Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🤖 Update fluxcd (minor) #107

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

🤖 Update fluxcd (minor) #107

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Oct 30, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/fluxcd/flux2/v2 v2.3.0 -> v2.4.0 age adoption passing confidence
github.com/fluxcd/kustomize-controller/api v1.3.0 -> v1.4.0 age adoption passing confidence
github.com/fluxcd/pkg/apis/meta v1.5.0 -> v1.6.1 age adoption passing confidence
github.com/fluxcd/source-controller/api v1.3.0 -> v1.4.1 age adoption passing confidence

⚠️ This PR updates an API docstring, so you have to run make generate locally.

Release Notes

fluxcd/flux2 (github.com/fluxcd/flux2/v2)

v2.4.0

Compare Source

Highlights

Flux v2.4.0 is a feature release. Users are encouraged to upgrade for the best experience.

For a comprehensive overview of new features and API changes included in this release, please refer to the Announcing Flux 2.4 GA blog post.

This release marks the General Availability (GA) of Flux Bucket API. The Bucket v1 API comes with new features including: proxy support, mTLS and custom STS configuration for AWS S3 and MinIO LDAP authentication.

The GitRepository v1 API gains support for OIDC authentication. Starting with this version, you can authenticate against Azure DevOps repositories using AKS Workload Identity.

The OCIRepository v1beta2 API gains support for proxy configuration thus allowing dedicated HTTP/S Proxy authentication on multi-tenant Kubernetes clusters.

The HelmRelease v2 API gains support for disabling JSON schema validation of the Helm release values during installation and upgrade. And allows adopting existing Kubernetes resources during Helm release installation.

The Flux controllers are now built with Go 1.23 and their dependencies have been updated to Kubernetes 1.31, Helm 3.16, SOPS 3.9 Cosign 2.4 and Notation 1.2.

❤️ Big thanks to all the Flux contributors that helped us with this release!

Kubernetes compatibility

This release is compatible with the following Kubernetes versions:

Kubernetes version Minimum required
v1.29 >= 1.29.0
v1.30 >= 1.30.0
v1.31 >= 1.31.0

[!NOTE]
Note that the Flux project offers support only for the latest three minor versions of Kubernetes.
Backwards compatibility with older versions of Kubernetes and OpenShift is offered by vendors such as
ControlPlane that provide enterprise support for Flux.

OpenShift compatibility

Flux can be installed on Red Hat OpenShift cluster directly from OperatorHub using Flux Operator.
The operator allows the configuration of Flux multi-tenancy lockdown, network policies, persistent storage, sharding, vertical scaling and the synchronization of the cluster state from Git repositories, OCI artifacts and S3-compatible storage.

API changes

Bucket v1

The Bucket kind was promoted from v1beta2 to v1 (GA).

The v1 API is backwards compatible with v1beta2.

New fields:

  • .spec.proxySecretRef allows configuring HTTP/S Proxy authentication for the S3-compatible storage service.
  • .spec.certSecretRef allows custom TLS client certificate and CA for secure communication with the S3-compatible storage service.
  • .spec.sts allows custom STS configuration for AWS S3 and MinIO LDAP authentication.
GitRepository v1

The GitRepository kind gains new optional fields with no breaking changes.

New fields:

  • .spec.provider allows specifying an OIDC provider used for authentication purposes. Currently, only the azure provider is supported.
OCIRepository v1beta2

The OCIRepository kind gains new optional fields with no breaking changes.

New fields:

  • .spec.proxySecretRef allows configuring HTTP/S Proxy authentication for the container registry service.
HelmRelease v2

The HelmRelease kind gains new optional fields with no breaking changes.

New fields:

  • .spec.install.disableSchemaValidation allows disabling the JSON schema validation of the Helm release values during installation.
  • .spec.upgrade.disableSchemaValidation allows disabling the JSON schema validation of the Helm release values during upgrade.

Upgrade procedure

Upgrade Flux from v2.3.0 to v2.4.0 either by rerunning bootstrap or by using the Flux GitHub Action.

To upgrade the APIs, make sure the new CRDs and controllers are deployed, and then change the manifests in Git:

  1. Set apiVersion: source.toolkit.fluxcd.io/v1 in the YAML files that contain Bucket definitions.
  2. Commit, push and reconcile the API version changes.

Bumping the APIs version in manifests can be done gradually.
It is advised to not delay this procedure as the deprecated versions will be removed after 6 months.

Components changelog

New Documentation

CLI Changelog

fluxcd/kustomize-controller (github.com/fluxcd/kustomize-controller/api)

v1.4.0

Compare Source

Changelog

v1.4.0 changelog

Container images

  • docker.io/fluxcd/kustomize-controller:v1.4.0
  • ghcr.io/fluxcd/kustomize-controller:v1.4.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the security documentation.

fluxcd/source-controller (github.com/fluxcd/source-controller/api)

v1.4.1

Compare Source

Changelog

v1.4.1 changelog

Container images
  • docker.io/fluxcd/source-controller:v1.4.1
  • ghcr.io/fluxcd/source-controller:v1.4.1

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the security documentation.

v1.4.0

Compare Source

Changelog

v1.4.0 changelog

Container images
  • docker.io/fluxcd/source-controller:v1.4.0
  • ghcr.io/fluxcd/source-controller:v1.4.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC.
To verify the images and their provenance (SLSA level 3), please see the security documentation.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate Renovate
Copy link
Author

renovate bot commented Oct 30, 2024

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum
Command failed: go get -d -t ./...
go: -d flag is deprecated. -d=true is a no-op
go: downloading github.com/fluxcd/kustomize-controller/api v1.4.0
go: downloading github.com/fluxcd/source-controller/api v1.4.1
go: downloading k8s.io/api v0.31.1
go: downloading k8s.io/apiextensions-apiserver v0.31.1
go: downloading k8s.io/apimachinery v0.31.1
go: downloading k8s.io/client-go v0.29.9
go: downloading k8s.io/component-base v0.31.1
go: downloading github.com/fluxcd/pkg/apis/meta v1.6.1
go: downloading github.com/fluxcd/flux2/v2 v2.4.0
go: downloading github.com/fluxcd/pkg/apis/kustomize v1.6.1
go: downloading k8s.io/klog/v2 v2.130.1
go: downloading github.com/Masterminds/semver/v3 v3.3.0
go: downloading golang.org/x/exp v0.0.0-20240909161429-701f63a606c0
go: downloading github.com/cyphar/filepath-securejoin v0.3.2
go: downloading github.com/fluxcd/pkg/kustomize v1.13.0
go: downloading github.com/fluxcd/pkg/tar v0.8.1
go: downloading github.com/prometheus/client_golang v1.20.3
go: downloading sigs.k8s.io/kustomize/api v0.17.3
go: downloading sigs.k8s.io/kustomize/kyaml v0.17.2
go: downloading golang.org/x/oauth2 v0.23.0
go: downloading github.com/BurntSushi/toml v1.4.0
go: downloading github.com/klauspost/compress v1.17.9
go: downloading github.com/prometheus/common v0.55.0
go: downloading github.com/fxamacker/cbor/v2 v2.7.0
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094
go: downloading github.com/moby/spdystream v0.4.0
go: downloading github.com/prometheus/procfs v0.15.1
go: downloading github.com/x448/float16 v0.8.4
go: downloading k8s.io/api v0.31.2
go: github.com/stackitcloud/gardener-extension-shoot-flux/cmd/gardener-extension-shoot-flux/app imports
	github.com/gardener/gardener/extensions/pkg/controller imports
	k8s.io/client-go/kubernetes/scheme imports
	k8s.io/api/resource/v1alpha2: cannot find module providing package k8s.io/api/resource/v1alpha2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
kind/upgrade
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants