teletraan-x[bot]
commented
1 year ago 🦙 MegaLinter status: ✅ SUCCESS
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ✅ REPOSITORY | git_diff | yes | no | 0.01s | |
| ✅ REPOSITORY | secretlint | yes | no | 0.99s | |
| ✅ YAML | prettier | 1 | 0 | 0.5s | |
| ✅ YAML | yamllint | 1 | 0 | 0.21s |
See detailed report in MegaLinter reports
_Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff_
_MegaLinter is graciously provided by 
_
This PR contains the following updates:
v0.38.3->v0.39.0Release Notes
fluxcd/flux2
### [`v0.39.0`](https://togithub.com/fluxcd/flux2/releases/tag/v0.39.0) [Compare Source](https://togithub.com/fluxcd/flux2/compare/v0.38.3...v0.39.0) #### Highlights Flux v0.39.0 comes with new features and improvements. Users are encouraged to upgrade for the best experience. Starting with version, the Flux controllers come with [SBOMs and SLSA Provenance Attestations](https://fluxcd.io/flux/security/) embedded in their container images. The [Flux Terraform Provider](https://togithub.com/fluxcd/terraform-provider-flux) has a new resource for bootstrapping Flux, without depending on third-party Terraform providers, that allows customising the controllers at install time. Users are encouraged to migrate to this new resources and provide feedback. The Flux CLI is now included in [Wolfi OS](https://togithub.com/wolfi-dev/os), the Linux (Un)distro designed for securing the software supply chain. The Chainguard team and Wolfi maintainers are shipping updates for the Flux package on a regular basis. ##### Features and improvements - Recreate immutable resources (e.g. Kubernetes Jobs) by annotating or labeling them with `kustomize.toolkit.fluxcd.io/force: enabled`. - Support for HTTPS bearer token authentication for Git repositories. - Improve memory usage by disabling the caching of Secret and ConfigMap resources in all controllers. - Better observability with progressive status updates for Sources (Git, OCI, Helm, S3 Buckets). - Allow extracting the OCI artifact SHA256 digest for Cosign with `flux push artifact -o json`. - Track CRDs managed by Flux, `flux trace` and `flux tree` will show which HelmRelease deployed which CRDs. - Allow the Flux GitHub Action to use a GitHub token when checking for updates to avoid rate limiting. ##### New documentation - Security: [Software Bill of Materials](https://fluxcd.io/flux/security/#software-bill-of-materials) - Security: [SLSA Provenance Attestations](https://fluxcd.io/flux/security/#slsa-provenance-attestations) - Security: [Scanning Flux images for CVEs](https://fluxcd.io/flux/security/#scanning-for-cves) #### Components changelog - source-controller [v0.34.0](https://togithub.com/fluxcd/source-controller/blob/v0.34.0/CHANGELOG.md) - kustomize-controller [v0.33.0](https://togithub.com/fluxcd/kustomize-controller/blob/v0.33.0/CHANGELOG.md) - helm-controller [v0.29.0](https://togithub.com/fluxcd/helm-controller/blob/v0.29.0/CHANGELOG.md) - notification-controller [v0.31.0](https://togithub.com/fluxcd/notification-controller/blob/v0.31.0/CHANGELOG.md) - image-reflector-controller [v0.24.0](https://togithub.com/fluxcd/image-reflector-controller/blob/v0.24.0/CHANGELOG.md) - image-automation-controller [v0.29.0](https://togithub.com/fluxcd/image-automation-controller/blob/v0.29.0/CHANGELOG.md) #### CLI Changelog - PR [#3550](https://togithub.com/fluxcd/flux2/issues/3550) - [@stefanprodan](https://togithub.com/stefanprodan) - flux tree: Set CRDs GroupKind in output - PR [#3549](https://togithub.com/fluxcd/flux2/issues/3549) - [@stefanprodan](https://togithub.com/stefanprodan) - flux tree: Track CRDs managed by HelmReleases - PR [#3545](https://togithub.com/fluxcd/flux2/issues/3545) - [@fluxcdbot](https://togithub.com/fluxcdbot) - Update toolkit components - PR [#3542](https://togithub.com/fluxcd/flux2/issues/3542) - [@stefanprodan](https://togithub.com/stefanprodan) - flux tree: Add namespaces to objects reconciled from HRs - PR [#3540](https://togithub.com/fluxcd/flux2/issues/3540) - [@stefanprodan](https://togithub.com/stefanprodan) - Add json/yaml output to flux push artifact - PR [#3537](https://togithub.com/fluxcd/flux2/issues/3537) - [@stefanprodan](https://togithub.com/stefanprodan) - Update dependencies to Kubernetes v1.26.1 - PR [#3532](https://togithub.com/fluxcd/flux2/issues/3532) - [@stefanprodan](https://togithub.com/stefanprodan) - Update Alpine to v3.17 and kubectl to v1.26.1 in flux-cli image - PR [#3531](https://togithub.com/fluxcd/flux2/issues/3531) - [@makkes](https://togithub.com/makkes) - fix misleading messaging when using `-A` flag - PR [#3529](https://togithub.com/fluxcd/flux2/issues/3529) - [@dependabot](https://togithub.com/dependabot)\[bot] - build(deps): bump docker/setup-buildx-action from 2.2.1 to 2.4.0 - PR [#3526](https://togithub.com/fluxcd/flux2/issues/3526) - [@dependabot](https://togithub.com/dependabot)\[bot] - Bump anchore/sbom-action from 0.13.1 to 0.13.3 - PR [#3525](https://togithub.com/fluxcd/flux2/issues/3525) - [@dependabot](https://togithub.com/dependabot)\[bot] - Bump github/codeql-action from 2.1.38 to 2.2.1 - PR [#3524](https://togithub.com/fluxcd/flux2/issues/3524) - [@dependabot](https://togithub.com/dependabot)\[bot] - Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1 - PR [#3517](https://togithub.com/fluxcd/flux2/issues/3517) - [@jooooel](https://togithub.com/jooooel) - Fix broken GitHub Action and handle case where VERSION is provided as an input - PR [#3507](https://togithub.com/fluxcd/flux2/issues/3507) - [@thezanke](https://togithub.com/thezanke) - Update prometheus-community helm repo due to the suspension of OCI builds - PR [#3501](https://togithub.com/fluxcd/flux2/issues/3501) - [@kingdonb](https://togithub.com/kingdonb) - Add GITHUB_TOKEN to Flux GitHub Action - PR [#3488](https://togithub.com/fluxcd/flux2/issues/3488) - [@dependabot](https://togithub.com/dependabot)\[bot] - Bump snyk/actions from [`1cc9026`](https://togithub.com/fluxcd/flux2/commit/1cc9026f51d822442cb4b872d8d7ead8cc69a018) to [`e25b2e6`](https://togithub.com/fluxcd/flux2/commit/e25b2e6f5658d1bb7a6671b113260f13134cc3af) - PR [#3487](https://togithub.com/fluxcd/flux2/issues/3487) - [@dependabot](https://togithub.com/dependabot)\[bot] - Bump actions/cache from 3.2.2 to 3.2.3 - PR [#3486](https://togithub.com/fluxcd/flux2/issues/3486) - [@dependabot](https://togithub.com/dependabot)\[bot] - Bump github/codeql-action from 2.1.37 to 2.1.38 - PR [#3477](https://togithub.com/fluxcd/flux2/issues/3477) - [@raffis](https://togithub.com/raffis) - fix(install-script): support $GITHUB_TOKENConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.