* Bump versions in go.mod
* Use new version of docker/distribution under new path
* Fix failing TestOCIDigest due to upstream change
---------
Authored by: Jessica Ng <jessicawlng@google.com>
* Added new keel.sh/monitorContainers annotation to allow providing an explicit regular expression that will filter which containers Keel will interact with. If left empy, it will preserve previous behaviour (all containers).
* Support for debug parameters: Context and MasterUrl
Minimal refactor and fixes:
* Add dockerignore file to re-use already built images
* Add Image Pull Secrets to Deployment Template (https://github.com/keel-hq/keel/pull/758)
* Update Go Version to 1.21 (https://github.com/keel-hq/keel/pull/751)
* Added Github Workflow to use the Github repository as a Helm Chart Repository through Github Pages
* Create debug container to allow GO remote debugging
* Add integration with Azure Pipelines
* Add compose files to setup local development containers
The bot can now send interactive message for approval requests as well
as react to bot mention event.
The bot will try to update the interactive message when possible.
This commit updates the GCR (Google Container Registry) credentials handling
in Keel's GCR extension to add support for Google Cloud's Workload Identity,
while maintaining compatibility with the existing authentication method via
the GOOGLE_APPLICATION_CREDENTIALS environment variable.
Changes include:
- Removed the `credentials` string field from the CredentialsHelper struct.
Credentials are now determined dynamically based on the runtime environment.
- Added `readCredentialsFromFile()` and `getWorkloadIdentityTokenCredentials()`
functions to abstract the credential reading and token obtaining processes.
- Updated `GetCredentials` method to try reading the GOOGLE_APPLICATION_CREDENTIALS
file first, falling back to Workload Identity if necessary.
- Extended registry URL check in `GetCredentials` to support Google Container Registry (`gcr.io`) and
Google Artifact Registry URLs (`pkg.dev`).
- Adding pubSub boolean check for activating pubSub.
These changes allow for the use of both JSON key files and Workload Identity
for GCP authentication when polling instead of using pubSub.
Afonso Garcia
David
Imran Ismail
Chakrit Wichian
Karolis Rusenas
Benjamin Moermans
crafa
clem59170
Massimiliano Mirra
Karolis Rusenas
Erick
hotpheex
Joe Bowbeer
Blake Barnett
Scott Dawson
PortableProgrammer