Let renovate update embedded controller manifests

Francois Eleouetrequested to merge
bootstrap-components-versions into main

This MR intends to propose a new workflow to generate controller manifests for bootstrap.

  • The idea is to embed minimal kustomisation that will define the controllers versions. These versions will be updated by renovate.
  • And rely on sylva-core kustomizations (whenever required - essentially for flux for now) to apply the same patches as in syvla-core (we assume that these kustomisations won't evolve too frequently)
  • sylvactl version command is extended with a --bootstrap option that show the versions of embedded bootstrap components. We'll be able to use it in sylva-core CI to check if components versions are aligned.

I also considered working on an alternative suggested by @tmmorin that would consist in consuming manifests from kustomize-units OCI produced by sylva-core projects, but:

  • It requires extra configuration for bootstrap (oci url and version)
  • In order to provide a working default (that can be used in lifecycle operators e2e tests for example), we would have to retrieve the last artifact produced from main branch in sylva-core, which is not easy to achieve (last git reference from main does not always have an artifact) unless if we were publishing a "main" or "latest" tag for these artifacts. But we could hardly ensure/test that these artifacts are working.
  • Its also raises some security concerns, since sylvactl should ideally verify the integrity of these manifests...
Edited by Francois Eleouet

Merge request reports