chore(deps): update dependency fluxcd/flux2 to v0.39.0
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| fluxcd/flux2 | minor |
v0.38.3 -> v0.39.0
|
Release Notes
fluxcd/flux2
v0.39.0
Highlights
Flux v0.39.0 comes with new features and improvements. Users are encouraged to upgrade for the best experience.
Starting with this version, the Flux controllers come with SBOMs and SLSA Provenance Attestations embedded in their container images.
The Flux Terraform Provider has a new resource for bootstrapping Flux, without depending on third-party Terraform providers, that allows customising the controllers at install time. Users are encouraged to migrate to this new resources and provide feedback.
The Flux CLI is now included in Wolfi OS, the Linux (Un)distro designed for securing the software supply chain. The Chainguard team and Wolfi maintainers are shipping updates for the Flux package on a regular basis.
Features and improvements
- Recreate immutable resources (e.g. Kubernetes Jobs) by annotating or labeling them with
kustomize.toolkit.fluxcd.io/force: enabled. - Support for HTTPS bearer token authentication for Git repositories.
- Improve memory usage by disabling the caching of Secret and ConfigMap resources in all controllers.
- Better observability with progressive status updates for Sources (Git, OCI, Helm, S3 Buckets).
- Allow extracting the OCI artifact SHA256 digest for Cosign with
flux push artifact -o json. - Track CRDs managed by Flux,
flux traceandflux treewill show which HelmRelease deployed which CRDs. - Allow the Flux GitHub Action to use a GitHub token when checking for updates to avoid rate limiting.
New documentation
- Security: Software Bill of Materials
- Security: SLSA Provenance Attestations
- Security: Scanning Flux images for CVEs
Components changelog
- source-controller v0.34.0
- kustomize-controller v0.33.0
- helm-controller v0.29.0
- notification-controller v0.31.0
- image-reflector-controller v0.24.0
- image-automation-controller v0.29.0
CLI Changelog
- MR #3550 - @stefanprodan - flux tree: Set CRDs GroupKind in output
- MR #3549 - @stefanprodan - flux tree: Track CRDs managed by HelmReleases
- MR #3545 - @fluxcdbot - Update toolkit components
- MR #3542 - @stefanprodan - flux tree: Add namespaces to objects reconciled from HRs
- MR #3540 - @stefanprodan - Add json/yaml output to flux push artifact
- MR #3537 - @stefanprodan - Update dependencies to Kubernetes v1.26.1
- MR #3532 - @stefanprodan - Update Alpine to v3.17 and kubectl to v1.26.1 in flux-cli image
- MR #3531 - @makkes - fix misleading messaging when using
-Aflag - MR #3529 - @dependabot[bot] - build(deps): bump docker/setup-buildx-action from 2.2.1 to 2.4.0
- MR #3526 - @dependabot[bot] - Bump anchore/sbom-action from 0.13.1 to 0.13.3
- MR #3525 - @dependabot[bot] - Bump github/codeql-action from 2.1.38 to 2.2.1
- MR #3524 - @dependabot[bot] - Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1
- MR #3517 - @jooooel - Fix broken GitHub Action and handle case where VERSION is provided as an input
- MR #3507 - @thezanke - Update prometheus-community helm repo due to the suspension of OCI builds
- MR #3501 - @kingdonb - Add GITHUB_TOKEN to Flux GitHub Action
- MR #3488 - @dependabot[bot] - Bump snyk/actions from
1cc9026toe25b2e6 - MR #3487 - @dependabot[bot] - Bump actions/cache from 3.2.2 to 3.2.3
- MR #3486 - @dependabot[bot] - Bump github/codeql-action from 2.1.37 to 2.1.38
- MR #3477 - @raffis - fix(install-script): support $GITHUB_TOKEN
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot. The local configuration can be found in the SI Renovate Bot repository.