Merge pull request #923 from fluxcd/release-v0.30.0

Release v0.30.0
fluxcd · Sep 29, 2022 · f4de0a4 · f4de0a4
2 parents 0598bee + 7349c6e
commit f4de0a4
Show file tree

Hide file tree

Showing 3 changed files with 56 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,60 @@
 
 All notable changes to this project are documented in this file.
 
+## 0.30.0
+
+**Release date:** 2022-09-29
+
+This prerelease adds support for Cosign verification in `OCIRepository` source.
+The signatures verification can be configured by setting `OCIRepository.spec.verify` with
+`provider` as `cosign` and a `secretRef` to a secret containing the public key.
+Cosign keyless verification is also supported, please see the
+[OCIRepository API documentation](https://github.com/fluxcd/source-controller/blob/api/v0.30.0/docs/spec/v1beta2/ocirepositories.md#verification)
+for more details.
+
+It also comes with strict validation rules for API fields which define a
+(time) duration. Effectively, this means values without a time unit (e.g. `ms`,
+`s`, `m`, `h`) will now be rejected by the API server. To stimulate sane
+configurations, the units `ns`, `us` and `µs` can no longer be configured, nor
+can `h` be set for fields defining a timeout value.
+
+In addition, the controller dependencies have been updated
+to Kubernetes controller-runtime v0.13.
+
+:warning: **Breaking changes:**
+- `.spec.interval` new validation pattern is `"^([0-9]+(\\.[0-9]+)?(ms|s|m|h))+$"`
+- `.spec.timeout` new validation pattern is `"^([0-9]+(\\.[0-9]+)?(ms|s|m))+$"`
+
+Improvements:
+- api: add custom validation for v1.Duration types
+  [#903](https://github.com/fluxcd/source-controller/pull/903)
+- [RFC-0003] Implement OCIRepository verification using Cosign
+  [#876](https://github.com/fluxcd/source-controller/pull/876)
+- Consider bipolarity conditions in Ready condition summarization
+  [#907](https://github.com/fluxcd/source-controller/pull/907)
+- Update Bucket related SDK dependencies
+  [#911](https://github.com/fluxcd/source-controller/pull/911)
+- Add custom CA certificates to system certificates
+  [#904](https://github.com/fluxcd/source-controller/pull/904)
+- [OCIRepository] Optimise OCI artifacts reconciliation
+  [#913](https://github.com/fluxcd/source-controller/pull/913)
+- Update dependencies
+  [#919](https://github.com/fluxcd/source-controller/pull/919)
+- Build with Go 1.19
+  [#920](https://github.com/fluxcd/source-controller/pull/920)
+- Bump libgit2 image and disable cosign verification for CI
+  [#921](https://github.com/fluxcd/source-controller/pull/921)
+- OCIRepositoryReconciler no-op improvements
+  [#917](https://github.com/fluxcd/source-controller/pull/917)
+- Accept a slice of remote.Option for cosign verification
+  [#916](https://github.com/fluxcd/source-controller/pull/916)
+- Update pkg/oci to v0.11.0
+  [#922](https://github.com/fluxcd/source-controller/pull/922)
+
+Fixes:
+- Handle nil OCI authenticator with malformed registry
+  [#897](https://github.com/fluxcd/source-controller/pull/897)
+
 ## 0.29.0
 
 **Release date:** 2022-09-09

diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml
@@ -6,4 +6,4 @@ resources:
 images:
 - name: fluxcd/source-controller
   newName: fluxcd/source-controller
-  newTag: v0.29.0
+  newTag: v0.30.0
diff --git a/go.mod b/go.mod
@@ -43,7 +43,7 @@ require (
 	github.com/fluxcd/pkg/testserver v0.3.0
 	github.com/fluxcd/pkg/untar v0.2.0
 	github.com/fluxcd/pkg/version v0.2.0
-	github.com/fluxcd/source-controller/api v0.29.0
+	github.com/fluxcd/source-controller/api v0.30.0
 	github.com/go-git/go-billy/v5 v5.3.1
 	github.com/go-git/go-git/v5 v5.4.2
 	github.com/go-logr/logr v1.2.3