Releases: fluxcd/flux2
v0.27.0
Highlights
Flux v0.27.0 comes with new features and improvements. Users are encouraged to upgrade for the best experience.
Breaking changes
- Flux custom resources require their names to follow the DNS label standard as defined in RFC 1123. The
metadata.name
can only contain lowercase alphanumeric characters or-
and must contain at most 63 characters. - This version introduces a breaking change to the Helm uninstall behavior, as the
--wait
flag is now enabled by default. Resulting in helm-controller to wait for resources to be deleted while uninstalling a release. Disabling this behavior is possible by settingspec.uninstall.disableWait: true
inHelmRelease
manifests.
New features and improvements
- Add support to notification-controller for sending events to Grafana annotations API.
- Allow selecting event sources based on labels using the Alert API
spec.eventSources[].matchLabels
field. - Add support to kustomize-controller for making the Kubernetes Secrets and ConfigMaps referenced in
postBuild.substituteFrom
optional. - Allow dot-prefixed paths to be used for bootstrap e.g.
flux bootstrap --path=".flux/clusters/my-cluster"
. - All Flux controllers and libraries are now tested by Google's continuous fuzzing for open source software.
Components changelog
CLI Changelog
- PR #2444 - @fluxcdbot - Update toolkit components
- PR #2443 - @somtochiama - Validate that object name adheres to RFC 1123 for
flux create
commands - PR #2439 - @somtochiama - Use text/template library instead of html/template for logs
- PR #2427 - @souleb - Bootstrap bitbucket-server: Make sure we retrieve the right project
- PR #2426 - @foot - Add support for Kustomizations with dot-prefixed paths
- PR #2425 - @souleb - Add a simple spinner when running flux diff kustomization
v0.26.3
Highlights
Flux v0.26.3 is a patch release that comes with fixes to bootstrap. Users are encouraged to upgrade for the best experience.
In addition, kustomize-controller was update to be on par with Kustomize v4.5.2 release.
Components changelog
- kustomize-controller v0.20.2
CLI changelog
- PR #2418 - @stefanprodan - Fix bootstrap: Reset schema cache after applying CRDs
- PR #2416 - @fluxcdbot - Update kustomize-controller to v0.20.2
- PR #2415 - @stefanprodan - Add GitRepository namespace arg to
flux create image update
v0.26.2
Highlights
Flux v0.26.2 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.
Fixes:
- Fix
flux bootstrap
race condition - Fix
flux diff kustomization
when comparing Kubernetes secrets - Fix for
libgit2
SSH cloning intermittent timeouts - Fix some edge cases when overriding manual changes made with
kubectl apply
In addition, kustomize-controller was updated to be on par with the Kustomize v4.5.1 release.
Components changelog
CLI changelog
- PR #2398 - @fluxcdbot - Update toolkit components
- PR #2397 - @stefanprodan - Fix bootstrap CRD wait race condition
- PR #2392 - @souleb - Mask dockerconfigjson secret types and support StringData secrets
- PR #2389 - @souleb - Fix wrong deletion message on flux diff
v0.26.1
Flux v0.26.1 is a patch release that comes with fixes for the flux diff
and flux bootstrap
commands. Users are encouraged to upgrade for the best experience.
CLI Changelog
- PR #2382 - @somtochiama - Use
client.Patch
for suspend/resume operations - PR #2380 - @souleb - Fix panic on bootstrap when orgRef is not retrieved
- PR #2377 - @souleb - Fix
flux build/diff
when parsing SOPS encrypted secrets - PR #2376 - @stefanprodan - e2e: Fix Azure image update automation test
- PR #2375 - @souleb - Return exit code 1 when
flux diff
detects changes - PR #2368 - @stefanprodan - Update dependencies
- PR #2364 - @robwittman - Add GPG signing to Github/Gitlab/Bitbucket bootstrap
v0.26.0
Highlights
Flux v0.26.0 comes with new features and improvements. Users are encouraged to upgrade for the best experience.
Breaking changes
- The minimum supported version of Kubernetes is now v1.20.6. Note that Flux may work on Kubernetes 1.19, but we don’t recommend running EOL versions in production.
- On multi-tenant clusters, Flux controllers are now using the native Kubernetes impersonation feature. When both
spec.kubeConfig
andspec.ServiceAccountName
are specified in Flux custom resources, the controllers will impersonate the service account on the target cluster, previously the controllers ignored the service account.
Security enhancements
- Platform admins have the option to lock down Flux on multi-tenant clusters and enforce tenant isolation at namespace level without having to use a 3rd party admission controller.
- The Flux installation conforms to the Kubernetes restricted pod security standard and the Seccomp runtime default security profile was enabled for all controllers.
- The container images of all Flux's components are signed with Cosign and GitHub OIDC.
- Flux releases include a Software Bill of Materials (SBOM) that is available for download on the GitHub release page.
New features and improvements
- Preview local changes against live clusters with the
flux diff kustomization
command. - Undo changes made directly on clusters (with kubectl server-side apply) to Flux managed objects.
- Native support for Hashicorp Vault token-based authentication when decrypting SOPS encrypted secrets.
- Auto-login to AWS ECR, Azure ACR and Google Cloud GCR for image update automation on EKS, AKS or GKE.
- On single-tenant clusters, image automation can now refer to Git repositories in other namespaces than the
ImageImageUpdateAutomation
object.
Components changelog
- source-controller v0.21.1 v0.21.0
- kustomize-controller v0.20.0
- helm-controller v0.16.0
- notification-controller v0.21.0
- image-reflector-controller v0.16.0
- image-automation-controller v0.20.0
CLI Changelog
- PR #2167 - @souleb - Preview local changes with flux build/diff kustomization
- PR #2356 - @stefanprodan - Adapt diff test to match Kubernetes 1.23.3 API response
- PR #2348 - @pjbgf - Add pkg-config to arm runners
- PR #2347 - @stealthybox - Fix output usage for
flux get <sources|images>
- PR #2345 - @fluxcdbot - Update toolkit components
- PR #2343 - @stefanprodan - Set minimum supported version to Kubernetes 1.20.6
- PR #2342 - @stefanprodan - Run the CLI as non-root
- PR #2336 - @souleb - Upgrade go-git-providers to v0.5.3
- PR #2317 - @souleb - Add license Header to internal/build files
- PR #2316 - @pjbgf - [security] Enable pod security warnings for flux-system
v0.25.3
CLI Changelog
- PR #2305 - @stefanprodan - Update kubectl to 1.23.1 in flux-cli container image
- PR #2304 - @stefanprodan - ci: Fix release notes generator
- PR #2301 - @stefanprodan - Sign the release artifacts checksums and images
- PR #2300 - @stefanprodan - Fix Azure e2e tests and GoReleaser buildx directive
- PR #2296 - @relu - Fix Archlinux PKGBUILD check() run on ARM
- PR #2295 - @stefanprodan - Publish Flux Software Bill of Materials (SBOM)
- PR #2294 - @stefanprodan - Improve the bootstrap e2e test workflow
v0.25.2
Highlights
Flux v0.25.2 is a patch release that comes with a regression bug fix for Kubernetes 1.21 introduced in v0.25.0.
Components changelog
- kustomize-controller v0.19.1
CLI changelog
- PR #2291 - @fluxcdbot - Update kustomize-controller to v0.19.1
- PR #2290 - @stefanprodan - Update dependencies
- PR #2288 - @aryan9600 - Fix makefile envtest setup and usage
- PR #2141 - @schrej - Simplify arguments of flux trace command
Docker images
docker pull fluxcd/flux-cli:v0.25.2
docker pull ghcr.io/fluxcd/flux-cli:v0.25.2
v0.25.1
Highlights
Flux v0.25.1 is a patch release that comes with a regression bug fix for self-hosted GitLab bootstrap introduced in v0.25.0.
CLI changelog
Docker images
docker pull fluxcd/flux-cli:v0.25.1
docker pull ghcr.io/fluxcd/flux-cli:v0.25.1
v0.25.0
Highlights
Flux v0.25.0 comes with various bug fixes and no breaking changes. Users are encouraged to upgrade for the best experience.
This version aligns Flux and its components with the Kubernetes 1.23 release and Helm 3.7.
The Flux CLI and the GitOps Toolkit controllers are now build with Go 1.17 and Alpine 3.15.
In addition, various Go and OS packages were updated to fix known CVEs.
Note that Kubernetes 1.19 has reached end-of-life in November 2021. This is the last Flux release where Kubernetes 1.19 is supported.
Components changelog
- source-controller v0.20.1 v0.20.0
- kustomize-controller v0.19.0
- helm-controller v0.15.0
- notification-controller v0.20.1 v0.20.0
- image-reflector-controller v0.15.0
- image-automation-controller v0.19.0
CLI changelog
- PR #2281 - @Skarlso - Add optional bindir input to Flux GitHub Action
- PR #2280 - @stefanprodan - Update Git providers
- PR #2278 - @fluxcdbot - Update notification-controller to v0.20.1
- PR #2272 - @hiddeco - Update golang.org/x/crypto to latest main
- PR #2271 - @stefanprodan - Update toolkit components and packages
- PR #2259 - @fluxcdbot - Update toolkit components
- PR #2234 - @souleb - Use provided SSH hostname to sync with SSH
- PR #2223 - @stefanprodan - Add the Helm CLI to the GitHub ARM64 runners setup
- PR #2213 - @relu - Fix ./manifests/scripts/bundle.sh path resolution
- PR #2212 - @squaremo - [RFC-0001] Memorandum on the authorization model
- PR #2208 - @grafjo - Update kube-prometheus-stack to 23.2.0
Docker images
docker pull fluxcd/flux-cli:v0.25.0
docker pull ghcr.io/fluxcd/flux-cli:v0.25.0
v0.24.1
Highlights
This version comes with a change to the length of the SHA hex added to the SemVer metadata composed for a HelmChart
from GitRepository
and Bucket
resources with a Revision
reconcile strategy. Refer to the source-controller changelog for more information.
Components changelog
CLI changelog
- PR #2195 - @Nalum - Removing Kubernetes API Request Duration Graph
- PR #2194 - @kingdonb - monitoring: Pin kube-prometheus-stack to v19.3.0
- PR #2191 - @stefanprodan - Run the ARM64 e2e tests on Equinix hardware
- PR #2178 - @fluxcdbot - Update toolkit components
- PR #2159 - @hiddeco - cmd: start trace short description with T
- PR #2153 - @stefanprodan - e2e: Update Calico to v3.20
Docker images
docker pull fluxcd/flux-cli:v0.24.1
docker pull ghcr.io/fluxcd/flux-cli:v0.24.1