRef, na...
function newUserRef (line 566) | func newUserRef(domain, login string) gitprovider.UserRef {
function newUserRepositoryRef (line 575) | func newUserRepositoryRef(userRef gitprovider.UserRef, name string) gitp...
function newRepositoryInfo (line 584) | func newRepositoryInfo(description, defaultBranch, visibility string) gi...
function newDeployKeyInfo (line 600) | func newDeployKeyInfo(name, publicKey string, readWrite bool) gitprovide...
function deployKeyName (line 611) | func deployKeyName(namespace, secretName, branch, path string) string {
function deployTokenName (line 626) | func deployTokenName(namespace, secretName, branch, path string) string {
function setHostname (line 639) | func setHostname(URL, hostname string) (string, error) {
FILE: pkg/bootstrap/bootstrap_test.go
function Test_hasRevision (line 37) | func Test_hasRevision(t *testing.T) {
function Test_objectReconciled (line 141) | func Test_objectReconciled(t *testing.T) {
FILE: pkg/bootstrap/options.go
type Option (line 32) | type Option interface
function WithBranch (line 37) | func WithBranch(branch string) Option {
type branchOption (line 41) | type branchOption
method applyGit (line 43) | func (o branchOption) applyGit(b *PlainGitBootstrapper) {
method applyGitProvider (line 47) | func (o branchOption) applyGitProvider(b *GitProviderBootstrapper) {
function WithSignature (line 51) | func WithSignature(name, email string) Option {
type signatureOption (line 58) | type signatureOption
method applyGit (line 60) | func (o signatureOption) applyGit(b *PlainGitBootstrapper) {
method applyGitProvider (line 69) | func (o signatureOption) applyGitProvider(b *GitProviderBootstrapper) {
function WithCommitMessageAppendix (line 73) | func WithCommitMessageAppendix(appendix string) Option {
type commitMessageAppendixOption (line 77) | type commitMessageAppendixOption
method applyGit (line 79) | func (o commitMessageAppendixOption) applyGit(b *PlainGitBootstrapper) {
method applyGitProvider (line 83) | func (o commitMessageAppendixOption) applyGitProvider(b *GitProviderBo...
function WithKubeconfig (line 87) | func WithKubeconfig(rcg genericclioptions.RESTClientGetter, opts *runcli...
type kubeconfigOption (line 94) | type kubeconfigOption struct
method applyGit (line 99) | func (o kubeconfigOption) applyGit(b *PlainGitBootstrapper) {
method applyGitProvider (line 104) | func (o kubeconfigOption) applyGitProvider(b *GitProviderBootstrapper) {
function WithLogger (line 108) | func WithLogger(logger log.Logger) Option {
type loggerOption (line 112) | type loggerOption struct
method applyGit (line 116) | func (o loggerOption) applyGit(b *PlainGitBootstrapper) {
method applyGitProvider (line 120) | func (o loggerOption) applyGitProvider(b *GitProviderBootstrapper) {
function WithGitCommitSigning (line 124) | func WithGitCommitSigning(gpgKeyRing openpgp.EntityList, passphrase, key...
type gitCommitSigningOption (line 132) | type gitCommitSigningOption struct
method applyGit (line 138) | func (o gitCommitSigningOption) applyGit(b *PlainGitBootstrapper) {
method applyGitProvider (line 144) | func (o gitCommitSigningOption) applyGitProvider(b *GitProviderBootstr...
function LoadEntityListFromPath (line 148) | func LoadEntityListFromPath(path string) (openpgp.EntityList, error) {
FILE: pkg/bootstrap/provider/factory.go
function BuildGitProvider (line 32) | func BuildGitProvider(config Config) (gitprovider.Client, error) {
FILE: pkg/bootstrap/provider/provider.go
type GitProvider (line 20) | type GitProvider
constant GitProviderGitHub (line 23) | GitProviderGitHub GitProvider = "github"
constant GitProviderGitea (line 24) | GitProviderGitea GitProvider = "gitea"
constant GitProviderGitLab (line 25) | GitProviderGitLab GitProvider = "gitlab"
constant GitProviderStash (line 26) | GitProviderStash GitProvider = "stash"
type Config (line 30) | type Config struct
FILE: pkg/log/log.go
type Logger (line 19) | type Logger interface
FILE: pkg/log/nop.go
type NopLogger (line 19) | type NopLogger struct
method Actionf (line 21) | func (NopLogger) Actionf(format string, a ...interface{}) {}
method Generatef (line 23) | func (NopLogger) Generatef(format string, a ...interface{}) {}
method Waitingf (line 25) | func (NopLogger) Waitingf(format string, a ...interface{}) {}
method Successf (line 27) | func (NopLogger) Successf(format string, a ...interface{}) {}
method Warningf (line 29) | func (NopLogger) Warningf(format string, a ...interface{}) {}
method Failuref (line 31) | func (NopLogger) Failuref(format string, a ...interface{}) {}
FILE: pkg/manifestgen/install/install.go
function Generate (line 40) | func Generate(options Options, manifestsBase string) (*manifestgen.Manif...
function GetLatestVersion (line 93) | func GetLatestVersion() (string, error) {
function ExistingVersion (line 119) | func ExistingVersion(version string) (bool, error) {
function GetGenWarning (line 151) | func GetGenWarning(options Options) string {
FILE: pkg/manifestgen/install/install_test.go
function TestGenerate (line 25) | func TestGenerate(t *testing.T) {
FILE: pkg/manifestgen/install/manifests.go
function fetch (line 37) | func fetch(ctx context.Context, url, version, dir string) error {
function generate (line 68) | func generate(base string, options Options) error {
function build (line 125) | func build(base, output string) error {
FILE: pkg/manifestgen/install/options.go
type Options (line 21) | type Options struct
function MakeDefaultOptions (line 42) | func MakeDefaultOptions() Options {
function containsItemString (line 64) | func containsItemString(s []string, e string) bool {
FILE: pkg/manifestgen/install/templates.go
function execTemplate (line 184) | func execTemplate(obj interface{}, tmpl, filename string) error {
function copyFile (line 214) | func copyFile(src, dst string) error {
FILE: pkg/manifestgen/kustomization/kustomization.go
function Generate (line 40) | func Generate(options Options) (*manifestgen.Manifest, error) {
function Build (line 143) | func Build(base string) ([]byte, error) {
function BuildWithRoot (line 152) | func BuildWithRoot(root, base string) ([]byte, error) {
FILE: pkg/manifestgen/kustomization/options.go
type Options (line 21) | type Options struct
function MakeDefaultOptions (line 27) | func MakeDefaultOptions() Options {
FILE: pkg/manifestgen/labels.go
constant PartOfLabelKey (line 22) | PartOfLabelKey = "app.kubernetes.io/part-of"
constant PartOfLabelValue (line 23) | PartOfLabelValue = "flux"
constant InstanceLabelKey (line 24) | InstanceLabelKey = "app.kubernetes.io/instance"
constant VersionLabelKey (line 25) | VersionLabelKey = "app.kubernetes.io/version"
FILE: pkg/manifestgen/manifest.go
constant GenWarning (line 27) | GenWarning = "# This manifest was generated by flux. DO NOT EDIT."
type Manifest (line 30) | type Manifest struct
method WriteFile (line 40) | func (m *Manifest) WriteFile(rootDir string) (string, error) {
FILE: pkg/manifestgen/sourcesecret/options.go
type PrivateKeyAlgorithm (line 25) | type PrivateKeyAlgorithm
constant RSAPrivateKeyAlgorithm (line 28) | RSAPrivateKeyAlgorithm PrivateKeyAlgorithm = "rsa"
constant ECDSAPrivateKeyAlgorithm (line 29) | ECDSAPrivateKeyAlgorithm PrivateKeyAlgorithm = "ecdsa"
constant Ed25519PrivateKeyAlgorithm (line 30) | Ed25519PrivateKeyAlgorithm PrivateKeyAlgorithm = "ed25519"
constant AddressSecretKey (line 34) | AddressSecretKey = "address"
constant UsernameSecretKey (line 35) | UsernameSecretKey = "username"
constant PasswordSecretKey (line 36) | PasswordSecretKey = "password"
constant CACrtSecretKey (line 37) | CACrtSecretKey = "ca.crt"
constant TLSCrtSecretKey (line 38) | TLSCrtSecretKey = "tls.crt"
constant TLSKeySecretKey (line 39) | TLSKeySecretKey = "tls.key"
constant PrivateKeySecretKey (line 40) | PrivateKeySecretKey = "identity"
constant PublicKeySecretKey (line 41) | PublicKeySecretKey = "identity.pub"
constant KnownHostsSecretKey (line 42) | KnownHostsSecretKey = "known_hosts"
constant BearerTokenKey (line 43) | BearerTokenKey = "bearerToken"
constant TrustPolicyKey (line 44) | TrustPolicyKey = "trustpolicy.json"
constant CAFileSecretKey (line 48) | CAFileSecretKey = "caFile"
constant CertFileSecretKey (line 51) | CertFileSecretKey = "certFile"
constant KeyFileSecretKey (line 54) | KeyFileSecretKey = "keyFile"
type Options (line 57) | type Options struct
type VerificationCrt (line 87) | type VerificationCrt struct
function MakeDefaultOptions (line 92) | func MakeDefaultOptions() Options {
FILE: pkg/manifestgen/sourcesecret/sourcesecret.go
constant defaultSSHPort (line 40) | defaultSSHPort = 22
type DockerConfigJSON (line 46) | type DockerConfigJSON struct
type DockerConfig (line 53) | type DockerConfig
type DockerConfigEntry (line 56) | type DockerConfigEntry struct
function GenerateGit (line 63) | func GenerateGit(options Options) (*manifestgen.Manifest, error) {
function GenerateTLS (line 89) | func GenerateTLS(options Options) (*manifestgen.Manifest, error) {
function GenerateOCI (line 108) | func GenerateOCI(options Options) (*manifestgen.Manifest, error) {
function GenerateHelm (line 124) | func GenerateHelm(options Options) (*manifestgen.Manifest, error) {
function GenerateProxy (line 196) | func GenerateProxy(options Options) (*manifestgen.Manifest, error) {
function GenerateNotation (line 212) | func GenerateNotation(options Options) (*manifestgen.Manifest, error) {
function GenerateGitHubApp (line 237) | func GenerateGitHubApp(options Options) (*manifestgen.Manifest, error) {
function LoadKeyPairFromPath (line 263) | func LoadKeyPairFromPath(path, password string) (*ssh.KeyPair, error) {
function LoadKeyPair (line 275) | func LoadKeyPair(privateKey []byte, password string) (*ssh.KeyPair, erro...
function buildGitSecret (line 292) | func buildGitSecret(keypair *ssh.KeyPair, hostKey []byte, options Option...
function secretToManifest (line 330) | func secretToManifest(secret *corev1.Secret, options Options) (*manifest...
function generateKeyPair (line 341) | func generateKeyPair(options Options) (*ssh.KeyPair, error) {
function ScanHostKey (line 360) | func ScanHostKey(host string) ([]byte, error) {
function resourceToString (line 374) | func resourceToString(data []byte) string {
function GenerateDockerConfigJson (line 380) | func GenerateDockerConfigJson(url, username, password string) ([]byte, e...
FILE: pkg/manifestgen/sourcesecret/sourcesecret_test.go
function Test_passwordLoadKeyPair (line 31) | func Test_passwordLoadKeyPair(t *testing.T) {
function Test_PasswordlessLoadKeyPair (line 67) | func Test_PasswordlessLoadKeyPair(t *testing.T) {
FILE: pkg/manifestgen/sync/options.go
type Options (line 23) | type Options struct
function MakeDefaultOptions (line 38) | func MakeDefaultOptions() Options {
FILE: pkg/manifestgen/sync/sync.go
function Generate (line 36) | func Generate(options Options) (*manifestgen.Manifest, error) {
function resourceToString (line 113) | func resourceToString(data []byte) string {
FILE: pkg/manifestgen/sync/sync_test.go
function TestGenerate (line 31) | func TestGenerate(t *testing.T) {
FILE: pkg/manifestgen/tmpdir.go
function MkdirTempAbs (line 28) | func MkdirTempAbs(dir, pattern string) (string, error) {
FILE: pkg/printers/dyff.go
type DyffPrinter (line 27) | type DyffPrinter struct
method Print (line 39) | func (p *DyffPrinter) Print(w io.Writer, args ...interface{}) error {
function NewDyffPrinter (line 32) | func NewDyffPrinter() *DyffPrinter {
FILE: pkg/printers/interface.go
type Printer (line 22) | type Printer interface
type PrinterFunc (line 28) | type PrinterFunc
method Print (line 31) | func (fn PrinterFunc) Print(w io.Writer, args ...interface{}) error {
FILE: pkg/printers/table_printer.go
function TablePrinter (line 27) | func TablePrinter(header []string) PrinterFunc {
FILE: pkg/status/status.go
type StatusChecker (line 40) | type StatusChecker struct
method Assess (line 71) | func (sc *StatusChecker) Assess(identifiers ...object.ObjMetadata) err...
function NewStatusCheckerWithClient (line 48) | func NewStatusCheckerWithClient(c client.Client, pollInterval time.Durat...
function NewStatusChecker (line 58) | func NewStatusChecker(kubeConfig *rest.Config, pollInterval time.Duratio...
function desiredStatusNotifierFunc (line 109) | func desiredStatusNotifierFunc(cancelFunc context.CancelFunc,
FILE: pkg/uninstall/uninstall.go
function Components (line 45) | func Components(ctx context.Context, logger log.Logger, kubeClient clien...
function Finalizers (line 138) | func Finalizers(ctx context.Context, logger log.Logger, kubeClient clien...
function CustomResourceDefinitions (line 355) | func CustomResourceDefinitions(ctx context.Context, logger log.Logger, k...
function Namespace (line 377) | func Namespace(ctx context.Context, logger log.Logger, kubeClient client...
function getDeleteOptions (line 390) | func getDeleteOptions(dryRun bool) (*client.DeleteOptions, string) {
function getUpdateOptions (line 401) | func getUpdateOptions(dryRun bool) (*client.UpdateOptions, string) {
FILE: tests/bootstrap/main.go
function main (line 13) | func main() {
FILE: tests/image-automation/main.go
function main (line 13) | func main() {
FILE: tests/integration/azure_specific_test.go
function TestAzureDevOpsCommitStatus (line 46) | func TestAzureDevOpsCommitStatus(t *testing.T) {
type AzureDevOpsURL (line 176) | type AzureDevOpsURL struct
function ParseAzureDevopsURL (line 183) | func ParseAzureDevopsURL(s string) (AzureDevOpsURL, error) {
FILE: tests/integration/azure_test.go
constant azureDevOpsKnownHosts (line 31) | azureDevOpsKnownHosts = "ssh.dev.azure.com ssh-rsa AAAAB3NzaC1yc2EAAAADA...
function createKubeConfigAKS (line 36) | func createKubeConfigAKS(ctx context.Context, state map[string]*tfjson.S...
function getTestConfigAKS (line 44) | func getTestConfigAKS(ctx context.Context, outputs map[string]*tfjson.St...
function registryLoginACR (line 139) | func registryLoginACR(ctx context.Context, output map[string]*tfjson.Sta...
function setupEventHubHandler (line 150) | func setupEventHubHandler(ctx context.Context, c chan []byte, eventHubSa...
FILE: tests/integration/flux_test.go
function TestFluxInstallation (line 34) | func TestFluxInstallation(t *testing.T) {
function TestRepositoryCloning (line 47) | func TestRepositoryCloning(t *testing.T) {
FILE: tests/integration/gcp_test.go
constant gcpSourceRepoKnownHosts (line 37) | gcpSourceRepoKnownHosts = "[source.developers.google.com]:2022 ecdsa-sha...
function createKubeConfigGKE (line 42) | func createKubeConfigGKE(ctx context.Context, state map[string]*tfjson.S...
function registryLoginGCR (line 52) | func registryLoginGCR(ctx context.Context, output map[string]*tfjson.Sta...
function getTestConfigGKE (line 64) | func getTestConfigGKE(ctx context.Context, outputs map[string]*tfjson.St...
function setupPubSubReceiver (line 154) | func setupPubSubReceiver(ctx context.Context, c chan []byte, projectID s...
FILE: tests/integration/image_repo_test.go
function TestImageRepositoryAndAutomation (line 39) | func TestImageRepositoryAndAutomation(t *testing.T) {
FILE: tests/integration/notification_test.go
function TestNotification (line 39) | func TestNotification(t *testing.T) {
FILE: tests/integration/oci_test.go
function TestOCIHelmRelease (line 35) | func TestOCIHelmRelease(t *testing.T) {
FILE: tests/integration/sops_encryption_test.go
function TestKeyVaultSops (line 38) | func TestKeyVaultSops(t *testing.T) {
FILE: tests/integration/suite_test.go
constant azureTerraformPath (line 47) | azureTerraformPath = "./terraform/azure"
constant gcpTerraformPath (line 50) | gcpTerraformPath = "./terraform/gcp"
constant kubeconfigPath (line 53) | kubeconfigPath = "./build/kubeconfig"
constant fluxBin (line 56) | fluxBin = "./build/flux"
constant defaultBranch (line 59) | defaultBranch = "main"
constant envVarGitRepoSSHPath (line 63) | envVarGitRepoSSHPath = "GITREPO_SSH_PATH"
constant envVarGitRepoSSHPubPath (line 66) | envVarGitRepoSSHPubPath = "GITREPO_SSH_PUB_PATH"
type testConfig (line 101) | type testConfig struct
type notificationConfig (line 132) | type notificationConfig struct
type gitUrl (line 143) | type gitUrl struct
type getTestConfig (line 149) | type getTestConfig
type registryLoginFunc (line 154) | type registryLoginFunc
type providerConfig (line 157) | type providerConfig struct
function init (line 165) | func init() {
function TestMain (line 176) | func TestMain(m *testing.M) {
function getProviderConfig (line 306) | func getProviderConfig(provider string) *providerConfig {
function pushTestImages (line 328) | func pushTestImages(ctx context.Context, repoURL string, tags []string) ...
function randStringRunes (line 340) | func randStringRunes(n int) string {
FILE: tests/integration/util_test.go
function installFlux (line 55) | func installFlux(ctx context.Context, tmpDir string, kubeconfigPath stri...
function runFluxCheck (line 108) | func runFluxCheck(ctx context.Context) error {
function uninstallFlux (line 115) | func uninstallFlux(ctx context.Context) error {
function verifyGitAndKustomization (line 126) | func verifyGitAndKustomization(ctx context.Context, kubeClient client.Cl...
type nsConfig (line 150) | type nsConfig struct
function setUpFluxConfig (line 161) | func setUpFluxConfig(ctx context.Context, name string, opts nsConfig) er...
function tearDownFluxConfig (line 250) | func tearDownFluxConfig(ctx context.Context, name string) error {
function getRepository (line 276) | func getRepository(ctx context.Context, dir, repoURL, branchName string,...
function commitAndPushAll (line 296) | func commitAndPushAll(ctx context.Context, client *gogit.Client, files m...
function createTagAndPush (line 325) | func createTagAndPush(ctx context.Context, client *gogit.Client, branchN...
function pushImagesFromURL (line 380) | func pushImagesFromURL(repoURL, imgURL string, tags []string) error {
function getTransportURL (line 395) | func getTransportURL(urls gitUrl) string {
function authOpts (line 403) | func authOpts(repoURL string, authData map[string][]byte) (*git.AuthOpti...
function checkReadyCondition (line 414) | func checkReadyCondition(from conditions.Getter) error {
function dumpDiagnostics (line 429) | func dumpDiagnostics(t *testing.T, ctx context.Context, namespace string) {
function dumpFluxObjects (line 443) | func dumpFluxObjects(t *testing.T, ctx context.Context, namespace string) {
function logObjectStatus (line 505) | func logObjectStatus(t *testing.T, kind, name, namespace string, conditi...
function dumpControllerLogs (line 515) | func dumpControllerLogs(t *testing.T, ctx context.Context) {
function logNamespacePods (line 541) | func logNamespacePods(t *testing.T, ctx context.Context, namespace strin...
Condensed preview — 667 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (1,995K chars).
[
{
"path": ".github/ISSUE_TEMPLATE/bug_report.yaml",
"chars": 2750,
"preview": "---\nname: Bug report\ndescription: Create a report to help us improve Flux\nbody:\n- type: markdown\n attributes:\n value"
},
{
"path": ".github/ISSUE_TEMPLATE/config.yml",
"chars": 169,
"preview": "blank_issues_enabled: true\ncontact_links:\n - name: Ask a question\n url: https://github.com/fluxcd/flux2/discussions\n"
},
{
"path": ".github/aur/flux-bin/.SRCINFO.template",
"chars": 946,
"preview": "pkgbase = flux-bin\n\tpkgdesc = Open and extensible continuous delivery solution for Kubernetes\n\tpkgver = ${PKGVER}\n\tpkgre"
},
{
"path": ".github/aur/flux-bin/.gitignore",
"chars": 5,
"preview": ".pkg\n"
},
{
"path": ".github/aur/flux-bin/PKGBUILD.template",
"chars": 1563,
"preview": "# Maintainer: Aurel Canciu <aurelcanciu@gmail.com>\n# Maintainer: Hidde Beydals <hello@hidde.co>\n\npkgname=flux-bin\npkgver"
},
{
"path": ".github/aur/flux-bin/publish.sh",
"chars": 1813,
"preview": "#!/usr/bin/env bash\n\nset -e\n\nWD=$(cd \"$( dirname \"${BASH_SOURCE[0]}\" )\" >/dev/null 2>&1 && pwd)\nPKGNAME=$(basename $WD)\n"
},
{
"path": ".github/aur/flux-go/.SRCINFO.template",
"chars": 437,
"preview": "pkgbase = flux-go\n\tpkgdesc = Open and extensible continuous delivery solution for Kubernetes\n\tpkgver = ${PKGVER}\n\tpkgrel"
},
{
"path": ".github/aur/flux-go/.gitignore",
"chars": 5,
"preview": ".pkg\n"
},
{
"path": ".github/aur/flux-go/PKGBUILD.template",
"chars": 1842,
"preview": "# Maintainer: Aurel Canciu <aurelcanciu@gmail.com>\n# Maintainer: Hidde Beydals <hello@hidde.co>\n\npkgname=flux-go\npkgver="
},
{
"path": ".github/aur/flux-go/publish.sh",
"chars": 1547,
"preview": "#!/usr/bin/env bash\n\nset -e\n\nWD=$(cd \"$( dirname \"${BASH_SOURCE[0]}\" )\" >/dev/null 2>&1 && pwd)\nPKGNAME=$(basename $WD)\n"
},
{
"path": ".github/aur/flux-scm/.SRCINFO.template",
"chars": 388,
"preview": "pkgbase = flux-scm\n\tpkgdesc = Open and extensible continuous delivery solution for Kubernetes\n\tpkgver = ${PKGVER}\n\tpkgre"
},
{
"path": ".github/aur/flux-scm/.gitignore",
"chars": 5,
"preview": ".pkg\n"
},
{
"path": ".github/aur/flux-scm/PKGBUILD.template",
"chars": 1822,
"preview": "# Maintainer: Aurel Canciu <aurelcanciu@gmail.com>\n# Maintainer: Hidde Beydals <hello@hidde.co>\n\npkgname=flux-scm\npkgver"
},
{
"path": ".github/aur/flux-scm/publish.sh",
"chars": 1385,
"preview": "#!/usr/bin/env bash\n\nset -e\n\nWD=$(cd \"$( dirname \"${BASH_SOURCE[0]}\" )\" >/dev/null 2>&1 && pwd)\nPKGNAME=$(basename $WD)\n"
},
{
"path": ".github/dependabot.yml",
"chars": 447,
"preview": "version: 2\n\nupdates:\n - package-ecosystem: \"github-actions\"\n directory: \"/\"\n labels: [\"area/ci\", \"dependencies\"]\n"
},
{
"path": ".github/kind/config.yaml",
"chars": 233,
"preview": "kind: Cluster\napiVersion: kind.x-k8s.io/v1alpha4\nnodes:\n - role: control-plane\n - role: worker\n - role: worker\nnetwor"
},
{
"path": ".github/labels.yaml",
"chars": 1842,
"preview": "# Configuration file to declaratively configure labels\n# Ref: https://github.com/EndBug/label-sync#Config-files\n\n- name:"
},
{
"path": ".github/runners/README.md",
"chars": 2631,
"preview": "# Flux ARM64 GitHub runners\n\nThe Flux ARM64 end-to-end tests run on Equinix Metal instances provisioned with Docker and "
},
{
"path": ".github/runners/prereq.sh",
"chars": 2696,
"preview": "#!/usr/bin/env bash\n\n# Copyright 2021 The Flux authors. All rights reserved.\n#\n# Licensed under the Apache License, Vers"
},
{
"path": ".github/runners/runner-setup.sh",
"chars": 1327,
"preview": "#!/usr/bin/env bash\n\n# Copyright 2021 The Flux authors. All rights reserved.\n#\n# Licensed under the Apache License, Vers"
},
{
"path": ".github/workflows/README.md",
"chars": 3271,
"preview": "# Flux GitHub Workflows\n\n## End-to-end Testing\n\nThe e2e workflows run a series of tests to ensure that the Flux CLI and\n"
},
{
"path": ".github/workflows/action.yaml",
"chars": 558,
"preview": "name: test-gh-action\n\non:\n pull_request:\n paths:\n - 'action/**'\n push:\n paths:\n - 'action/**'\n bran"
},
{
"path": ".github/workflows/backport.yaml",
"chars": 404,
"preview": "name: backport\non:\n pull_request_target:\n types: [closed, labeled]\npermissions: read-all\njobs:\n backport:\n permi"
},
{
"path": ".github/workflows/conformance.yaml",
"chars": 10012,
"preview": "name: conformance\n\non:\n workflow_dispatch:\n push:\n branches: [ 'main', 'update-components-**', 'release/**', 'confo"
},
{
"path": ".github/workflows/e2e-azure.yaml",
"chars": 3627,
"preview": "name: e2e-azure\n\non:\n workflow_dispatch:\n schedule:\n - cron: '0 6 * * *'\n push:\n branches:\n - main\n pat"
},
{
"path": ".github/workflows/e2e-bootstrap.yaml",
"chars": 5398,
"preview": "name: e2e-bootstrap\n\non:\n workflow_dispatch:\n push:\n branches: [ 'main', 'release/**' ]\n pull_request:\n branche"
},
{
"path": ".github/workflows/e2e-gcp.yaml",
"chars": 4124,
"preview": "name: e2e-gcp\n\non:\n workflow_dispatch:\n schedule:\n - cron: '0 6 * * *'\n push:\n branches:\n - main\n paths"
},
{
"path": ".github/workflows/e2e.yaml",
"chars": 9870,
"preview": "name: e2e\n\non:\n workflow_dispatch:\n push:\n branches: [ 'main', 'release/**' ]\n pull_request:\n branches: [ 'main"
},
{
"path": ".github/workflows/ossf.yaml",
"chars": 1087,
"preview": "name: ossf\non:\n workflow_dispatch:\n push:\n branches:\n - main\n schedule:\n # Weekly on Saturdays.\n - cron"
},
{
"path": ".github/workflows/release.yaml",
"chars": 8651,
"preview": "name: release\n\non:\n push:\n tags: [\"v*\"]\n\npermissions:\n contents: read\n\njobs:\n release-flux-cli:\n outputs:\n "
},
{
"path": ".github/workflows/scan.yaml",
"chars": 540,
"preview": "name: scan\non:\n workflow_dispatch:\n push:\n branches: [ 'main', 'release/**' ]\n pull_request:\n branches: [ 'main"
},
{
"path": ".github/workflows/sync-labels.yaml",
"chars": 419,
"preview": "name: sync-labels\non:\n workflow_dispatch:\n push:\n branches:\n - main\n paths:\n - .github/labels.yaml\nper"
},
{
"path": ".github/workflows/update.yaml",
"chars": 4299,
"preview": "name: update\n\non:\n workflow_dispatch:\n push:\n branches: [main]\n\npermissions:\n contents: read\n\njobs:\n update-compo"
},
{
"path": ".github/workflows/upgrade-fluxcd-pkg.yaml",
"chars": 256,
"preview": "name: upgrade-fluxcd-pkg\n\non:\n workflow_dispatch:\n\npermissions:\n contents: read\n\njobs:\n upgrade-fluxcd-pkg:\n uses:"
},
{
"path": ".gitignore",
"chars": 367,
"preview": "# Binaries for programs and plugins\n*.exe\n*.exe~\n*.dll\n*.so\n*.dylib\n\n# Test binary, built with `go test -c`\n*.test\n\n# Ou"
},
{
"path": ".goreleaser.yml",
"chars": 4370,
"preview": "project_name: flux\nchangelog:\n use: github-native\nbuilds:\n - <<: &build_defaults\n binary: flux\n main: ./cmd/"
},
{
"path": ".scorecard.yml",
"chars": 222,
"preview": "annotations:\n - checks:\n - dangerous-workflow\n reasons:\n - reason: not-applicable # This workflow does not"
},
{
"path": "CODE_OF_CONDUCT.md",
"chars": 138,
"preview": "## Code of Conduct\n\nFluxCD toolkit follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/cod"
},
{
"path": "CONTRIBUTING.md",
"chars": 5887,
"preview": "# Contributing\n\nFlux is [Apache 2.0 licensed](https://github.com/fluxcd/flux2/blob/main/LICENSE) and\naccepts contributio"
},
{
"path": "DCO",
"chars": 1422,
"preview": "Developer Certificate of Origin\nVersion 1.1\n\nCopyright (C) 2004, 2006 The Linux Foundation and its contributors.\n660 Yor"
},
{
"path": "Dockerfile",
"chars": 504,
"preview": "FROM alpine:3.23 AS builder\n\nRUN apk add --no-cache ca-certificates curl\n\nARG ARCH=linux/amd64\nARG KUBECTL_VER=1.35.0\n\nR"
},
{
"path": "LICENSE",
"chars": 11357,
"preview": " Apache License\n Version 2.0, January 2004\n "
},
{
"path": "MAINTAINERS",
"chars": 357,
"preview": "The maintainers are generally available in Slack at\nhttps://cloud-native.slack.com in #flux (https://cloud-native.slack."
},
{
"path": "Makefile",
"chars": 3323,
"preview": "VERSION?=$(shell grep 'VERSION' cmd/flux/main.go | awk '{ print $$4 }' | head -n 1 | tr -d '\"')\nDEV_VERSION?=0.0.0-$(she"
},
{
"path": "README.md",
"chars": 6251,
"preview": "# Flux version 2\n\n[](https://github.com/fluxcd/flu"
},
{
"path": "action/README.md",
"chars": 837,
"preview": "# Flux GitHub Action\n\nTo install the latest Flux CLI on Linux, macOS or Windows GitHub runners:\n\n```yaml\nsteps:\n - name"
},
{
"path": "action/action.yml",
"chars": 5245,
"preview": "name: Setup Flux CLI\ndescription: A GitHub Action for installing the Flux CLI\nauthor: Flux project\nbranding:\n color: bl"
},
{
"path": "cmd/flux/alert.go",
"chars": 1329,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/alert_provider.go",
"chars": 1421,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/artifact.go",
"chars": 1468,
"preview": "/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/bootstrap.go",
"chars": 9884,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/bootstrap_bitbucket_server.go",
"chars": 11186,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/bootstrap_git.go",
"chars": 14160,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/bootstrap_gitea.go",
"chars": 10902,
"preview": "/*\nCopyright 2023 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/bootstrap_github.go",
"chars": 11078,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/bootstrap_gitlab.go",
"chars": 12731,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/build.go",
"chars": 808,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/build_artifact.go",
"chars": 3425,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/build_artifact_test.go",
"chars": 1427,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/build_kustomization.go",
"chars": 6468,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/build_kustomization_test.go",
"chars": 8967,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/check.go",
"chars": 7145,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/check_test.go",
"chars": 1512,
"preview": "//go:build e2e\n// +build e2e\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"L"
},
{
"path": "cmd/flux/cluster_info.go",
"chars": 4411,
"preview": "/*\nCopyright 2023 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/cluster_info_test.go",
"chars": 3832,
"preview": "/*\nCopyright 2023 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/completion.go",
"chars": 3043,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/completion_bash.go",
"chars": 1188,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/completion_fish.go",
"chars": 1227,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/completion_powershell.go",
"chars": 1405,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/completion_zsh.go",
"chars": 1555,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create.go",
"chars": 5183,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_alert.go",
"chars": 4838,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_alertprovider.go",
"chars": 4996,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_helmrelease.go",
"chars": 14797,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_helmrelease_test.go",
"chars": 2966,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/create_image.go",
"chars": 967,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_image_policy.go",
"chars": 8506,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_image_repository.go",
"chars": 4608,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_image_update.go",
"chars": 6011,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_kustomization.go",
"chars": 11134,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_receiver.go",
"chars": 5004,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret.go",
"chars": 1617,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_git.go",
"chars": 7204,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_git_test.go",
"chars": 2633,
"preview": "package main\n\nimport (\n\t\"fmt\"\n\t\"os\"\n\t\"testing\"\n)\n\nfunc TestCreateGitSecret(t *testing.T) {\n\tfile, err := os.CreateTemp(t"
},
{
"path": "cmd/flux/create_secret_github_app.go",
"chars": 3887,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_githubapp_test.go",
"chars": 2063,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_helm.go",
"chars": 3804,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_helm_test.go",
"chars": 1189,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_notation.go",
"chars": 4615,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_notation_test.go",
"chars": 4225,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_oci.go",
"chars": 3389,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_oci_test.go",
"chars": 1283,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_proxy.go",
"chars": 3097,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_proxy_test.go",
"chars": 1242,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_secret_tls.go",
"chars": 3450,
"preview": "/*\nCopyright 2020, 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not us"
},
{
"path": "cmd/flux/create_secret_tls_test.go",
"chars": 738,
"preview": "package main\n\nimport (\n\t\"testing\"\n)\n\nfunc TestCreateTlsSecret(t *testing.T) {\n\ttests := []struct {\n\t\tname string\n\t\targ"
},
{
"path": "cmd/flux/create_source.go",
"chars": 1177,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_source_bucket.go",
"chars": 7834,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_source_chart.go",
"chars": 7626,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_source_chart_test.go",
"chars": 3141,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/create_source_git.go",
"chars": 14411,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_source_git_test.go",
"chars": 10250,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/create_source_helm.go",
"chars": 9270,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_source_helm_test.go",
"chars": 2239,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/create_source_oci.go",
"chars": 10116,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_source_oci_test.go",
"chars": 3901,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_tenant.go",
"chars": 8849,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/create_tenant_test.go",
"chars": 2155,
"preview": "//go:build e2e\n// +build e2e\n\n/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"L"
},
{
"path": "cmd/flux/create_test.go",
"chars": 803,
"preview": "package main\n\nimport (\n\t\"testing\"\n\n\t\"k8s.io/apimachinery/pkg/util/rand\"\n)\n\nfunc Test_validateObjectName(t *testing.T) {\n"
},
{
"path": "cmd/flux/debug.go",
"chars": 837,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/debug_helmrelease.go",
"chars": 4177,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/debug_helmrelease_test.go",
"chars": 2084,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/debug_kustomization.go",
"chars": 5044,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/debug_kustomization_test.go",
"chars": 1979,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/delete.go",
"chars": 2325,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_alert.go",
"chars": 1257,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_alertprovider.go",
"chars": 1323,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_helmrelease.go",
"chars": 1287,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_image.go",
"chars": 844,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_image_policy.go",
"chars": 1240,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_image_repository.go",
"chars": 1281,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_image_update.go",
"chars": 1302,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_kustomization.go",
"chars": 1342,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_receiver.go",
"chars": 1268,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_source.go",
"chars": 814,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_source_bucket.go",
"chars": 1212,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_source_chart.go",
"chars": 1218,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_source_git.go",
"chars": 1233,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_source_helm.go",
"chars": 1244,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/delete_source_oci.go",
"chars": 1272,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/diff.go",
"chars": 847,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/diff_artifact.go",
"chars": 3879,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/diff_artifact_test.go",
"chars": 3171,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/diff_kustomization.go",
"chars": 5888,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/diff_kustomization_test.go",
"chars": 6186,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/docgen.go",
"chars": 1632,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/envsubst.go",
"chars": 2123,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/envsubst_test.go",
"chars": 1429,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/events.go",
"chars": 17245,
"preview": "/*\nCopyright 2023 The Kubernetes Authors.\nCopyright 2023 The Flux authors\n\nLicensed under the Apache License, Version 2."
},
{
"path": "cmd/flux/events_test.go",
"chars": 17021,
"preview": "/*\nCopyright 2023 The Kubernetes Authors.\nCopyright 2023 The Flux authors\n\nLicensed under the Apache License, Version 2."
},
{
"path": "cmd/flux/export.go",
"chars": 3085,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_alert.go",
"chars": 2038,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_alertprovider.go",
"chars": 2240,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_artifact.go",
"chars": 856,
"preview": "/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_artifact_generator.go",
"chars": 2372,
"preview": "/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_helmrelease.go",
"chars": 2178,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_image.go",
"chars": 859,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_image_policy.go",
"chars": 2227,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_image_repository.go",
"chars": 2253,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_image_update.go",
"chars": 2368,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_kustomization.go",
"chars": 2233,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_receiver.go",
"chars": 2129,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_secret.go",
"chars": 3488,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_source.go",
"chars": 989,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_source_bucket.go",
"chars": 2630,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_source_chart.go",
"chars": 2033,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_source_external.go",
"chars": 2747,
"preview": "/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_source_git.go",
"chars": 2770,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_source_helm.go",
"chars": 2814,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_source_oci.go",
"chars": 2831,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/export_test.go",
"chars": 2644,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/get.go",
"chars": 8244,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_alert.go",
"chars": 2657,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_alertprovider.go",
"chars": 2629,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_all.go",
"chars": 2412,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_artifact.go",
"chars": 883,
"preview": "/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_artifact_generator.go",
"chars": 2800,
"preview": "/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_helmrelease.go",
"chars": 3039,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_image.go",
"chars": 884,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_image_all.go",
"chars": 1830,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_image_policy.go",
"chars": 2740,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_image_repository.go",
"chars": 3021,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_image_update.go",
"chars": 3085,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_kustomization.go",
"chars": 2979,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_receiver.go",
"chars": 2705,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_source.go",
"chars": 863,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_source_all.go",
"chars": 2158,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_source_bucket.go",
"chars": 2949,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_source_chart.go",
"chars": 3077,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_source_external.go",
"chars": 3174,
"preview": "/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_source_git.go",
"chars": 3039,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_source_helm.go",
"chars": 3273,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_source_oci.go",
"chars": 3079,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/get_test.go",
"chars": 3191,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2023 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/helmrelease.go",
"chars": 1366,
"preview": "/*\nCopyright 2024 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/helmrelease_test.go",
"chars": 2050,
"preview": "//go:build e2e\n// +build e2e\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"L"
},
{
"path": "cmd/flux/image.go",
"chars": 4129,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/image_test.go",
"chars": 2031,
"preview": "//go:build e2e\n// +build e2e\n\n/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"L"
},
{
"path": "cmd/flux/install.go",
"chars": 10461,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/install_test.go",
"chars": 3678,
"preview": "/*\nCopyright 2025 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/kustomization.go",
"chars": 1440,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/kustomization_test.go",
"chars": 2627,
"preview": "//go:build e2e\n// +build e2e\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"L"
},
{
"path": "cmd/flux/list.go",
"chars": 813,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/list_artifact.go",
"chars": 4163,
"preview": "/*\nCopyright 2022 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/log.go",
"chars": 1401,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/logs.go",
"chars": 10137,
"preview": "/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/logs_e2e_test.go",
"chars": 2068,
"preview": "//go:build e2e\n// +build e2e\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"L"
},
{
"path": "cmd/flux/logs_unit_test.go",
"chars": 4623,
"preview": "//go:build unit\n// +build unit\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the "
},
{
"path": "cmd/flux/main.go",
"chars": 8525,
"preview": "/*\nCopyright 2020 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this"
},
{
"path": "cmd/flux/main_e2e_test.go",
"chars": 2442,
"preview": "//go:build e2e\n// +build e2e\n\n/*\nCopyright 2021 The Flux authors\n\nLicensed under the Apache License, Version 2.0 (the \"L"
}
]
// ... and 467 more files (download for full content)
About this extraction
This page contains the full source code of the fluxcd/flux2 GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 667 files (1.7 MB), approximately 540.8k tokens, and a symbol index with 1431 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.