Skip to content

Test build w/push to Cachix. #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
negz merged 137 commits into from
Jan 31, 2026
Merged

Test build w/push to Cachix. #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
137 commits
Select commit Hold shift + click to select a range
4bf5101
create `getResourceTree` function
twobiers Jun 17, 2025
d0f3d5b
Add ListResources function
twobiers Jun 17, 2025
c6b4111
Allow omitting the name of a resource
twobiers Jun 17, 2025
f0614e9
Define print list API for printer
twobiers Jun 17, 2025
6d1eb4a
Use a reference for list
twobiers Jun 17, 2025
e5f19cc
Implement PrintList for printers
twobiers Jun 17, 2025
ef88c2d
Fix dot implementation to print queue instead of single resource
twobiers Jun 17, 2025
c8c1065
Add tests for printer
twobiers Jun 17, 2025
393b712
Conditionally print list of resources in trace command
twobiers Jun 17, 2025
5c1d939
Introduce a variable for conditional printing list
twobiers Jun 17, 2025
acae942
Add an example to the help
twobiers Jun 17, 2025
87bc3e8
Access elements using index
twobiers Jun 17, 2025
3634cb5
Use passed context for listing resources
twobiers Jun 17, 2025
f8999a4
Change tabwriter to direct depedency
twobiers Jun 17, 2025
41c0943
Check error response from `printResourceTree`
twobiers Jun 17, 2025
f5bd521
Ignore stuttering rule for `ResourceList`
twobiers Jun 17, 2025
c560ff2
Format code
twobiers Jun 17, 2025
f321dee
Merge remote-tracking branch 'origin/main' into crank-trace-multiple
twobiers Sep 16, 2025
717309a
Check for slice len
twobiers Sep 16, 2025
8dc5900
Merge fixes
twobiers Sep 16, 2025
31c2bb1
Add namespace support to list
twobiers Sep 16, 2025
28f10fe
Assign tree to resourcelist
twobiers Sep 16, 2025
370449a
feat(helm): explicitly set automountServiceAccountToken on service ac…
bradyz7 Oct 29, 2025
73800fa
Merge remote-tracking branch 'origin/main' into crank-trace-multiple
twobiers Oct 29, 2025
ec31854
Add nil check
twobiers Oct 29, 2025
535de21
rename `root` to `roots` in `PrintList` parameters
twobiers Oct 29, 2025
334a9b8
return error when resource list is empty in PrintList
twobiers Oct 29, 2025
453cd2e
tidy go mod
twobiers Oct 30, 2025
564046c
add an option to prevent caching of resources in other namespaces
frigaut-orange Aug 19, 2025
a4d3823
restrict cache for claims and XRs
frigaut-orange Nov 28, 2025
7788efe
added extra test for error
intojhanurag Nov 28, 2025
452548c
Add nil checks for roots and roots.Items in PrintList
twobiers Dec 3, 2025
db69ea8
Use tabwriter from standard library
twobiers Dec 3, 2025
4c05b5b
coderabbit suggestions
intojhanurag Jan 6, 2026
140f02a
linting issue
intojhanurag Jan 8, 2026
91d8c92
chore: Remove ESS related helm values, env variabels, docs
ezgidemirel Jan 8, 2026
679495b
fix linter
ezgidemirel Jan 8, 2026
009c6ef
Merge pull request #7001 from ezgidemirel/remove-ess-helm-value
phisco Jan 9, 2026
3fa68d8
Merge pull request #6944 from intojhanurag/fix/top-table-writer-error
phisco Jan 9, 2026
91db4e3
Add sidecar container support to Crossplane Helm chart
phisco Jan 12, 2026
2b5d718
fix typo
twobiers Jan 13, 2026
37cef13
Merge pull request #6552 from twobiers/crank-trace-multiple
phisco Jan 13, 2026
6cc2164
Add package client abstraction with caching
negz Oct 23, 2025
541dd3e
Track applied ImageConfigs in xpkg.Client
negz Nov 6, 2025
fd8a76b
Add DigestHex method to strip algorithm prefix from package digests
negz Nov 6, 2025
8b49b31
Add Version field to xpkg.Package
negz Nov 6, 2025
efa040a
Rename xpkg.NewClient to NewCachedClient
negz Dec 16, 2025
5d35f51
Use only xpkg.Client in resolver controller
negz Dec 16, 2025
a49fa2f
Migrate manager controller to use xpkg.Client
negz Dec 16, 2025
99aae57
Use xpkg.Client in revision controller
negz Dec 18, 2025
f82eeab
Add ResolvedVersion to xpkg.Package
negz Dec 18, 2025
22836cf
Remove unused Cache and FetcherOptions from pkg controller options
negz Dec 19, 2025
f29b811
Move signature verification check after package fetch
negz Dec 19, 2025
dc93058
Add maxPackageSize limit to xpkg.Client
negz Dec 19, 2025
151e3d6
Differentiate resolved package reference parse error
negz Jan 10, 2026
acf0988
Define the static set of ImageConfigs the client supports
negz Jan 10, 2026
31fe571
Better error handling in xpkg Client
negz Jan 10, 2026
1fa0b0d
Move signature validation to internal/xpkg/signature
negz Jan 12, 2026
34548d5
Move signature validation into xpkg.Client
negz Jan 13, 2026
33f743c
Handle ImageConfig lookup failures distinctly from no return values
negz Jan 13, 2026
e5028d1
Get pull secrets for resolved ref, not original
negz Jan 13, 2026
f99378d
Merge pull request #6981 from negz/clientele
negz Jan 13, 2026
79d7c1a
Bump golangci-lint to v2.6.2
negz Jan 13, 2026
24f592b
Run golangci-lint --fix (v2.6.2)
negz Jan 6, 2026
25e3be8
Manually fix remaining linter issues
negz Jan 8, 2026
6ac1b09
pkg: Move DAG logic out of the apis package
adamwg Dec 17, 2025
b333515
usage: Move usage interface implementations into internal
adamwg Dec 18, 2025
3b59a7c
Merge pull request #7009 from negz/full-pockets
negz Jan 13, 2026
cdab813
Merge pull request #7002 from adamwg/awg/apis-deps
phisco Jan 14, 2026
d8b61a2
Merge pull request #7007 from phisco/you-get-a-sidecar
phisco Jan 16, 2026
d65e56e
Merge pull request #6873 from appian/automountServiceAccountToken
jbw976 Jan 16, 2026
382ecf6
chore: add adamwg as maintainer, move turkenh to emeritus
jbw976 Jan 17, 2026
7c4df5a
cosign v3 support
jonasz-lasut Dec 22, 2025
5e132a0
Update e2e-private-provider-signed-keyless image to e2e-private-provi…
jonasz-lasut Jan 17, 2026
f33dde1
Merge pull request #7027 from jbw976/owners
jbw976 Jan 17, 2026
f601929
docs: fix typo in proto comment
NAM-MAN Jan 17, 2026
dab9bb6
Merge pull request #7028 from NAM-MAN/fix-typos
jbw976 Jan 18, 2026
bcceb67
Pipeline inspector hook one-pager
phisco Jan 16, 2026
5c370a8
add reference to kubecon talk
phisco Jan 18, 2026
6acc763
review
phisco Jan 18, 2026
39d74c8
refinements from POC
phisco Jan 19, 2026
cd054bb
E2E test for artifact signed with Cosign V3
jonasz-lasut Jan 19, 2026
bf2bc3a
e2e: Add an e2e test for transitive dependency conflicts
adamwg Jan 20, 2026
4219a61
pkg: Ignore outdated dependencies in the lock when upgrades are enabled
adamwg Jan 16, 2026
d69369c
reviews
phisco Jan 21, 2026
a7a9a6f
feat: add defaultCompositionRevisionSelector for v1 and v2 APIs
markussiebert Jan 21, 2026
ca1dc82
test: add unit tests for defaultCompositionRevisionSelector
markussiebert Jan 21, 2026
c5cb65d
chore: add .kiro to .gitignore
markussiebert Jan 21, 2026
55c3644
fix: return selection error instead of status update error
markussiebert Jan 21, 2026
33c625a
fix: address code review nitpicks
markussiebert Jan 21, 2026
3337de2
docs: clarify propagation behavior in comment
markussiebert Jan 21, 2026
688d51d
Align with upstream proto definition in crossplane/crossplane-runtime
phisco Jan 22, 2026
cb59913
Merge pull request #7025 from phisco/one-pager-sidecar-inspector-upst…
phisco Jan 22, 2026
1f3b42f
chore(deps): update module github.com/go-chi/chi/v5 to v5.2.4 [security]
crossplane-renovate[bot] Jan 23, 2026
692afae
fix: propagate CompositionRevisionSelector in syncer_csa.go
markussiebert Jan 27, 2026
a01864b
docs: clarify propagation behavior in syncer_csa.go comment
markussiebert Jan 27, 2026
1a3b827
docs(links): update links in crds
haarchri Jan 27, 2026
cae0dd8
Merge pull request #7033 from crossplane/renovate/main-go-github.com-…
negz Jan 27, 2026
c0a8d21
Merge pull request #6985 from jonasz-lasut/cosign-v3
negz Jan 27, 2026
a147bf0
refactor: set default CompositionRevisionSelector in NewReconciler
markussiebert Jan 28, 2026
8a0ad22
pkg: Fix handling of no-op package upgrades
adamwg Jan 20, 2026
8eeb3cf
e2e: Move transitive dependency test packages to xpkg.crossplane.io
adamwg Jan 26, 2026
8b18e39
Merge pull request #7030 from adamwg/awg/deadlock
adamwg Jan 28, 2026
63bb14e
Merge pull request #6732 from orange-cloudfoundry/restricted-cache-op…
jbw976 Jan 28, 2026
0f3384f
Merge pull request #7032 from markussiebert/feat/v2-default-compositi…
jbw976 Jan 29, 2026
90b5374
docs(links): update links in crds
haarchri Jan 29, 2026
1864c01
Merge pull request #7045 from haarchri/docs/concept-links-crds
jbw976 Jan 29, 2026
4763cd7
Add design one-pager for replacing Earthly with Nix
negz Jan 23, 2026
5690389
Add Nix flake for building Crossplane
negz Jan 23, 2026
d3ae872
Add nix.sh wrapper to run Nix via Docker
negz Jan 23, 2026
d6fb0b2
Replace Earthly with Nix in CI workflows
negz Jan 23, 2026
3bd69c2
Update Renovate config to use Nix on main branch
negz Jan 23, 2026
274fc43
Remove Earthly and legacy build tooling
negz Jan 23, 2026
bc5a408
Update documentation for Nix workflow
negz Jan 23, 2026
c117f99
Have ./nix.sh share the host's cgroups namespace
negz Jan 23, 2026
993f716
Build OCI image with pure Nix instead of distroless base
negz Jan 23, 2026
259a206
Add helm-docs to Nix code generation
negz Jan 23, 2026
f7ff22d
Add hack app for local Crossplane development
negz Jan 23, 2026
4db3607
Improve nix.sh develop shell experience
negz Jan 23, 2026
1199cdc
Add CodeQL security scanning to Nix-based CI
negz Jan 23, 2026
fda3d86
Add Codecov and BuildPulse integrations to CI
negz Jan 23, 2026
4793f29
Push images to DockerHub, GHCR, and Upbound from CI
negz Jan 26, 2026
c767d9a
Add S3 and image promotion apps to Nix build
negz Jan 26, 2026
ca13da3
Split flake.nix into focused modules for maintainability
negz Jan 26, 2026
83f4fa8
Add Nix linting to nix flake check
negz Jan 27, 2026
356a0f2
Fix Nix style issues found by statix and nixfmt
negz Jan 27, 2026
a57a60a
Refactor Renovate config to support both Nix and Earthly
negz Jan 27, 2026
b2a474c
Run sandboxed builds in nix.sh
negz Jan 27, 2026
8a75aff
Add note that imageArgs is backward compatible with distroless
negz Jan 27, 2026
dae50ab
Drop explicit bash history setup
negz Jan 27, 2026
9bbe2e0
Fix broken link in Nix design doc
negz Jan 27, 2026
375fc13
Drop into dev shell after hack cluster setup via nix.sh
negz Jan 27, 2026
0b20b45
Isolate Nix app scripts from system PATH
negz Jan 30, 2026
e8290b7
Remove duplicate helm-docs entry
negz Jan 30, 2026
40e98de
Use ./nix.sh, not nix, in PR template
negz Jan 30, 2026
56ddb95
Link to Nix one pager from contrib README
negz Jan 30, 2026
669bdd2
Mark Nix build one pager approved
negz Jan 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 1 addition & 2 deletions .coderabbit.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ reviews:
- "**/*.md"
- "**/*.proto"
- "**/Dockerfile*"
- "**/Earthfile"
- "**/flake.nix"
- "**/*.sh"

# Exclude generated and vendor files
Expand All @@ -71,7 +71,6 @@ reviews:
- "!**/testdata/**"
- "!**/dist/**"
- "!**/build/**"
- "!**/.tmp-earthly-out/**"

# Path-specific instructions for different areas of the codebase
path_instructions:
Expand Down
4 changes: 2 additions & 2 deletions .github/PULL_REQUEST_TEMPLATE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Fixes #
I have: <!--You MUST either [x] check or [ ] ~strike through~ every item.-->

- [ ] Read and followed Crossplane's [contribution process].
- [ ] Run `earthly +reviewable` to ensure this PR is ready for review.
- [ ] Run `./nix.sh flake check` to ensure this PR is ready for review.
- [ ] Added or updated unit tests.
- [ ] Added or updated e2e tests.
- [ ] Linked a PR or a [docs tracking issue] to [document this change].
Expand All @@ -32,4 +32,4 @@ Need help with this checklist? See the [cheat sheet].
[docs tracking issue]: https://github.com/crossplane/docs/issues/new
[document this change]: https://docs.crossplane.io/contribute/contribute
[cheat sheet]: https://github.com/crossplane/crossplane/tree/main/contributing#checklist-cheat-sheet
[API promotion workflow]: https://github.com/crossplane/crossplane/blob/main/contributing/guide-api-promotion.md
[API promotion workflow]: https://github.com/crossplane/crossplane/blob/main/contributing/guide-api-promotion.md
140 changes: 140 additions & 0 deletions .github/renovate-base.json5
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,140 @@
{
$schema: 'https://docs.renovatebot.com/renovate-schema.json',
extends: [
'config:recommended',
'helpers:pinGitHubActionDigests',
':semanticCommits',
],
// We only want renovate to rebase PRs when they have conflicts, default
// "auto" mode is not required.
rebaseWhen: 'conflicted',
// The maximum number of PRs to be created in parallel
prConcurrentLimit: 5,
// The branches renovate should target
// PLEASE UPDATE THIS WHEN RELEASING.
baseBranches: [
'main',
'release-1.20',
'release-2.0',
'release-2.1',
],
ignorePaths: [
'design/**',
// We test upgrades, so leave it on an older version on purpose.
"test/e2e/manifests/pkg/provider/provider-initial.yaml",
// We test dependencies' upgrades, manifests must remain unchanged to avoid breaking tests.
"test/e2e/manifests/pkg/dependency-upgrade/**",
// We test packages signature verifications also on upgrades, manifests must remain unchanged to avoid breaking tests.
"test/e2e/manifests/pkg/image-config/signature-verification/**"
],
postUpdateOptions: [
'gomodTidy',
],
// All PRs should have a label
labels: [
'automated',
],
crossplane: {
fileMatch: [
'(^|/)test/e2e/.*\\.ya?ml$',
],
},
// PackageRules disabled below should be enabled in case of vulnerabilities
vulnerabilityAlerts: {
enabled: true,
},
osvVulnerabilityAlerts: true,
// Renovate evaluates all packageRules in order, so low priority rules should
// be at the beginning, high priority at the end
packageRules: [
{
matchManagers: [
'crossplane',
],
matchFileNames: [
'test/e2e/**',
],
groupName: 'e2e-manifests',
},
{
description: 'Ignore non-security related updates to release branches',
matchBaseBranches: [
'/^release-.*/',
],
enabled: false,
},
{
description: 'Still update Docker images on release branches though',
matchDatasources: [
'docker',
],
matchBaseBranches: [
'/^release-.*/',
],
enabled: true,
},
{
description: 'Only get Docker image updates every 2 weeks to reduce noise',
matchDatasources: [
'docker',
],
schedule: [
'every 2 week on monday',
],
enabled: true,
},
{
description: 'Ignore k8s.io/client-go older versions, they switched to semantic version and old tags are still available in the repo',
matchDatasources: [
'go',
],
matchDepNames: [
'k8s.io/client-go',
],
allowedVersions: '<1.0',
},
{
description: 'Ignore k8s dependencies, should be updated on crossplane-runtime',
matchDatasources: [
'go',
],
enabled: false,
matchPackageNames: [
'k8s.io{/,}**',
'sigs.k8s.io{/,}**',
],
},
{
description: 'Only get dependency digest updates every month to reduce noise, except crossplane-runtime',
matchDatasources: [
'go',
],
matchUpdateTypes: [
'digest',
],
extends: [
'schedule:monthly',
],
matchPackageNames: [
'!github.com/crossplane/crossplane-runtime/v2',
],
},
{
description: "Ignore oss-fuzz, it's not using tags, we'll stick to master",
matchDepTypes: [
'action',
],
matchDepNames: [
'google/oss-fuzz',
],
enabled: false,
},
{
description: 'Group all go version updates',
matchDatasources: [
'golang-version',
],
groupName: 'golang version',
},
],
}
164 changes: 164 additions & 0 deletions .github/renovate-earthly.json5
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,164 @@
{
// Earthly-specific configuration for release branches.
// Main branch uses Nix - see renovate-nix.json5.
customManagers: [
{
customType: 'regex',
description: 'Bump Earthly version in GitHub workflows',
fileMatch: [
'^\\.github\\/workflows\\/[^/]+\\.ya?ml$',
],
matchStrings: [
"EARTHLY_VERSION: '(?<currentValue>.*?)'\\n",
],
datasourceTemplate: 'github-releases',
depNameTemplate: 'earthly/earthly',
extractVersionTemplate: '^v(?<version>.*)$',
},
{
customType: 'regex',
description: 'Bump Go version in Earthfile',
fileMatch: [
'^Earthfile$',
],
matchStrings: [
'ARG --global GO_VERSION=(?<currentValue>.*?)\\n',
],
datasourceTemplate: 'golang-version',
depNameTemplate: 'golang',
},
{
customType: 'regex',
description: 'Bump golangci-lint version in the Earthfile',
fileMatch: [
'^Earthfile$',
],
matchStrings: [
'ARG GOLANGCI_LINT_VERSION=(?<currentValue>.*?)\\n',
],
datasourceTemplate: 'github-releases',
depNameTemplate: 'golangci/golangci-lint',
},
{
customType: 'regex',
description: 'Bump helm version in the Earthfile',
fileMatch: [
'^Earthfile$',
],
matchStrings: [
'ARG HELM_VERSION=(?<currentValue>.*?)\\n',
],
datasourceTemplate: 'github-releases',
depNameTemplate: 'helm/helm',
},
{
customType: 'regex',
description: 'Bump helm-docs version in the Earthfile',
fileMatch: [
'^Earthfile$',
],
matchStrings: [
'ARG HELM_DOCS_VERSION=(?<currentValue>.*?)\\n',
],
datasourceTemplate: 'github-releases',
depNameTemplate: 'norwoodj/helm-docs',
extractVersionTemplate: '^v(?<version>.*)$',
},
{
customType: 'regex',
description: 'Bump kind version in the Earthfile',
fileMatch: [
'^Earthfile$',
],
matchStrings: [
'ARG KIND_VERSION=(?<currentValue>.*?)\\n',
],
datasourceTemplate: 'github-releases',
depNameTemplate: 'kubernetes-sigs/kind',
},
{
customType: 'regex',
description: 'Bump kubectl version in the Earthfile',
fileMatch: [
'^Earthfile$',
],
matchStrings: [
'ARG KUBECTL_VERSION=(?<currentValue>.*?)\\n',
],
datasourceTemplate: 'github-releases',
depNameTemplate: 'kubernetes/kubernetes',
},
{
customType: 'regex',
description: 'Bump gotestsum version in the Earthfile',
fileMatch: [
'^Earthfile$',
],
matchStrings: [
'ARG GOTESTSUM_VERSION=(?<currentValue>.*?)\\n',
],
datasourceTemplate: 'github-releases',
depNameTemplate: 'gotestyourself/gotestsum',
extractVersionTemplate: '^v(?<version>.*)$',
},
{
customType: 'regex',
description: 'Bump codeql version in the Earthfile',
fileMatch: [
'^Earthfile$',
],
matchStrings: [
'ARG CODEQL_VERSION=(?<currentValue>.*?)\\n',
],
datasourceTemplate: 'github-releases',
depNameTemplate: 'github/codeql-action',
extractVersionTemplate: '^codeql-bundle-(?<version>.*)$',
},
],
// Renovate doesn't have native Earthfile support, but because Earthfile
// syntax is a superset of Dockerfile syntax this works to update FROM images.
// https://github.com/renovatebot/renovate/issues/15975
dockerfile: {
fileMatch: [
'(^|/)Earthfile$',
],
},
packageRules: [
{
description: 'Generate code after upgrading go dependencies (Earthly)',
matchDatasources: [
'go',
],
matchBaseBranches: [
'/^release-.*/',
],
postUpgradeTasks: {
commands: [
'earthly --strict +go-generate',
],
fileFilters: [
'**/*',
],
executionMode: 'update',
},
},
{
description: 'Lint code after upgrading golangci-lint (Earthly)',
matchDepNames: [
'golangci/golangci-lint',
],
matchBaseBranches: [
'/^release-.*/',
],
postUpgradeTasks: {
commands: [
'earthly --strict +go-lint',
],
fileFilters: [
'**/*',
],
executionMode: 'update',
},
},
],
}
20 changes: 19 additions & 1 deletion .github/renovate-entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,25 @@
#!/bin/sh
#!/bin/bash

set -e

# Install Earthly (for release branches)
echo "Installing Earthly..."
curl -fsSLo /usr/local/bin/earthly https://github.com/earthly/earthly/releases/latest/download/earthly-linux-amd64
chmod +x /usr/local/bin/earthly
/usr/local/bin/earthly bootstrap

# Install Nix (for main branch)
echo "Installing Nix..."
apt-get update && apt-get install -y nix-bin

# Configure Nix via environment variable
export NIX_CONFIG="
experimental-features = nix-command flakes
max-jobs = auto
extra-substituters = https://crossplane.cachix.org
extra-trusted-public-keys = crossplane.cachix.org-1:NJluVUN9TX0rY/zAxHYaT19Y5ik4ELH4uFuxje+62d4=
"

echo "Nix $(nix --version) installed successfully"

renovate
Loading
Loading