diff --git a/Makefile b/Makefile
index 831c7c7a..629f5eac 100644
--- a/Makefile
+++ b/Makefile
@@ -142,7 +142,7 @@ manifests: controller-gen ## Generate manifests e.g. CRD, RBAC etc.
cd api; $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role paths="./..." output:crd:artifacts:config="../config/crd/bases"
api-docs: gen-crd-api-reference-docs ## Generate API reference documentation
- $(GEN_CRD_API_REFERENCE_DOCS) -api-dir=./api/v1beta1 -config=./hack/api-docs/config.json -template-dir=./hack/api-docs/template -out-file=./docs/api/v1beta1/image-automation.md
+ $(GEN_CRD_API_REFERENCE_DOCS) -api-dir=./api/v1beta2 -config=./hack/api-docs/config.json -template-dir=./hack/api-docs/template -out-file=./docs/api/v1beta2/image-automation.md
tidy: ## Run go mod tidy
cd api; rm -f go.sum; go mod tidy -compat=1.22
diff --git a/PROJECT b/PROJECT
index 7c9d05bc..b5055d09 100644
--- a/PROJECT
+++ b/PROJECT
@@ -4,4 +4,7 @@ resources:
- group: image
kind: ImageUpdateAutomation
version: v1beta1
+- group: image
+ kind: ImageUpdateAutomation
+ version: v1beta2
version: "2"
diff --git a/api/v1beta1/imageupdateautomation_types.go b/api/v1beta1/imageupdateautomation_types.go
index d926aa90..c60df753 100644
--- a/api/v1beta1/imageupdateautomation_types.go
+++ b/api/v1beta1/imageupdateautomation_types.go
@@ -133,7 +133,6 @@ func SetImageUpdateAutomationReadiness(auto *ImageUpdateAutomation, status metav
apimeta.SetStatusCondition(auto.GetStatusConditions(), newCondition)
}
-//+kubebuilder:storageversion
//+kubebuilder:object:root=true
//+kubebuilder:subresource:status
//+kubebuilder:printcolumn:name="Last run",type=string,JSONPath=`.status.lastAutomationRunTime`
diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
index 5ac505d8..69e18358 100644
--- a/api/v1beta1/zz_generated.deepcopy.go
+++ b/api/v1beta1/zz_generated.deepcopy.go
@@ -1,7 +1,7 @@
//go:build !ignore_autogenerated
/*
-Copyright 2020 The Flux authors
+Copyright 2024 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
diff --git a/api/v1beta2/condition_types.go b/api/v1beta2/condition_types.go
new file mode 100644
index 00000000..910b706f
--- /dev/null
+++ b/api/v1beta2/condition_types.go
@@ -0,0 +1,39 @@
+/*
+Copyright 2024 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+const (
+ // InvalidUpdateStrategyReason represents an invalid image update strategy
+ // configuration.
+ InvalidUpdateStrategyReason string = "InvalidUpdateStrategy"
+
+ // InvalidSourceConfigReason represents an invalid source configuration.
+ InvalidSourceConfigReason string = "InvalidSourceConfiguration"
+
+ // SourceManagerFailedReason represents a failure in the SourceManager which
+ // manages the source.
+ SourceManagerFailedReason string = "SourceManagerFailed"
+
+ // GitOperationFailedReason represents a failure in Git source operation.
+ GitOperationFailedReason string = "GitOperationFailed"
+
+ // UpdateFailedReason represents a failure during source update.
+ UpdateFailedReason string = "UpdateFailed"
+
+ // InvalidPolicySelectorReason represents an invalid policy selector.
+ InvalidPolicySelectorReason string = "InvalidPolicySelector"
+)
diff --git a/internal/controller/imageupdateautomation_controller_test.go b/api/v1beta2/doc.go
similarity index 57%
rename from internal/controller/imageupdateautomation_controller_test.go
rename to api/v1beta2/doc.go
index 2f9ac967..8063cad6 100644
--- a/internal/controller/imageupdateautomation_controller_test.go
+++ b/api/v1beta2/doc.go
@@ -1,5 +1,5 @@
/*
-Copyright 2022 The Flux authors
+Copyright 2024 The Flux authors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -14,22 +14,11 @@ See the License for the specific language governing permissions and
limitations under the License.
*/
-package controller
-
-import (
- "testing"
-
- fuzz "github.com/AdaLogics/go-fuzz-headers"
-)
-
-func Fuzz_templateMsg(f *testing.F) {
- f.Add("template", []byte{})
- f.Add("", []byte{})
-
- f.Fuzz(func(t *testing.T, template string, seed []byte) {
- var values TemplateData
- fuzz.NewConsumer(seed).GenerateStruct(&values)
-
- _, _ = templateMsg(template, &values)
- })
-}
+// Package v1beta2 contains API types for the image API group, version
+// v1beta2. The types here are concerned with automated updates to
+// git, based on metadata from OCI image registries gathered by the
+// image-reflector-controller.
+//
+// +kubebuilder:object:generate=true
+// +groupName=image.toolkit.fluxcd.io
+package v1beta2
diff --git a/api/v1beta2/git.go b/api/v1beta2/git.go
new file mode 100644
index 00000000..060870a0
--- /dev/null
+++ b/api/v1beta2/git.go
@@ -0,0 +1,112 @@
+/*
+Copyright 2024 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+import (
+ "github.com/fluxcd/pkg/apis/meta"
+ sourcev1 "github.com/fluxcd/source-controller/api/v1"
+)
+
+type GitSpec struct {
+ // Checkout gives the parameters for cloning the git repository,
+ // ready to make changes. If not present, the `spec.ref` field from the
+ // referenced `GitRepository` or its default will be used.
+ // +optional
+ Checkout *GitCheckoutSpec `json:"checkout,omitempty"`
+
+ // Commit specifies how to commit to the git repository.
+ // +required
+ Commit CommitSpec `json:"commit"`
+
+ // Push specifies how and where to push commits made by the
+ // automation. If missing, commits are pushed (back) to
+ // `.spec.checkout.branch` or its default.
+ // +optional
+ Push *PushSpec `json:"push,omitempty"`
+}
+
+// HasRefspec returns if the GitSpec has a Refspec.
+func (gs GitSpec) HasRefspec() bool {
+ if gs.Push == nil {
+ return false
+ }
+ return gs.Push.Refspec != ""
+}
+
+type GitCheckoutSpec struct {
+ // Reference gives a branch, tag or commit to clone from the Git
+ // repository.
+ // +required
+ Reference sourcev1.GitRepositoryRef `json:"ref"`
+}
+
+// CommitSpec specifies how to commit changes to the git repository
+type CommitSpec struct {
+ // Author gives the email and optionally the name to use as the
+ // author of commits.
+ // +required
+ Author CommitUser `json:"author"`
+ // SigningKey provides the option to sign commits with a GPG key
+ // +optional
+ SigningKey *SigningKey `json:"signingKey,omitempty"`
+ // MessageTemplate provides a template for the commit message,
+ // into which will be interpolated the details of the change made.
+ // +optional
+ MessageTemplate string `json:"messageTemplate,omitempty"`
+}
+
+type CommitUser struct {
+ // Name gives the name to provide when making a commit.
+ // +optional
+ Name string `json:"name,omitempty"`
+ // Email gives the email to provide when making a commit.
+ // +required
+ Email string `json:"email"`
+}
+
+// SigningKey references a Kubernetes secret that contains a GPG keypair
+type SigningKey struct {
+ // SecretRef holds the name to a secret that contains a 'git.asc' key
+ // corresponding to the ASCII Armored file containing the GPG signing
+ // keypair as the value. It must be in the same namespace as the
+ // ImageUpdateAutomation.
+ // +required
+ SecretRef meta.LocalObjectReference `json:"secretRef,omitempty"`
+}
+
+// PushSpec specifies how and where to push commits.
+type PushSpec struct {
+ // Branch specifies that commits should be pushed to the branch
+ // named. The branch is created using `.spec.checkout.branch` as the
+ // starting point, if it doesn't already exist.
+ // +optional
+ Branch string `json:"branch,omitempty"`
+
+ // Refspec specifies the Git Refspec to use for a push operation.
+ // If both Branch and Refspec are provided, then the commit is pushed
+ // to the branch and also using the specified refspec.
+ // For more details about Git Refspecs, see:
+ // https://git-scm.com/book/en/v2/Git-Internals-The-Refspec
+ // +optional
+ Refspec string `json:"refspec,omitempty"`
+
+ // Options specifies the push options that are sent to the Git
+ // server when performing a push operation. For details, see:
+ // https://git-scm.com/docs/git-push#Documentation/git-push.txt---push-optionltoptiongt
+ // +optional
+ Options map[string]string `json:"options,omitempty"`
+}
diff --git a/api/v1beta2/groupversion_info.go b/api/v1beta2/groupversion_info.go
new file mode 100644
index 00000000..65a281db
--- /dev/null
+++ b/api/v1beta2/groupversion_info.go
@@ -0,0 +1,36 @@
+/*
+Copyright 2024 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package v1beta2 contains API Schema definitions for the image v1beta2 API group
+// +kubebuilder:object:generate=true
+// +groupName=image.toolkit.fluxcd.io
+package v1beta2
+
+import (
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "sigs.k8s.io/controller-runtime/pkg/scheme"
+)
+
+var (
+ // GroupVersion is group version used to register these objects
+ GroupVersion = schema.GroupVersion{Group: "image.toolkit.fluxcd.io", Version: "v1beta2"}
+
+ // SchemeBuilder is used to add go types to the GroupVersionKind scheme
+ SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}
+
+ // AddToScheme adds the types in this group-version to the given scheme.
+ AddToScheme = SchemeBuilder.AddToScheme
+)
diff --git a/api/v1beta2/imageupdateautomation_types.go b/api/v1beta2/imageupdateautomation_types.go
new file mode 100644
index 00000000..e841779d
--- /dev/null
+++ b/api/v1beta2/imageupdateautomation_types.go
@@ -0,0 +1,174 @@
+/*
+Copyright 2024 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+import (
+ "time"
+
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+ "github.com/fluxcd/pkg/apis/meta"
+)
+
+const (
+ ImageUpdateAutomationKind = "ImageUpdateAutomation"
+ ImageUpdateAutomationFinalizer = "finalizers.fluxcd.io"
+)
+
+// ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation
+type ImageUpdateAutomationSpec struct {
+ // SourceRef refers to the resource giving access details
+ // to a git repository.
+ // +required
+ SourceRef CrossNamespaceSourceReference `json:"sourceRef"`
+
+ // GitSpec contains all the git-specific definitions. This is
+ // technically optional, but in practice mandatory until there are
+ // other kinds of source allowed.
+ // +optional
+ GitSpec *GitSpec `json:"git,omitempty"`
+
+ // Interval gives an lower bound for how often the automation
+ // run should be attempted.
+ // +kubebuilder:validation:Type=string
+ // +kubebuilder:validation:Pattern="^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"
+ // +required
+ Interval metav1.Duration `json:"interval"`
+
+ // PolicySelector allows to filter applied policies based on labels.
+ // By default includes all policies in namespace.
+ // +optional
+ PolicySelector *metav1.LabelSelector `json:"policySelector,omitempty"`
+
+ // Update gives the specification for how to update the files in
+ // the repository. This can be left empty, to use the default
+ // value.
+ // +kubebuilder:default={"strategy":"Setters"}
+ Update *UpdateStrategy `json:"update,omitempty"`
+
+ // Suspend tells the controller to not run this automation, until
+ // it is unset (or set to false). Defaults to false.
+ // +optional
+ Suspend bool `json:"suspend,omitempty"`
+}
+
+// UpdateStrategyName is the type for names that go in
+// .update.strategy. NB the value in the const immediately below.
+// +kubebuilder:validation:Enum=Setters
+type UpdateStrategyName string
+
+const (
+ // UpdateStrategySetters is the name of the update strategy that
+ // uses kyaml setters. NB the value in the enum annotation for the
+ // type, above.
+ UpdateStrategySetters UpdateStrategyName = "Setters"
+)
+
+// UpdateStrategy is a union of the various strategies for updating
+// the Git repository. Parameters for each strategy (if any) can be
+// inlined here.
+type UpdateStrategy struct {
+ // Strategy names the strategy to be used.
+ // +required
+ // +kubebuilder:default=Setters
+ Strategy UpdateStrategyName `json:"strategy"`
+
+ // Path to the directory containing the manifests to be updated.
+ // Defaults to 'None', which translates to the root path
+ // of the GitRepositoryRef.
+ // +optional
+ Path string `json:"path,omitempty"`
+}
+
+// ImageUpdateAutomationStatus defines the observed state of ImageUpdateAutomation
+type ImageUpdateAutomationStatus struct {
+ // LastAutomationRunTime records the last time the controller ran
+ // this automation through to completion (even if no updates were
+ // made).
+ // +optional
+ LastAutomationRunTime *metav1.Time `json:"lastAutomationRunTime,omitempty"`
+ // LastPushCommit records the SHA1 of the last commit made by the
+ // controller, for this automation object
+ // +optional
+ LastPushCommit string `json:"lastPushCommit,omitempty"`
+ // LastPushTime records the time of the last pushed change.
+ // +optional
+ LastPushTime *metav1.Time `json:"lastPushTime,omitempty"`
+ // +optional
+ ObservedGeneration int64 `json:"observedGeneration,omitempty"`
+ // +optional
+ Conditions []metav1.Condition `json:"conditions,omitempty"`
+ // ObservedPolicies is the list of observed ImagePolicies that were
+ // considered by the ImageUpdateAutomation update process.
+ // +optional
+ ObservedPolicies ObservedPolicies `json:"observedPolicies,omitempty"`
+ // ObservedPolicies []ObservedPolicy `json:"observedPolicies,omitempty"`
+ // ObservedSourceRevision is the last observed source revision. This can be
+ // used to determine if the source has been updated since last observation.
+ // +optional
+ ObservedSourceRevision string `json:"observedSourceRevision,omitempty"`
+
+ meta.ReconcileRequestStatus `json:",inline"`
+}
+
+// ObservedPolicies is a map of policy name and ImageRef of their latest
+// ImageRef.
+type ObservedPolicies map[string]ImageRef
+
+//+kubebuilder:storageversion
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+//+kubebuilder:printcolumn:name="Last run",type=string,JSONPath=`.status.lastAutomationRunTime`
+
+// ImageUpdateAutomation is the Schema for the imageupdateautomations API
+type ImageUpdateAutomation struct {
+ metav1.TypeMeta `json:",inline"`
+ metav1.ObjectMeta `json:"metadata,omitempty"`
+
+ Spec ImageUpdateAutomationSpec `json:"spec,omitempty"`
+ // +kubebuilder:default={"observedGeneration":-1}
+ Status ImageUpdateAutomationStatus `json:"status,omitempty"`
+}
+
+// GetRequeueAfter returns the duration after which the ImageUpdateAutomation
+// must be reconciled again.
+func (auto ImageUpdateAutomation) GetRequeueAfter() time.Duration {
+ return auto.Spec.Interval.Duration
+}
+
+// GetConditions returns the status conditions of the object.
+func (auto ImageUpdateAutomation) GetConditions() []metav1.Condition {
+ return auto.Status.Conditions
+}
+
+// SetConditions sets the status conditions on the object.
+func (auto *ImageUpdateAutomation) SetConditions(conditions []metav1.Condition) {
+ auto.Status.Conditions = conditions
+}
+
+//+kubebuilder:object:root=true
+
+// ImageUpdateAutomationList contains a list of ImageUpdateAutomation
+type ImageUpdateAutomationList struct {
+ metav1.TypeMeta `json:",inline"`
+ metav1.ListMeta `json:"metadata,omitempty"`
+ Items []ImageUpdateAutomation `json:"items"`
+}
+
+func init() {
+ SchemeBuilder.Register(&ImageUpdateAutomation{}, &ImageUpdateAutomationList{})
+}
diff --git a/api/v1beta2/reference.go b/api/v1beta2/reference.go
new file mode 100644
index 00000000..917189ee
--- /dev/null
+++ b/api/v1beta2/reference.go
@@ -0,0 +1,64 @@
+/*
+Copyright 2024 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta2
+
+import "fmt"
+
+// CrossNamespaceSourceReference contains enough information to let you locate the
+// typed Kubernetes resource object at cluster level.
+type CrossNamespaceSourceReference struct {
+ // API version of the referent.
+ // +optional
+ APIVersion string `json:"apiVersion,omitempty"`
+
+ // Kind of the referent.
+ // +kubebuilder:validation:Enum=GitRepository
+ // +kubebuilder:default=GitRepository
+ // +required
+ Kind string `json:"kind"`
+
+ // Name of the referent.
+ // +required
+ Name string `json:"name"`
+
+ // Namespace of the referent, defaults to the namespace of the Kubernetes resource object that contains the reference.
+ // +optional
+ Namespace string `json:"namespace,omitempty"`
+}
+
+func (s *CrossNamespaceSourceReference) String() string {
+ if s.Namespace != "" {
+ return fmt.Sprintf("%s/%s/%s", s.Kind, s.Namespace, s.Name)
+ }
+ return fmt.Sprintf("%s/%s", s.Kind, s.Name)
+}
+
+// ImageRef represents an image reference.
+type ImageRef struct {
+ // Name is the bare image's name.
+ // +required
+ Name string `json:"name"`
+ // Tag is the image's tag.
+ // +required
+ Tag string `json:"tag"`
+}
+
+// String combines the components of ImageRef to construct a string
+// representation of the image reference.
+func (r ImageRef) String() string {
+ return r.Name + ":" + r.Tag
+}
diff --git a/api/v1beta2/zz_generated.deepcopy.go b/api/v1beta2/zz_generated.deepcopy.go
new file mode 100644
index 00000000..2400f0a6
--- /dev/null
+++ b/api/v1beta2/zz_generated.deepcopy.go
@@ -0,0 +1,337 @@
+//go:build !ignore_autogenerated
+
+/*
+Copyright 2024 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by controller-gen. DO NOT EDIT.
+
+package v1beta2
+
+import (
+ "k8s.io/apimachinery/pkg/apis/meta/v1"
+ runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CommitSpec) DeepCopyInto(out *CommitSpec) {
+ *out = *in
+ out.Author = in.Author
+ if in.SigningKey != nil {
+ in, out := &in.SigningKey, &out.SigningKey
+ *out = new(SigningKey)
+ **out = **in
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CommitSpec.
+func (in *CommitSpec) DeepCopy() *CommitSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(CommitSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CommitUser) DeepCopyInto(out *CommitUser) {
+ *out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CommitUser.
+func (in *CommitUser) DeepCopy() *CommitUser {
+ if in == nil {
+ return nil
+ }
+ out := new(CommitUser)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *CrossNamespaceSourceReference) DeepCopyInto(out *CrossNamespaceSourceReference) {
+ *out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CrossNamespaceSourceReference.
+func (in *CrossNamespaceSourceReference) DeepCopy() *CrossNamespaceSourceReference {
+ if in == nil {
+ return nil
+ }
+ out := new(CrossNamespaceSourceReference)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *GitCheckoutSpec) DeepCopyInto(out *GitCheckoutSpec) {
+ *out = *in
+ out.Reference = in.Reference
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitCheckoutSpec.
+func (in *GitCheckoutSpec) DeepCopy() *GitCheckoutSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(GitCheckoutSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *GitSpec) DeepCopyInto(out *GitSpec) {
+ *out = *in
+ if in.Checkout != nil {
+ in, out := &in.Checkout, &out.Checkout
+ *out = new(GitCheckoutSpec)
+ **out = **in
+ }
+ in.Commit.DeepCopyInto(&out.Commit)
+ if in.Push != nil {
+ in, out := &in.Push, &out.Push
+ *out = new(PushSpec)
+ (*in).DeepCopyInto(*out)
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GitSpec.
+func (in *GitSpec) DeepCopy() *GitSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(GitSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ImageRef) DeepCopyInto(out *ImageRef) {
+ *out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageRef.
+func (in *ImageRef) DeepCopy() *ImageRef {
+ if in == nil {
+ return nil
+ }
+ out := new(ImageRef)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ImageUpdateAutomation) DeepCopyInto(out *ImageUpdateAutomation) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+ in.Spec.DeepCopyInto(&out.Spec)
+ in.Status.DeepCopyInto(&out.Status)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageUpdateAutomation.
+func (in *ImageUpdateAutomation) DeepCopy() *ImageUpdateAutomation {
+ if in == nil {
+ return nil
+ }
+ out := new(ImageUpdateAutomation)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ImageUpdateAutomation) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ImageUpdateAutomationList) DeepCopyInto(out *ImageUpdateAutomationList) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ListMeta.DeepCopyInto(&out.ListMeta)
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]ImageUpdateAutomation, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageUpdateAutomationList.
+func (in *ImageUpdateAutomationList) DeepCopy() *ImageUpdateAutomationList {
+ if in == nil {
+ return nil
+ }
+ out := new(ImageUpdateAutomationList)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ImageUpdateAutomationList) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ImageUpdateAutomationSpec) DeepCopyInto(out *ImageUpdateAutomationSpec) {
+ *out = *in
+ out.SourceRef = in.SourceRef
+ if in.GitSpec != nil {
+ in, out := &in.GitSpec, &out.GitSpec
+ *out = new(GitSpec)
+ (*in).DeepCopyInto(*out)
+ }
+ out.Interval = in.Interval
+ if in.PolicySelector != nil {
+ in, out := &in.PolicySelector, &out.PolicySelector
+ *out = new(v1.LabelSelector)
+ (*in).DeepCopyInto(*out)
+ }
+ if in.Update != nil {
+ in, out := &in.Update, &out.Update
+ *out = new(UpdateStrategy)
+ **out = **in
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageUpdateAutomationSpec.
+func (in *ImageUpdateAutomationSpec) DeepCopy() *ImageUpdateAutomationSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(ImageUpdateAutomationSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ImageUpdateAutomationStatus) DeepCopyInto(out *ImageUpdateAutomationStatus) {
+ *out = *in
+ if in.LastAutomationRunTime != nil {
+ in, out := &in.LastAutomationRunTime, &out.LastAutomationRunTime
+ *out = (*in).DeepCopy()
+ }
+ if in.LastPushTime != nil {
+ in, out := &in.LastPushTime, &out.LastPushTime
+ *out = (*in).DeepCopy()
+ }
+ if in.Conditions != nil {
+ in, out := &in.Conditions, &out.Conditions
+ *out = make([]v1.Condition, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ if in.ObservedPolicies != nil {
+ in, out := &in.ObservedPolicies, &out.ObservedPolicies
+ *out = make(ObservedPolicies, len(*in))
+ for key, val := range *in {
+ (*out)[key] = val
+ }
+ }
+ out.ReconcileRequestStatus = in.ReconcileRequestStatus
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ImageUpdateAutomationStatus.
+func (in *ImageUpdateAutomationStatus) DeepCopy() *ImageUpdateAutomationStatus {
+ if in == nil {
+ return nil
+ }
+ out := new(ImageUpdateAutomationStatus)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in ObservedPolicies) DeepCopyInto(out *ObservedPolicies) {
+ {
+ in := &in
+ *out = make(ObservedPolicies, len(*in))
+ for key, val := range *in {
+ (*out)[key] = val
+ }
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ObservedPolicies.
+func (in ObservedPolicies) DeepCopy() ObservedPolicies {
+ if in == nil {
+ return nil
+ }
+ out := new(ObservedPolicies)
+ in.DeepCopyInto(out)
+ return *out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PushSpec) DeepCopyInto(out *PushSpec) {
+ *out = *in
+ if in.Options != nil {
+ in, out := &in.Options, &out.Options
+ *out = make(map[string]string, len(*in))
+ for key, val := range *in {
+ (*out)[key] = val
+ }
+ }
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PushSpec.
+func (in *PushSpec) DeepCopy() *PushSpec {
+ if in == nil {
+ return nil
+ }
+ out := new(PushSpec)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SigningKey) DeepCopyInto(out *SigningKey) {
+ *out = *in
+ out.SecretRef = in.SecretRef
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SigningKey.
+func (in *SigningKey) DeepCopy() *SigningKey {
+ if in == nil {
+ return nil
+ }
+ out := new(SigningKey)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *UpdateStrategy) DeepCopyInto(out *UpdateStrategy) {
+ *out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UpdateStrategy.
+func (in *UpdateStrategy) DeepCopy() *UpdateStrategy {
+ if in == nil {
+ return nil
+ }
+ out := new(UpdateStrategy)
+ in.DeepCopyInto(out)
+ return out
+}
diff --git a/config/crd/bases/image.toolkit.fluxcd.io_imageupdateautomations.yaml b/config/crd/bases/image.toolkit.fluxcd.io_imageupdateautomations.yaml
index ae76917d..d6e7c8ad 100644
--- a/config/crd/bases/image.toolkit.fluxcd.io_imageupdateautomations.yaml
+++ b/config/crd/bases/image.toolkit.fluxcd.io_imageupdateautomations.yaml
@@ -335,6 +335,400 @@ spec:
type: object
type: object
served: true
+ storage: false
+ subresources:
+ status: {}
+ - additionalPrinterColumns:
+ - jsonPath: .status.lastAutomationRunTime
+ name: Last run
+ type: string
+ name: v1beta2
+ schema:
+ openAPIV3Schema:
+ description: ImageUpdateAutomation is the Schema for the imageupdateautomations
+ API
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation
+ properties:
+ git:
+ description: |-
+ GitSpec contains all the git-specific definitions. This is
+ technically optional, but in practice mandatory until there are
+ other kinds of source allowed.
+ properties:
+ checkout:
+ description: |-
+ Checkout gives the parameters for cloning the git repository,
+ ready to make changes. If not present, the `spec.ref` field from the
+ referenced `GitRepository` or its default will be used.
+ properties:
+ ref:
+ description: |-
+ Reference gives a branch, tag or commit to clone from the Git
+ repository.
+ properties:
+ branch:
+ description: Branch to check out, defaults to 'master'
+ if no other field is defined.
+ type: string
+ commit:
+ description: |-
+ Commit SHA to check out, takes precedence over all reference fields.
+
+
+ This can be combined with Branch to shallow clone the branch, in which
+ the commit is expected to exist.
+ type: string
+ name:
+ description: |-
+ Name of the reference to check out; takes precedence over Branch, Tag and SemVer.
+
+
+ It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
+ Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head"
+ type: string
+ semver:
+ description: SemVer tag expression to check out, takes
+ precedence over Tag.
+ type: string
+ tag:
+ description: Tag to check out, takes precedence over Branch.
+ type: string
+ type: object
+ required:
+ - ref
+ type: object
+ commit:
+ description: Commit specifies how to commit to the git repository.
+ properties:
+ author:
+ description: |-
+ Author gives the email and optionally the name to use as the
+ author of commits.
+ properties:
+ email:
+ description: Email gives the email to provide when making
+ a commit.
+ type: string
+ name:
+ description: Name gives the name to provide when making
+ a commit.
+ type: string
+ required:
+ - email
+ type: object
+ messageTemplate:
+ description: |-
+ MessageTemplate provides a template for the commit message,
+ into which will be interpolated the details of the change made.
+ type: string
+ signingKey:
+ description: SigningKey provides the option to sign commits
+ with a GPG key
+ properties:
+ secretRef:
+ description: |-
+ SecretRef holds the name to a secret that contains a 'git.asc' key
+ corresponding to the ASCII Armored file containing the GPG signing
+ keypair as the value. It must be in the same namespace as the
+ ImageUpdateAutomation.
+ properties:
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - name
+ type: object
+ type: object
+ required:
+ - author
+ type: object
+ push:
+ description: |-
+ Push specifies how and where to push commits made by the
+ automation. If missing, commits are pushed (back) to
+ `.spec.checkout.branch` or its default.
+ properties:
+ branch:
+ description: |-
+ Branch specifies that commits should be pushed to the branch
+ named. The branch is created using `.spec.checkout.branch` as the
+ starting point, if it doesn't already exist.
+ type: string
+ options:
+ additionalProperties:
+ type: string
+ description: |-
+ Options specifies the push options that are sent to the Git
+ server when performing a push operation. For details, see:
+ https://git-scm.com/docs/git-push#Documentation/git-push.txt---push-optionltoptiongt
+ type: object
+ refspec:
+ description: |-
+ Refspec specifies the Git Refspec to use for a push operation.
+ If both Branch and Refspec are provided, then the commit is pushed
+ to the branch and also using the specified refspec.
+ For more details about Git Refspecs, see:
+ https://git-scm.com/book/en/v2/Git-Internals-The-Refspec
+ type: string
+ type: object
+ required:
+ - commit
+ type: object
+ interval:
+ description: |-
+ Interval gives an lower bound for how often the automation
+ run should be attempted.
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
+ type: string
+ policySelector:
+ description: |-
+ PolicySelector allows to filter applied policies based on labels.
+ By default includes all policies in namespace.
+ properties:
+ matchExpressions:
+ description: matchExpressions is a list of label selector requirements.
+ The requirements are ANDed.
+ items:
+ description: |-
+ A label selector requirement is a selector that contains values, a key, and an operator that
+ relates the key and values.
+ properties:
+ key:
+ description: key is the label key that the selector applies
+ to.
+ type: string
+ operator:
+ description: |-
+ operator represents a key's relationship to a set of values.
+ Valid operators are In, NotIn, Exists and DoesNotExist.
+ type: string
+ values:
+ description: |-
+ values is an array of string values. If the operator is In or NotIn,
+ the values array must be non-empty. If the operator is Exists or DoesNotExist,
+ the values array must be empty. This array is replaced during a strategic
+ merge patch.
+ items:
+ type: string
+ type: array
+ required:
+ - key
+ - operator
+ type: object
+ type: array
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: |-
+ matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+ map is equivalent to an element of matchExpressions, whose key field is "key", the
+ operator is "In", and the values array contains only "value". The requirements are ANDed.
+ type: object
+ type: object
+ x-kubernetes-map-type: atomic
+ sourceRef:
+ description: |-
+ SourceRef refers to the resource giving access details
+ to a git repository.
+ properties:
+ apiVersion:
+ description: API version of the referent.
+ type: string
+ kind:
+ default: GitRepository
+ description: Kind of the referent.
+ enum:
+ - GitRepository
+ type: string
+ name:
+ description: Name of the referent.
+ type: string
+ namespace:
+ description: Namespace of the referent, defaults to the namespace
+ of the Kubernetes resource object that contains the reference.
+ type: string
+ required:
+ - kind
+ - name
+ type: object
+ suspend:
+ description: |-
+ Suspend tells the controller to not run this automation, until
+ it is unset (or set to false). Defaults to false.
+ type: boolean
+ update:
+ default:
+ strategy: Setters
+ description: |-
+ Update gives the specification for how to update the files in
+ the repository. This can be left empty, to use the default
+ value.
+ properties:
+ path:
+ description: |-
+ Path to the directory containing the manifests to be updated.
+ Defaults to 'None', which translates to the root path
+ of the GitRepositoryRef.
+ type: string
+ strategy:
+ default: Setters
+ description: Strategy names the strategy to be used.
+ enum:
+ - Setters
+ type: string
+ required:
+ - strategy
+ type: object
+ required:
+ - interval
+ - sourceRef
+ type: object
+ status:
+ default:
+ observedGeneration: -1
+ description: ImageUpdateAutomationStatus defines the observed state of
+ ImageUpdateAutomation
+ properties:
+ conditions:
+ items:
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource.\n---\nThis struct is intended for
+ direct use as an array at the field path .status.conditions. For
+ example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
+ observations of a foo's current state.\n\t // Known .status.conditions.type
+ are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
+ +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
+ \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
+ patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
+ \ // other fields\n\t}"
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: |-
+ type of condition in CamelCase or in foo.example.com/CamelCase.
+ ---
+ Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
+ useful (see .node.status.conditions), the ability to deconflict is important.
+ The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ lastAutomationRunTime:
+ description: |-
+ LastAutomationRunTime records the last time the controller ran
+ this automation through to completion (even if no updates were
+ made).
+ format: date-time
+ type: string
+ lastHandledReconcileAt:
+ description: |-
+ LastHandledReconcileAt holds the value of the most recent
+ reconcile request value, so a change of the annotation value
+ can be detected.
+ type: string
+ lastPushCommit:
+ description: |-
+ LastPushCommit records the SHA1 of the last commit made by the
+ controller, for this automation object
+ type: string
+ lastPushTime:
+ description: LastPushTime records the time of the last pushed change.
+ format: date-time
+ type: string
+ observedGeneration:
+ format: int64
+ type: integer
+ observedPolicies:
+ additionalProperties:
+ description: ImageRef represents an image reference.
+ properties:
+ name:
+ description: Name is the bare image's name.
+ type: string
+ tag:
+ description: Tag is the image's tag.
+ type: string
+ required:
+ - name
+ - tag
+ type: object
+ description: |-
+ ObservedPolicies is the list of observed ImagePolicies that were
+ considered by the ImageUpdateAutomation update process.
+ type: object
+ observedSourceRevision:
+ description: |-
+ ObservedPolicies []ObservedPolicy `json:"observedPolicies,omitempty"`
+ ObservedSourceRevision is the last observed source revision. This can be
+ used to determine if the source has been updated since last observation.
+ type: string
+ type: object
+ type: object
+ served: true
storage: true
subresources:
status: {}
diff --git a/config/samples/image_v1beta2_imageupdateautomation.yaml b/config/samples/image_v1beta2_imageupdateautomation.yaml
new file mode 100644
index 00000000..d99bb4f3
--- /dev/null
+++ b/config/samples/image_v1beta2_imageupdateautomation.yaml
@@ -0,0 +1,29 @@
+apiVersion: image.toolkit.fluxcd.io/v1beta2
+kind: ImageUpdateAutomation
+metadata:
+ name: imageupdateautomation-sample
+spec:
+ interval: 5m
+ sourceRef:
+ kind: GitRepository # the only valid value, but good practice to be explicit here
+ name: sample-repo
+ git:
+ checkout:
+ ref:
+ branch: main
+ commit:
+ author:
+ name: fluxbot
+ email: fluxbot@example.com
+ messageTemplate: |
+ An automated update from FluxBot
+
+ [ci skip]
+ signingKey:
+ secretRef:
+ name: git-pgp
+ push:
+ branch: auto
+ update:
+ strategy: Setters
+ path: ./cluster/sample
diff --git a/docs/api/v1beta2/image-automation.md b/docs/api/v1beta2/image-automation.md
new file mode 100644
index 00000000..107ebb96
--- /dev/null
+++ b/docs/api/v1beta2/image-automation.md
@@ -0,0 +1,882 @@
+Image update automation API reference v1beta2
+Packages:
+
+
+Package v1beta2 contains API types for the image API group, version
+v1beta2. The types here are concerned with automated updates to
+git, based on metadata from OCI image registries gathered by the
+image-reflector-controller.
+Resource Types:
+
+
+
+(Appears on:
+GitSpec)
+
+CommitSpec specifies how to commit changes to the git repository
+
+
+
+(Appears on:
+CommitSpec)
+
+
+
+
+(Appears on:
+ImageUpdateAutomationSpec)
+
+CrossNamespaceSourceReference contains enough information to let you locate the
+typed Kubernetes resource object at cluster level.
+
+
+
+(Appears on:
+GitSpec)
+
+
+
+
+(Appears on:
+ImageUpdateAutomationSpec)
+
+
+
+ImageRef represents an image reference.
+
+
+ImageUpdateAutomation is the Schema for the imageupdateautomations API
+
+
+
+(Appears on:
+ImageUpdateAutomation)
+
+ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation
+
+
+
+(Appears on:
+ImageUpdateAutomation)
+
+ImageUpdateAutomationStatus defines the observed state of ImageUpdateAutomation
+
+
+
+(Appears on:
+ImageUpdateAutomationStatus)
+
+ObservedPolicies is a map of policy name and ImageRef of their latest
+ImageRef.
+
+
+(Appears on:
+GitSpec)
+
+PushSpec specifies how and where to push commits.
+
+
+
+(Appears on:
+CommitSpec)
+
+SigningKey references a Kubernetes secret that contains a GPG keypair
+
+
+
+(Appears on:
+ImageUpdateAutomationSpec)
+
+UpdateStrategy is a union of the various strategies for updating
+the Git repository. Parameters for each strategy (if any) can be
+inlined here.
+
+
+
+(Appears on:
+UpdateStrategy)
+
+UpdateStrategyName is the type for names that go in
+.update.strategy. NB the value in the const immediately below.
+
+
This page was automatically generated with gen-crd-api-reference-docs
+