Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sync upstream main #146

Merged
merged 77 commits into from
Nov 5, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
77 commits
Select commit Hold shift + click to select a range
d0aad8c
readded changes after merge problems
TheBelgarion Aug 22, 2024
8e26e55
chore(deps): update docker/login-action digest to 9780b0c
crossplane-renovate[bot] Sep 7, 2024
3160e50
chore(deps): update actions/create-github-app-token digest to 5d869da
crossplane-renovate[bot] Sep 12, 2024
3fab3a4
chore(deps): update codecov/codecov-action digest to b9fd7d1
crossplane-renovate[bot] Oct 2, 2024
85f8f96
chore(deps): update actions/upload-artifact digest to b4b15b8
crossplane-renovate[bot] Oct 11, 2024
43bc818
docs: update contributing guide with new contributor getting started …
jbw976 Oct 18, 2024
f834d2d
Merge branch 'crossplane:main' into named-container-support
TheBelgarion Oct 22, 2024
f6dd1bf
build: bump golang to 1.22.8
jbw976 Oct 23, 2024
2d42bd1
test(e2e): Update test packages and add more tests to dependency update
ezgidemirel Oct 23, 2024
79c3d34
Merge pull request #6024 from jbw976/bump-golang
phisco Oct 23, 2024
88e5a25
feat(Compositions): drop spec.environmentConfigRefs
phisco Oct 24, 2024
c555808
fix default registry bug
ezgidemirel Oct 23, 2024
32bb6be
feat(crank): beta covert composition-environment implementation
phisco Oct 18, 2024
1f77470
feat: rework pipeline-composition to avoid dropping fields
phisco Oct 18, 2024
48d84f2
review
phisco Oct 24, 2024
ce2f236
log to stderr if no change needed
phisco Oct 24, 2024
3be61d9
fix: no-op if already pipeline mode
phisco Oct 25, 2024
3a1d69b
Merge pull request #6029 from phisco/more-env-cleanup
phisco Oct 25, 2024
c88f6c7
Merge branch 'crossplane:main' into named-container-support
TheBelgarion Oct 28, 2024
c999b73
Merge pull request #6023 from ezgidemirel/e2e-dep-up
turkenh Oct 28, 2024
5c76394
fixed nit: container nameming loop variable
TheBelgarion Oct 28, 2024
97a3f33
Update contributing/README.md
jbw976 Oct 28, 2024
ac27bec
Merge pull request #6015 from jbw976/contrib-getting-started
jbw976 Oct 28, 2024
6a7c477
Merge pull request #6016 from phisco/where-is-my-environment
phisco Oct 28, 2024
8f15fd1
Fix package metadata CRD generation
negz Oct 18, 2024
51ead1d
Have the resolver controller watch package revisions
negz Oct 18, 2024
f628886
Define api types for image verification
turkenh Oct 17, 2024
807434d
Bootstrap signature verification reconciler
turkenh Oct 17, 2024
d19bf4a
Add e2e tests artifacts for keyless and keyfull signature verification
turkenh Oct 22, 2024
b13bab5
Define and add conditions for verification
turkenh Oct 17, 2024
149be69
Add signature verification controller
turkenh Oct 19, 2024
dd7eea6
Add unit tests for signature verification
turkenh Oct 23, 2024
449ac44
Add e2e test for keyless verification of a private image
turkenh Oct 23, 2024
333c6b3
Simplify signature verification skipping policy controller
turkenh Oct 24, 2024
58b2a3a
Copy attestation.go from cosign repo
turkenh Oct 28, 2024
a0b5487
Simplify attestation verification skipping policy controller
turkenh Oct 25, 2024
12bc156
Resolve comments in signature verification
turkenh Oct 28, 2024
2a51db4
Signature verification controller reconciles package revisions
turkenh Oct 28, 2024
6361d8b
Put signature verification behing an alpha flag
turkenh Oct 30, 2024
52653a1
Add unit tests for signature verification reconciler
turkenh Oct 30, 2024
d554fc2
Document how to access e2e cluster while tests are running
turkenh Oct 31, 2024
8410e24
Merge pull request #6022 from turkenh/package-image-config-verification
turkenh Oct 31, 2024
198c46e
Merge pull request #5936 from crossplane/renovate/main-actions-create…
turkenh Oct 31, 2024
9e89e41
fix(crank): convert pipeline-composition skip if no environment defin…
phisco Oct 31, 2024
3fdf3cb
Merge pull request #5941 from crossplane/renovate/main-actions-upload…
turkenh Oct 31, 2024
6377dd9
Merge pull request #5942 from crossplane/renovate/main-codecov-codeco…
turkenh Oct 31, 2024
9e897ab
Merge pull request #5944 from crossplane/renovate/main-docker-login-a…
turkenh Oct 31, 2024
b6f2f6d
chore: refactor patchsets handling for consistency, adding test coverage
phisco Oct 31, 2024
0b287eb
feat(pkg-mgr): Add condition to lock object
ezgidemirel Oct 31, 2024
8ddec4c
Merge pull request #6033 from phisco/no-env-is-fine
phisco Oct 31, 2024
bd3edd3
Merge pull request #6031 from ezgidemirel/lock-condition
turkenh Oct 31, 2024
eea8f82
feat(xfn): Consider composite ready state in function response
MisterMX Oct 23, 2024
6ac686f
Bump crossplane runtime to v1.19.0-rc.0
turkenh Oct 31, 2024
b0a1429
Bump controller-tools to v0.16.5 and unique controller names
turkenh Oct 31, 2024
ed67b92
Skip name validation in controller engine
turkenh Oct 31, 2024
8714042
Merge pull request #6021 from MisterMX/feat/function-composite-ready-…
phisco Oct 31, 2024
cfb6b7b
Merge pull request #6036 from turkenh/bump-runtime-v1.19.0-rc.0
turkenh Oct 31, 2024
28bb0d6
Add release-1.18 to renovate base branches
turkenh Oct 31, 2024
0a030eb
Merge pull request #6040 from turkenh/bump-base-branches
turkenh Oct 31, 2024
d7a341c
chore(deps): update module github.com/open-policy-agent/opa to v0.68.…
crossplane-renovate[bot] Nov 1, 2024
fbe58bd
fix(deps): update module github.com/docker/docker to v27.1.1+incompat…
crossplane-renovate[bot] Nov 1, 2024
05da2e6
Merge pull request #6045 from crossplane/renovate/main-go-github.com-…
jbw976 Nov 1, 2024
a7a2b69
Merge branch 'master' into named-container-support
TheBelgarion Nov 2, 2024
959f288
Merge pull request #5878 from TheBelgarion/named-container-support
jbw976 Nov 2, 2024
c2febe4
Merge pull request #6044 from crossplane/renovate/main-go-github.com-…
jbw976 Nov 2, 2024
122316d
fix(crank): beta validate properly pulling crossplane image
phisco Nov 1, 2024
e4d72e5
Merge pull request #6053 from phisco/damn-errors-is
phisco Nov 3, 2024
c7b6640
build: bump meta CRDs via +generate
jbw976 Nov 4, 2024
eae6b41
Merge pull request #6054 from negz/dependent
negz Nov 4, 2024
6e2ae7e
Fix unknown field warnings
turkenh Nov 4, 2024
82e5465
Merge pull request #6064 from turkenh/fix-warnings
turkenh Nov 5, 2024
7357378
chore(deps): update module github.com/golang-jwt/jwt/v4 to v4.5.1 [se…
crossplane-renovate[bot] Nov 5, 2024
1d38953
Merge pull request #6066 from crossplane/renovate/main-go-github.com-…
turkenh Nov 5, 2024
5abd87d
Merge remote-tracking branch 'upstream/main' into sync-upstream-main
turkenh Nov 5, 2024
9cdde00
Update releases table and base branches
turkenh Nov 5, 2024
586bd39
Merge pull request #6072 from turkenh/update-releases-table-1.18
turkenh Nov 5, 2024
9daa175
Merge remote-tracking branch 'upstream/main' into sync-upstream-main
turkenh Nov 5, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/renovate.json5
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@
// PLEASE UPDATE THIS WHEN RELEASING.
"baseBranches": [
"main",
"release-1.15",
"release-1.16",
"release-1.17"
"release-1.17",
"release-1.18"
],
"ignorePaths": [
"design/**",
Expand Down
35 changes: 18 additions & 17 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,14 @@ jobs:
version: ${{ env.EARTHLY_VERSION }}

- name: Login to DockerHub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: env.DOCKER_USR != ''
with:
username: ${{ secrets.DOCKER_USR }}
password: ${{ secrets.DOCKER_PSW }}

- name: Login to GitHub Container Registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand Down Expand Up @@ -83,14 +83,14 @@ jobs:
version: ${{ env.EARTHLY_VERSION }}

- name: Login to DockerHub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: env.DOCKER_USR != ''
with:
username: ${{ secrets.DOCKER_USR }}
password: ${{ secrets.DOCKER_PSW }}

- name: Login to GitHub Container Registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand Down Expand Up @@ -119,14 +119,14 @@ jobs:
version: ${{ env.EARTHLY_VERSION }}

- name: Login to DockerHub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: env.DOCKER_USR != ''
with:
username: ${{ secrets.DOCKER_USR }}
password: ${{ secrets.DOCKER_PSW }}

- name: Login to GitHub Container Registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand Down Expand Up @@ -154,7 +154,7 @@ jobs:
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4

- name: Run Trivy vulnerability scanner in fs mode
uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # 0.21.0
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0
with:
scan-type: 'fs'
ignore-unfixed: true
Expand Down Expand Up @@ -183,14 +183,14 @@ jobs:
version: ${{ env.EARTHLY_VERSION }}

- name: Login to DockerHub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: env.DOCKER_USR != ''
with:
username: ${{ secrets.DOCKER_USR }}
password: ${{ secrets.DOCKER_PSW }}

- name: Login to GitHub Container Registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand All @@ -206,7 +206,7 @@ jobs:
run: earthly --strict --remote-cache ghcr.io/upbound/crossplane-earthly-cache:${{ github.job }} +test

- name: Publish Unit Test Coverage
uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # v4
uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4
with:
flags: unittests
file: _output/tests/coverage.txt
Expand All @@ -223,6 +223,7 @@ jobs:
- ssa-claims
- realtime-compositions
- package-dependency-upgrades
- package-signature-verification

steps:
- name: Checkout
Expand All @@ -235,14 +236,14 @@ jobs:
version: ${{ env.EARTHLY_VERSION }}

- name: Login to DockerHub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: env.DOCKER_USR != ''
with:
username: ${{ secrets.DOCKER_USR }}
password: ${{ secrets.DOCKER_PSW }}

- name: Login to GitHub Container Registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand Down Expand Up @@ -299,22 +300,22 @@ jobs:
version: ${{ env.EARTHLY_VERSION }}

- name: Login to DockerHub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: env.DOCKER_USR != ''
with:
username: ${{ secrets.DOCKER_USR }}
password: ${{ secrets.DOCKER_PSW }}

- name: Login to Upbound
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: env.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR != ''
with:
registry: xpkg.upbound.io
username: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR }}
password: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_PSW }}

- name: Login to GitHub Container Registry
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
Expand All @@ -335,7 +336,7 @@ jobs:
run: earthly --strict --remote-cache ghcr.io/upbound/crossplane-earthly-cache:${{ github.job }} +ci-artifacts --CROSSPLANE_VERSION=${CROSSPLANE_VERSION} --CROSSPLANE_INTERNAL_VERSION=${CROSSPLANE_INTERNAL_VERSION}

- name: Upload Artifacts to GitHub
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: output
path: _output/**
Expand All @@ -361,7 +362,7 @@ jobs:
language: go

- name: Upload Crash
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
if: failure() && steps.build.outcome == 'success'
with:
name: artifacts
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/renovate.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:

- name: Get token
id: get-github-app-token
uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1
with:
app-id: ${{ secrets.RENOVATE_GITHUB_APP_ID }}
private-key: ${{ secrets.RENOVATE_GITHUB_APP_PRIVATE_KEY }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scan.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ jobs:

# we log to DockerHub to avoid rate limiting
- name: Login To DockerHub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
if: env.DOCKER_USR != ''
with:
username: ${{ secrets.DOCKER_USR }}
Expand All @@ -117,7 +117,7 @@ jobs:
output: 'trivy-results.sarif'

- name: Upload Artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: trivy-${{ env.escaped_filename }}.sarif
path: trivy-results.sarif
Expand Down
4 changes: 2 additions & 2 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -26,5 +26,5 @@ gitlab/
*.xpkg

# go build output (from go build ./cmd/crank etc)
crank
crossplane
/crank
/crossplane
3 changes: 2 additions & 1 deletion Earthfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

PROJECT upbound/crossplane

ARG --global GO_VERSION=1.22.3
ARG --global GO_VERSION=1.22.8

# reviewable checks that a branch is ready for review. Run it before opening a
# pull request. It will catch a lot of the things our CI workflow will catch.
Expand Down Expand Up @@ -62,7 +62,7 @@
WITH DOCKER --load crossplane-e2e/crossplane:latest=(+image --CROSSPLANE_VERSION=v0.0.0-e2e)
# TODO(negz:) Set GITHUB_ACTIONS=true and use RUN --raw-output when
# https://github.com/earthly/earthly/issues/4143 is fixed.
RUN gotestsum --no-color=false --format testname --junitfile e2e-tests.xml --raw-command go tool test2json -t -p E2E ./e2e -test.v ${FLAGS}

Check failure on line 65 in Earthfile

View workflow job for this annotation

GitHub Actions / e2e-tests (ssa-claims)

Error

The command WITH DOCKER RUN --privileged gotestsum --no-color=false --format testname --junitfile e2e-tests.xml --raw-command go tool test2json -t -p E2E ./e2e -test.v ${FLAGS} did not complete successfully. Exit code 1

Check failure on line 65 in Earthfile

View workflow job for this annotation

GitHub Actions / e2e-tests (package-signature-verification)

Error

The command WITH DOCKER RUN --privileged gotestsum --no-color=false --format testname --junitfile e2e-tests.xml --raw-command go tool test2json -t -p E2E ./e2e -test.v ${FLAGS} did not complete successfully. Exit code 1
END
FINALLY
SAVE ARTIFACT --if-exists e2e-tests.xml AS LOCAL _output/tests/e2e-tests.xml
Expand Down Expand Up @@ -141,6 +141,7 @@
&& mv /tmp/patched.yaml cluster/crds/pkg.crossplane.io_deploymentruntimeconfigs.yaml
SAVE ARTIFACT apis/ AS LOCAL apis
SAVE ARTIFACT cluster/crds AS LOCAL cluster/crds
SAVE ARTIFACT cluster/meta AS LOCAL cluster/meta

# go-build builds Crossplane binaries for your native OS and architecture.
go-build:
Expand Down
Loading
Loading