search

nlamirault / dotfiles

My dotfiles
Other
0 stars 0 forks source link

Update dependency flux2 to v2.1.2 #119

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Update Change
flux2 minor 2.0.1 -> 2.1.2

Release Notes

fluxcd/flux2 (flux2) ### [`v2.1.2`](https://togithub.com/fluxcd/flux2/releases/tag/v2.1.2) [Compare Source](https://togithub.com/fluxcd/flux2/compare/v2.1.1...v2.1.2) #### Highlights Flux `v2.1.2` is a patch release which comes with various fixes. Users are encouraged to upgrade for the best experience. ##### Fixes - Ensures faster recovery of `Kustomization` and `HelmRelease` resources when the source-controller has restarted and is working on restoring the storage. - Prevent source-controller from failing to reconcile `OCIRepositories` when artifacts contain symlinks. - Addresses issue with helm-controller miss-labeling Custom Resource Definitions. - Detect immutable field errors in Google Cloud resources managed by Flux `Kustomizations`. - Better error reporting for `flux bootstrap` when the owner doesn't match the identity associated with the given token. - Allow `flux pull artifact` to fetch OCI artifacts produced by other tools. #### Components changelog - source-controller [v1.1.2](https://togithub.com/fluxcd/source-controller/blob/v1.1.2/CHANGELOG.md) - kustomize-controller [v1.1.1](https://togithub.com/fluxcd/kustomize-controller/blob/v1.1.1/CHANGELOG.md) - helm-controller [v0.36.2](https://togithub.com/fluxcd/helm-controller/blob/v0.36.2/CHANGELOG.md) #### CLI Changelog - PR [#​4324](https://togithub.com/fluxcd/flux2/issues/4324) - [@​somtochiama](https://togithub.com/somtochiama) - bootstrap: Fix error msg when the Git token doesn't match the repo owner - PR [#​4323](https://togithub.com/fluxcd/flux2/issues/4323) - [@​stefanprodan](https://togithub.com/stefanprodan) - e2e: Update Go dependencies - PR [#​4313](https://togithub.com/fluxcd/flux2/issues/4313) - [@​fluxcdbot](https://togithub.com/fluxcdbot) - Update toolkit components - PR [#​4296](https://togithub.com/fluxcd/flux2/issues/4296) - [@​Skarlso](https://togithub.com/Skarlso) - fix: only wait for changeset if the result is not empty - PR [#​4285](https://togithub.com/fluxcd/flux2/issues/4285) - [@​matheuscscp](https://togithub.com/matheuscscp) - Add badge for SLSA Level 3 - PR [#​4284](https://togithub.com/fluxcd/flux2/issues/4284) - [@​errordeveloper](https://togithub.com/errordeveloper) - Make `flux pull` work for OCI artifacts produced by other tools ### [`v2.1.1`](https://togithub.com/fluxcd/flux2/releases/tag/v2.1.1) [Compare Source](https://togithub.com/fluxcd/flux2/compare/v2.1.0...v2.1.1) #### Highlights Flux `v2.1.1` is a patch release which comes with various fixes. Users are encouraged to upgrade for the best experience. ##### Fixes - Use auto lookup strategy for Buckets to widen support for S3-compatible object storage services (`source-controller`). - Fix Secret type check for HelmRepositories TLS certs referred in `.spec.secretRef` (`source-controller`). - Fix the branch name reporting when the push branch is the same as the checkout branch (`image-automation-controller`). - Restore Helm logs inclusion in failure events (`helm-controller`). - Fix the impersonation of the default service account when diffing HelmReleases (`helm-controller`). - Check source for `nil` artifact before loading Helm charts (`helm-controller`). - Update the description of Kubernetes specific flag to distinguish them from Flux bootstrap flags (`flux` CLI). #### Components changelog - source-controller [v1.1.1](https://togithub.com/fluxcd/source-controller/blob/v1.1.1/CHANGELOG.md) - helm-controller [v0.36.1](https://togithub.com/fluxcd/helm-controller/blob/v0.36.1/CHANGELOG.md) - image-automation-controller [v0.36.1](https://togithub.com/fluxcd/image-automation-controller/blob/v0.36.1/CHANGELOG.md) #### CLI Changelog - PR [#​4255](https://togithub.com/fluxcd/flux2/issues/4255) - [@​hiddeco](https://togithub.com/hiddeco) - tests/azure: update controller dependencies - PR [#​4251](https://togithub.com/fluxcd/flux2/issues/4251) - [@​fluxcdbot](https://togithub.com/fluxcdbot) - Update toolkit components - PR [#​4246](https://togithub.com/fluxcd/flux2/issues/4246) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 4 updates - PR [#​4238](https://togithub.com/fluxcd/flux2/issues/4238) - [@​makkes](https://togithub.com/makkes) - Upgrade github.com/fluxcd/pkg/{git,git/gogit} - PR [#​4233](https://togithub.com/fluxcd/flux2/issues/4233) - [@​sonbui00](https://togithub.com/sonbui00) - chore: remove support armv6h for aur package - PR [#​4228](https://togithub.com/fluxcd/flux2/issues/4228) - [@​sonbui00](https://togithub.com/sonbui00) - Improve AUR package templates - PR [#​4227](https://togithub.com/fluxcd/flux2/issues/4227) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 3 updates - PR [#​4226](https://togithub.com/fluxcd/flux2/issues/4226) - [@​somtochiama](https://togithub.com/somtochiama) - Update description of kubeconfig specific flag - PR [#​4222](https://togithub.com/fluxcd/flux2/issues/4222) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 in /tests/integration - PR [#​4221](https://togithub.com/fluxcd/flux2/issues/4221) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 in /tests/azure - PR [#​4215](https://togithub.com/fluxcd/flux2/issues/4215) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 4 updates - PR [#​4213](https://togithub.com/fluxcd/flux2/issues/4213) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /tests/integration - PR [#​4212](https://togithub.com/fluxcd/flux2/issues/4212) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible in /tests/integration - PR [#​4198](https://togithub.com/fluxcd/flux2/issues/4198) - [@​makkes](https://togithub.com/makkes) - Add 2.1.x backport label - PR [#​4197](https://togithub.com/fluxcd/flux2/issues/4197) - [@​stefanprodan](https://togithub.com/stefanprodan) - Fix links to fluxcd.io - PR [#​4195](https://togithub.com/fluxcd/flux2/issues/4195) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 2 updates ### [`v2.1.0`](https://togithub.com/fluxcd/flux2/releases/tag/v2.1.0) [Compare Source](https://togithub.com/fluxcd/flux2/compare/v2.0.1...v2.1.0) #### Highlights Flux v2.1.0 is a feature release. Users are encouraged to upgrade for the best experience. The [Flux APIs](#api-changes) were extended with new opt-in features in a backwards-compatible manner. The Flux Git capabilities have been improved with support for Git push options, Git refspec, Gerrit, HTTP/S and SOCKS5 proxies. The Flux alerting capabilities have been extended with [Datadog](https://fluxcd.io/flux/components/notification/provider/#pagerduity) support. The Flux controllers come with performance improvements when reconciling Helm repositories with large indexes (80% memory reduction), and when reconciling Flux Kustomizations with thousands of resources (x4 faster server-side apply). The load distribution has been improved when reconciling Flux objects in parallel to reduce CPU and memory spikes. :heart: Big thanks to all the Flux contributors that helped us with this release! #### Deprecations Flux v2.1.0 comes with support for Kubernetes TLS Secrets when referring to secrets containing TLS certs, and deprecates the usage of `caFile`, `keyFile` and `certFile` keys. For more details about the TLS changes please see the [Kubernetes TLS Secrets section](#kubernetes-tls-secrets). Flux v2.1.0 comes with major improvements to the Prometheus monitoring stack. Starting with this version, Flux is leveraging the `kube-state-metrics` CRD exporter to report metrics containing rich information about Flux reconciliation status e.g. Git revision, Helm chart version, OCI artifacts digests, etc. The `gotk_reconcile_condition` metrics was deprecated in favor of the `gotk_resource_info`. For more details about the new monitoring stack please see the [Flux Prometheus metrics documentation](https://fluxcd.io/flux/monitoring/metrics) and the [flux2-monitoring-example repository](https://togithub.com/fluxcd/flux2-monitoring-example). #### API changes ##### GitRepository v1 The [GitRepository](https://fluxcd.io/flux/components/source/gitrepositories/) API was extended with the following fields: - `.spec.proxySecretRef.name` is an optional field used to specify the name of a Kubernetes Secret that contains the HTTP/S or SOCKS5 proxy settings. - `.spec.verify.mode` now support one of the following values `HEAD`, `Tag`, `TagAndHEAD`. ##### Kustomization v1 The [Kustomization](https://fluxcd.io/flux/components/kustomize/kustomization/) API was extended with two apply policies `IfNotPresent` and `Ignore`. Changing the apply behaviour for specific Kubernetes resources, can be done using the following annotations: | Annotation | Default | Values | Role | |-------------------------------------|------------|----------------------------------------------------------------|-----------------| | `kustomize.toolkit.fluxcd.io/ssa` | `Override` | - `Override`
- `Merge`
- `IfNotPresent`
- `Ignore` | Apply policy | | `kustomize.toolkit.fluxcd.io/force` | `Disabled` | - `Enabled`
- `Disabled` | Recreate policy | | `kustomize.toolkit.fluxcd.io/prune` | `Enabled` | - `Enabled`
- `Disabled` | Delete policy | The `IfNotPresent` policy instructs the controller to only apply the Kubernetes resources if they are not present on the cluster. This policy can be used for Kubernetes `Secrets` and `ValidatingWebhookConfigurations` managed by cert-manager, where Flux creates the resources with fields that are later on mutated by other controllers. ##### ImageUpdateAutomation v1beta1 The [ImageUpdateAutomation](https://fluxcd.io/flux/components/image/imageupdateautomations/) was extended with the following fields: - `.spec.git.push.refspec` is an optional field used to specify a Git refspec used when pushing commits upstream. - `.spec.git.push.options` is an optional field used to specify the Git push options to be sent to the Git server when pushing commits upstream. ##### Kubernetes TLS Secrets All the Flux APIs that accept TLS data have been modified to adopt Secrets of type `kubernetes.io/tls`. This includes: - **HelmRepository**: The field `.spec.secretRef` has been deprecated in favor of a new field [`.spec.certSecretRef`](https://fluxcd.io/flux/components/source/helmrepositories/#cert-secret-reference). - **OCIRepository**: Support for the `caFile`, `keyFile` and `certFile` keys in the Secret specified in [`.spec.certSecretRef`](https://fluxcd.io/flux/components/source/ocirepositories/#cert-secret-reference) have been deprecated in favor of `ca.crt`, `tls.key` and `tls.crt`. - **ImageRepository**: Support for the`caFile`, `keyFile` and `certFile` keys in the Secret specified in [`.spec.certSecretRef`](https://fluxcd.io/flux/components/source/imagerepositories/#cert-secret-reference) have been deprecated in favor of `ca.crt`, `tls.key` and `tls.crt`. - **GitRepository**: CA certificate can now be provided in the Secret specified in `.spec.secretRef` using the `ca.crt` key, which takes precedence over the `caFile` key. #### Upgrade procedure Upgrade Flux from `v2.0.x` to `v2.1.0` either by [rerunning bootstrap](https://fluxcd.io/flux/installation/#bootstrap-upgrade) or by using the [Flux GitHub Action](https://togithub.com/fluxcd/flux2/tree/main/action). To upgrade Flux from `v0.x` to `v2.1.0` please follow the [Flux GA upgrade procedure](https://togithub.com/fluxcd/flux2/releases/tag/v2.0.0#upgrade). #### Kubernetes compatibility This release is compatible with the following Kubernetes versions: | Kubernetes version | Minimum required | |--------------------|------------------| | `v1.25` | `>= 1.25.0` | | `v1.26` | `>= 1.26.0` | | `v1.27` | `>= 1.27.1` | | `v1.28` | `>= 1.28.0` | Note that Flux may work on older versions of Kubernetes e.g. 1.21, but we don't recommend running end-of-life versions in production nor do we offer support for these versions. #### New Documentation - [Flux installation](https://fluxcd.io/flux/installation/) - [Flux bootstrap](https://fluxcd.io/flux/installation/bootstrap/) - [Flux configuration](https://fluxcd.io/flux/installation/configuration/) - [Flux Prometheus metrics](https://fluxcd.io/flux/monitoring/metrics/) - [Flux custom Prometheus metrics](https://fluxcd.io/flux/monitoring/custom-metrics/) - [Flux logs](https://fluxcd.io/flux/monitoring/logs/) - [Flux events](https://fluxcd.io/flux/monitoring/events/) #### Components changelog - source-controller [v1.1.0](https://togithub.com/fluxcd/source-controller/blob/v1.1.0/CHANGELOG.md) - kustomize-controller [v1.1.0](https://togithub.com/fluxcd/kustomize-controller/blob/v1.1.0/CHANGELOG.md) - notification-controller [v1.1.0](https://togithub.com/fluxcd/notification-controller/blob/v1.1.0/CHANGELOG.md) - helm-controller [v0.36.0](https://togithub.com/fluxcd/helm-controller/blob/v0.36.0/CHANGELOG.md) - image-reflector-controller [v0.30.0](https://togithub.com/fluxcd/image-reflector-controller/blob/v0.30.0/CHANGELOG.md) - image-automation-controller [v0.36.0](https://togithub.com/fluxcd/image-automation-controller/blob/v0.36.0/CHANGELOG.md) #### CLI Changelog - PR [#​4189](https://togithub.com/fluxcd/flux2/issues/4189) - [@​hiddeco](https://togithub.com/hiddeco) - Update dependencies - PR [#​4186](https://togithub.com/fluxcd/flux2/issues/4186) - [@​fluxcdbot](https://togithub.com/fluxcdbot) - Update toolkit components - PR [#​4183](https://togithub.com/fluxcd/flux2/issues/4183) - [@​somtochiama](https://togithub.com/somtochiama) - Fix autocompletion for helm chart - PR [#​4182](https://togithub.com/fluxcd/flux2/issues/4182) - [@​hiddeco](https://togithub.com/hiddeco) - manifestgen/install: use clean default HTTP client - PR [#​4181](https://togithub.com/fluxcd/flux2/issues/4181) - [@​hiddeco](https://togithub.com/hiddeco) - cmd/events: handle error value - PR [#​4180](https://togithub.com/fluxcd/flux2/issues/4180) - [@​stefanprodan](https://togithub.com/stefanprodan) - Fix controller version info - PR [#​4177](https://togithub.com/fluxcd/flux2/issues/4177) - [@​stefanprodan](https://togithub.com/stefanprodan) - Set min value for the `--ssh-rsa-bits` flag - PR [#​4176](https://togithub.com/fluxcd/flux2/issues/4176) - [@​hiddeco](https://togithub.com/hiddeco) - ci: disable fail-fast for ARM end-to-end - PR [#​4175](https://togithub.com/fluxcd/flux2/issues/4175) - [@​hiddeco](https://togithub.com/hiddeco) - build: update securejoin dependency - PR [#​4169](https://togithub.com/fluxcd/flux2/issues/4169) - [@​darkowlzz](https://togithub.com/darkowlzz) - Add monitoring configuration deprecation notice - PR [#​4167](https://togithub.com/fluxcd/flux2/issues/4167) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 2 updates - PR [#​4166](https://togithub.com/fluxcd/flux2/issues/4166) - [@​stefanprodan](https://togithub.com/stefanprodan) - e2e: Add Kubernetes v1.28.0 to conformance tests - PR [#​4151](https://togithub.com/fluxcd/flux2/issues/4151) - [@​hiddeco](https://togithub.com/hiddeco) - ci: enable security-and-quality CodeQL query - PR [#​4147](https://togithub.com/fluxcd/flux2/issues/4147) - [@​aryan9600](https://togithub.com/aryan9600) - Adopt Kubernetes style TLS Secrets and add relevant flags - PR [#​4142](https://togithub.com/fluxcd/flux2/issues/4142) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 2 updates - PR [#​4140](https://togithub.com/fluxcd/flux2/issues/4140) - [@​somtochiama](https://togithub.com/somtochiama) - Disable azure e2e test - PR [#​4134](https://togithub.com/fluxcd/flux2/issues/4134) - [@​sestegra](https://togithub.com/sestegra) - monitoring: add OCIRepository in cluster dashboard and new source panels in control-plane dashboard - PR [#​4131](https://togithub.com/fluxcd/flux2/issues/4131) - [@​mraerino](https://togithub.com/mraerino) - Fix selection of kustomization resource from multi doc yaml - PR [#​4126](https://togithub.com/fluxcd/flux2/issues/4126) - [@​stefanprodan](https://togithub.com/stefanprodan) - Set Kubernetes min version to 1.25 - PR [#​4077](https://togithub.com/fluxcd/flux2/issues/4077) - [@​dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump the ci group with 2 updates - PR [#​4068](https://togithub.com/fluxcd/flux2/issues/4068) - [@​stefanprodan](https://togithub.com/stefanprodan) - Update dependencies - PR [#​4065](https://togithub.com/fluxcd/flux2/issues/4065) - [@​hiddeco](https://togithub.com/hiddeco) - action: support `openssl` and `sha256sum` - PR [#​4062](https://togithub.com/fluxcd/flux2/issues/4062) - [@​souleb](https://togithub.com/souleb) - diff: Take into account the server-side inventory for local Flux Kustomizations - PR [#​4061](https://togithub.com/fluxcd/flux2/issues/4061) - [@​hiddeco](https://togithub.com/hiddeco) - action: re-allow configuration of non-default token - PR [#​4057](https://togithub.com/fluxcd/flux2/issues/4057) - [@​fluxcdbot](https://togithub.com/fluxcdbot) - Update toolkit components - PR [#​4052](https://togithub.com/fluxcd/flux2/issues/4052) - [@​stefanprodan](https://togithub.com/stefanprodan) - docs: Link to the Flux GitHub Action documentation - PR [#​4051](https://togithub.com/fluxcd/flux2/issues/4051) - [@​hiddeco](https://togithub.com/hiddeco) - action: use `$RUNNER_TOOL_CACHE`, support MacOS and Windows, validate checksum - PR [#​4046](https://togithub.com/fluxcd/flux2/issues/4046) - [@​stefanprodan](https://togithub.com/stefanprodan) - ci: backport: set write permissions - PR [#​4043](https://togithub.com/fluxcd/flux2/issues/4043) - [@​stefanprodan](https://togithub.com/stefanprodan) - ci: release: extract the image tag from GITHUB_REF - PR [#​4041](https://togithub.com/fluxcd/flux2/issues/4041) - [@​hiddeco](https://togithub.com/hiddeco) - ci: release: disable interpretation backslash esc

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.