Bump the flux-deps group with 1 update

[dependabot]

Bumps the flux-deps group with 1 update: github.com/fluxcd/source-controller/api.

Release notes

Sourced from github.com/fluxcd/source-controller/api's releases.

v1.1.0

Changelog

v1.1.0 changelog

Container images

• docker.io/fluxcd/source-controller:v1.1.0
• ghcr.io/fluxcd/source-controller:v1.1.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

Changelog

Sourced from github.com/fluxcd/source-controller/api's changelog.

1.1.0

Release date: 2023-08-23

This minor release comes with API changes, bug fixes and several new features.

All APIs that accept TLS data have been modified to adopt Secrets of type kubernetes.io/tls. This includes:

• HelmRepository: The field .spec.secretRef has been deprecated in favor of a new field .spec.certSecretRef. This field is also supported by OCI HelmRepositories.
• OCIRepository: Support for thecaFile, keyFile and certFile keys in the Secret specified in .spec.certSecretRef have been deprecated in favor of ca.crt, tls.key and tls.crt. Also, the Secret now must be of type Opaque or kubernete.io/tls.
• GitRepository: CA certificate can now be provided in the Secret sepcified in .spec.secretRef using the ca.crt key, which takes precedence over the existing caFile key.

Furthermore, GitRepository has a couple of new features:

• Proxy support: A new field .spec.proxySecretRef has been introduced which can be used to specify the proxy configuration to use for all remote Git operations related to the particular object.
• Tag verification: The field .spec.verification.mode now supports the following values:
  • HEAD: Verify the HEAD of the Git repository.
  • Tag: Verify the tag specified in .spec.ref
  • TagAndHead: Verify the tag specified in .spec.ref and the commit it points to.

Starting with this version, the controller now stops exporting an object's metrics as soon as the object has been deleted.

In addition, the controller now consumes significantly less CPU and memory when reconciling Helm repository indexes.

Lastly, a new flag --interval-jitter-percentage has been introduced which can be used to specify a jitter to the reconciliation interval in order to distribute the load more evenly when multiple objects are set up with the same interval.

Improvements:

• gitrepo: Add support for specifying proxy per GitRepository #1109
• helmrepo: add .spec.certSecretRef for specifying TLS auth data #1160
• Update docs on Azure identity #1167
• gitrepo: document limitation of spec.ref.name with Azure Devops #1175

... (truncated)

Commits

• 0e47f7f Merge pull request #1209 from fluxcd/release-v1.1.0
• e5a429a Release v1.1.0
• 3967603 Add changelog entry for v1.1.0
• 052221c Merge pull request #1204 from somtochiama/doc-links
• 47ff472 fix link
• b3036f5 Merge pull request #1203 from somtochiama/fix-helm-path
• 64139e7 preserve url encoded path in helm repo
• a302c71 Merge pull request #1194 from fluxcd/tls-secret
• 2a7f67d gitrepo: add support for specifying CA data via ca.crt
• 6fe3c96 ocirepo: adopt Kubernetes style TLS secrets for .spec.certSecretRef
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions