Bump github.com/fluxcd/source-controller/api from 0.34.0 to 0.35.0

[dependabot]

Bumps github.com/fluxcd/source-controller/api from 0.34.0 to 0.35.0.

Release notes

Sourced from github.com/fluxcd/source-controller/api's releases.

v0.35.0

CHANGELOG

Changelog

Sourced from github.com/fluxcd/source-controller/api's changelog.

0.35.0

Release date: 2023-02-16

This release introduces a new format for the Artifact Revision, and deprecates the Checksum field in favor of a new Digest field. In addition, it adds support for Git reference names in a GitRepository, and comes with the usual collection of dependency updates.

Highlights

Support for Git reference names

Starting with this version, it is possible to define a Git Reference in a GitRepository using .spec.ref.name.

This opens the door to a range of functionalities not available before, as it for example allows the controller to follow pull (refs/pull/<id>/head) or merge (refs/merge-requests/<id>/head) requests, and allows a transition from the HEAD of a branch (refs/heads/main) to a tag (refs/tags/v0.1.0) by changing a single field value.

Refer to the GitRepository specification for more details.

Introduction of Artifact Digest

The Artifact of a Source will now advertise a Digest field containing the checksum of the file advertised in the Path, and the alias of the algorithm used to calculate it. Creating a "digest" in the format of <algo>:<checksum>.

The algorithm is configurable using the newly introduced --artifact-digest-algo flag, which allows configuration of other algorithms (sha384, sha512, and blake3) than the hardcoded sha256 default of the now deprecated Checksum field.

Please note that until the Checksum is fully deprecated, changing the algorithm is not yet advised (albeit supported), as this will result in a double computation.

⚠️ Breaking changes

Artifact Revision format

The Revision format for an Artifact consisting of a named pointer (a Git branch or tag) and/or a specific revision (a Git commit SHA or other calculated checksum) has changed to contain an @ separator opposed to /, and includes the algorithm alias as a prefix to a checksum (creating a "digest"). In addition, HEAD is no longer used as a named pointer for exact commit references, but will now only advertise the commit itself.

... (truncated)

Commits

• 0f91a32 Merge pull request #1029 from fluxcd/release-v0.35.0
• a99a340 Release v0.35.0
• b30096e Merge pull request #1030 from fluxcd/dependabot/go_modules/github.com/contain...
• 93acd4a build(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.18
• 9cb04d2 Merge pull request #1026 from aryan9600/git-refname
• c3511cc add support for checking out to Git refs
• 1de3b13 Merge pull request #1028 from fluxcd/update-deps
• a640dcb Update dependencies
• 7fe1903 Merge pull request #1015 from somtochiama/helm-repo-url
• 6f0384c Normalize path in url
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[netlify]

✅ Deploy Preview for kubeapps-dev canceled.

Name	Link
🔨 Latest commit	fb71de6
🔍 Latest deploy log	https://app.netlify.com/sites/kubeapps-dev/deploys/63eedffdac44b300082e3280

[dependabot]

Superseded by #6005.