flux2 changelogs | diffwithgpt
AI Summary
The commit adds RBAC rules to allow the controller to create service account tokens. This change is likely to enable workload identity by granting the necessary permissions.
Commit Log
[RFC-0010] Add RBAC for creating service account tokens
AI Summary
The RFC removes support for EKS Pod Identity in the multi-tenant workload identity proposal due to technical limitations. The change clarifies that EKS Pod Identity cannot be supported because it requires pod-specific ServiceAccount tokens, which are not accessible to the Flux controller.
Commit Log
[RFC-0010] Remove EKS Pod Identity from the proposal
AI Summary
The diff updates the project to use Go 1.24.0 and Kubernetes 1.33.0, along with various dependencies and tooling versions. Several logger format strings have been updated to use string formatting with %s to ensure compatibility with Go 1.24.0's changes in the fmt package. Dependency versions have been updated to align with the new Go and Kubernetes versions, which may include bug fixes, security patches, and new features.
Commit Log
Update to Kubernetes 1.33.0 and Go 1.24.0
AI Summary
The commit updates the conformance test workflow to include Kubernetes 1.33.0 as a test target. It also upgrades the version of the conformance test tool from v0.22.0 to v0.27.0.
Commit Log
Run conformance tests for Kubernetes 1.33.0
AI Summary
The code change allows recursive dry-run operations over local sources in Flux2 by modifying the builder logic to handle dry-run mode with local kustomization files. The modification ensures that when dry-run is enabled and a local kustomization file is provided, the builder uses the local file instead of retrieving it from the cluster.
Commit Log
fix: allow recursive dry-run over local sources
AI Summary
The code resets the target struct before decoding to ensure it is empty and ready for new data. This change likely prevents leftover data from previous operations from interfering with new decoding processes.
Commit Log
Reset target struct before decoding
AI Summary
The code adds a test to ensure that multiple Kustomizations in a single YAML file are parsed correctly and that previous Kustomizations do not leak into subsequent ones. The test uses a YAML file with multiple Kustomization documents to verify that the unmarshalling logic resets state between documents.
Commit Log
Add test for reading multiple Kustomizations in a single file
AI Summary
The RFC introduces multi-tenant workload identity support in Flux, allowing objects to specify cloud provider identities for reconciliation without using secrets. The implementation involves associating Flux objects with Kubernetes ServiceAccounts and using a new library to handle token creation and exchange for cloud providers.
Commit Log
[RFC-0010] Multi-Tenant Workload Identity
AI Summary
The code introduces a new `--insecure-repository` flag to allow pulling/pushing artifacts without TLS by passing the `crane.Insecure` option to the crane client. This change adds a security risk by allowing insecure connections, which could expose data to man-in-the-middle attacks.
Commit Log
Allow to pull/push artifacts without TLS If applied, this commit will introduce a new `--insecure-repository` flag to the following commands: `push artifacts`, `pull artifact`, `diff artifact` and `list artifacts`. When used the flag will lead to the option `crane.Insecure` being passed to the `crane` client allowing the use of insecure repositories.
AI Summary
The commit updates several Go dependencies, including helm.sh/helm/v3 from 3.17.0 to 3.17.3, along with other indirect dependencies to newer versions. These updates likely include bug fixes, security patches, and performance improvements from the upstream libraries.
Commit Log
build(deps): bump helm.sh/helm/v3 from 3.17.0 to 3.17.3 Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.17.0 to 3.17.3. - [Release notes](https://github.com/helm/helm/releases) - [Commits](https://github.com/helm/helm/compare/v3.17.0...v3.17.3) --- updated-dependencies: - dependency-name: helm.sh/helm/v3 dependency-version: 3.17.3 dependency-type: indirect ...
AI Summary
The code adds a configuration file to ignore a false-positive check in the OSSF Scorecard tool. The specific check being ignored is related to dangerous workflows, with a reason provided to justify the exclusion.
Commit Log
add: OSSF scorecard configuration file - ignore false-positive
AI Summary
The commit updates the release workflow to use GoReleaser's native changelog generation instead of a separate utility. It removes the dependency on the external 'github-release-notes' tool by leveraging GoReleaser's built-in functionality.
Commit Log
ci: sw to goreleaser changlog gen; rm dep
AI Summary
The commit changes the GitHub Actions workflow to use the default ephemeral GITHUB_TOKEN instead of the static GHCR_TOKEN for Docker registry authentication. This change likely aims to improve security by using the default token, which is automatically generated for each workflow run, rather than a long-lived token.
Commit Log
change: use the default ephemeral GITHUB_TOKEN instead of the static GHCR_TOKEN
AI Summary
The code change removes a redundant space before the word 'git' in a comment. This is a minor formatting adjustment with no functional impact.
Commit Log
Remove redundant space.
AI Summary
The code change removes a TODO comment and replaces a manual conversion of ValuesFrom sources with direct usage of the original values, likely to simplify handling of values references. The change ensures that the debug command now correctly uses the targetPath from the test data, which was previously ignored.
Commit Log
Fix command debug hr not taking targetPath into account
AI Summary
The commit adds backport labels for release/v2.4.x and release/v2.5.x in the labels.yaml file. This change is likely to support tracking backport tasks for these specific release branches.
Commit Log
Update backport labels for 2.5
AI Summary
The commit updates several dependencies, including kustomize-controller to version 1.5.1, which likely includes bug fixes and improvements. It also upgrades other Go packages like golang.org/x/crypto and k8s.io packages to newer versions, which may address security issues or add new features.
Commit Log
Update toolkit components - kustomize-controller to v1.5.1 https://github.com/fluxcd/kustomize-controller/blob/v1.5.1/CHANGELOG.md
AI Summary
The commit updates the status of RFC 0008 and RFC 0009 from 'implementable' to 'implemented' and updates their last update dates. It also adds a note indicating that both RFCs are now generally available in Flux v2.5.
Commit Log
Update RFC 0008 and RFC 0009 milestones
AI Summary
The commit updates the kubectl version in the flux-cli Docker image from 1.32.0 to 1.32.2. It modifies the Dockerfile to fetch the new kubectl binary and verifies its version.
Commit Log
Update kubectl in flux-cli image
AI Summary
The commit updates the OpenShift version in the conformance workflow to 4.17.0-okd, likely to align with newer testing environments. The Dockerfile now uses a different URL to download kubectl, possibly to ensure compatibility with the latest release or fix a broken link.
Commit Log
Update flux-cli image
AI Summary
The code updates the minimum supported Kubernetes version to 1.30 across multiple files, including CI configurations and test data. This change ensures compatibility with newer Kubernetes versions and may exclude support for older versions like 1.28 and 1.29.
Commit Log
Update Kubernetes min supported version to 1.30
AI Summary
The commit corrects the name of a GitHub App secret from 'github-sa' to 'github-app' in the README.md file. This change ensures consistency with the actual GitHub App configuration and avoids potential confusion or errors in secret management.
Commit Log
fix: correct name on github app secret
AI Summary
The commit updates dependencies in the integration tests for Flux 2.5 to align with newer versions of various libraries and packages. This change ensures compatibility with the latest features and bug fixes in the dependencies, which may improve test reliability and support for new functionality.
Commit Log
Update integration tests dependencies for Flux 2.5
AI Summary
The commit updates the versions of helm-controller, kustomize-controller, and image-automation-controller to their latest releases, ensuring compatibility with the latest features and security fixes. It also updates the corresponding CRD and deployment manifests to match the new versions, ensuring the correct resources are deployed.
Commit Log
Update toolkit components - helm-controller to v1.2.0 https://github.com/fluxcd/helm-controller/blob/v1.2.0/CHANGELOG.md - kustomize-controller to v1.5.0 https://github.com/fluxcd/kustomize-controller/blob/v1.5.0/CHANGELOG.md - image-automation-controller to v0.40.0 https://github.com/fluxcd/image-automation-controller/blob/v0.40.0/CHANGELOG.md
AI Summary
The commit updates the versions of Flux CD components to their latest releases, including source-controller, notification-controller, and image-reflector-controller. It modifies the go.mod and go.sum files to reflect the new version dependencies and updates the kustomization.yaml files to point to the new release assets for each component.
Commit Log
Update toolkit components - source-controller to v1.5.0 https://github.com/fluxcd/source-controller/blob/v1.5.0/CHANGELOG.md - notification-controller to v1.5.0 https://github.com/fluxcd/notification-controller/blob/v1.5.0/CHANGELOG.md - image-reflector-controller to v0.34.0 https://github.com/fluxcd/image-reflector-controller/blob/v0.34.0/CHANGELOG.md
AI Summary
The code adds support for creating GitHub App secrets and Git sources in Flux2, allowing authentication with GitHub via App credentials. It includes validation, command-line flags, and tests to ensure correct usage and error handling for the new features.
Commit Log
[RFC-007] Flux cmd support for GitHub provider: This commit includes the following changes - - Add flux create secret githubapp command that accepts and validates the inputs to create a github app secret with options to export the secret yaml or create the secret directly in the Kubernetes cluster - Add tests for flux create secret githubapp command - Add flux create source git command that accepts and validates the inputs to create a gitrepository source with for github provider with options to export the source yaml or create the github gitrepository source directly in the Kubernetes cluster. - Add tests for flux create source git command for github provider.
AI Summary
The commit updates the dependency 'github.com/distribution/distribution/v3' from version 3.0.0-rc.2 to 3.0.0-rc.3. This change likely aims to incorporate bug fixes, security patches, or new features from the newer release.
Commit Log
build(deps): bump github.com/distribution/distribution/v3 Bumps [github.com/distribution/distribution/v3](https://github.com/distribution/distribution) from 3.0.0-rc.2 to 3.0.0-rc.3. - [Release notes](https://github.com/distribution/distribution/releases) - [Commits](https://github.com/distribution/distribution/compare/v3.0.0-rc.2...v3.0.0-rc.3) --- updated-dependencies: - dependency-name: github.com/distribution/distribution/v3 dependency-type: direct:production ...
AI Summary
The commit upgrades the version of the 'pkg/runtime' dependency from 0.53.0 to 0.53.1 across multiple modules. This change likely aims to incorporate bug fixes, security patches, or new features from the updated runtime package.
Commit Log
Upgrade pkg/runtime
AI Summary
The commit updates the conformance test suite to use Go version 1.23.x instead of 1.22.x. It also updates the Kubernetes, K3s, and OpenShift versions in the test matrix to newer releases.
Commit Log
Update conformance test suite
AI Summary
The commit updates multiple GitHub Actions dependencies across various workflows to newer versions, primarily for Go setup, Helm, FluxCD, and other CI tools. These updates likely aim to improve stability, security, and feature support in the CI/CD pipelines by leveraging the latest versions of these tools.
Commit Log
build(deps): bump the ci group across 1 directory with 13 updates Bumps the ci group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/setup-go](https://github.com/actions/setup-go) | `5.1.0` | `5.3.0` | | [helm/kind-action](https://github.com/helm/kind-action) | `1.10.0` | `1.12.0` | | [fluxcd/pkg](https://github.com/fluxcd/pkg) | `1.0.0` | `1.2.0` | | [replicatedhq/replicated-actions](https://github.com/replicatedhq/replicated-actions) | `1.16.2` | `1.17.0` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.7` | `2.1.8` | | [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `2.1.2` | `2.1.4` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.2.0` | `3.4.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.7.1` | `3.9.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `4.6.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.27.6` | `3.28.9` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.17.8` | `0.18.0` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.7.0` | `3.8.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.5` | `7.0.6` |
AI Summary
The code adds a new ignore rule for the 'kustomize.toolkit.fluxcd.io/ssa' label in the diff function to align with kustomize-controller behavior. This change ensures resources with the specified label are skipped during the diff process, improving consistency with kustomize-controller's resource handling.
Commit Log
Align skipping of resources in flux diff to kustomize-controller
AI Summary
The code diff updates project dependencies to newer versions. This likely aims to fix bugs, improve security, or add new features.
Commit Log
Update dependencies
AI Summary
The commit updates the RFC to reflect the current status and evaluation logic for custom health checks using CEL in Flux. It clarifies the order of evaluation for InProgress, Failed, and Current expressions and introduces a new approach to determine in-progress status based on observedGeneration and metadata.generation fields. The changes include updating the code to use the HealthCheckExpressions struct and modifying the evaluation logic to handle errors and return appropriate statuses.
Commit Log
Clarify expression evaluation logic
AI Summary
The code change updates the documentation to clarify that the purpose of the `CustomHealthCheck` feature is to determine the health of a custom resource, not just its status. It also corrects examples and explanations to align with the actual behavior of the `healthCheckExprs` feature, particularly for resources like `Certificate` from cert-manager. The change ensures that the documentation accurately reflects how the controller evaluates expressions for health states like `Current`, `Failed`, and `InProgress`.
Commit Log
Apply suggestions from code review
AI Summary
The commit updates the documentation to clarify that the custom health checks should be flexible without requiring changes to Flux source code for new CRDs. It also adds details about error handling in CEL expressions, the behavior of optional fields like `InProgress` and `Failed`, and how the controller evaluates these conditions. The changes improve clarity and user guidance on using the custom health check library with CEL.
Commit Log
Explain the evaluation logic based on conditions
AI Summary
The code adds an example of how to define custom health checks for a Cluster resource in ClusterAPI using the RFC format. The example demonstrates how to check the inProgress, failed, and current states of a Cluster based on its status conditions.
Commit Log
Add ClusterAPI example to RFC
AI Summary
The code adds an example of using `SealedSecret` with custom health checks in the RFC documentation. It demonstrates how to evaluate the `Synced` condition using CEL expressions for inProgress, failed, and current states.
Commit Log
Add `SealedSecret` example to RFC
AI Summary
The commit updates the RFC to provide a generic solution for customizing health checks of custom resources and encourages community contributions to a health check library. It introduces a new section in the RFC detailing the Custom Health Check Library and its purpose, including community involvement and resource support.
Commit Log
Add Custom Health Check Library to RFC
AI Summary
The RFC updates the Flux `Kustomization` CRD to support custom health checks using CEL expressions for non-standard Kubernetes resources. The new field `healthCheckExprs` allows users to define CEL expressions for evaluating the status of custom resources, replacing the previous `customHealthChecksExprs` field.
Commit Log
Rework the custom health check spec
AI Summary
This RFC proposes adding a new field `customHealthChecksExprs` to the `Kustomization` CRD to allow users to define custom health checks using CEL expressions for custom resources. The implementation introduces a generic status reader that evaluates CEL expressions to determine the status of custom resources, enabling flexible and reusable health checks without modifying Flux's core code.
Commit Log
Add RFC - Custom Health Checks for Kustomization using Common Expression Language(CEL)
AI Summary
The code adds a check for the case when the number of arguments is less than 1, providing a more specific error message. This change improves error handling by distinguishing between no arguments provided and missing objects.
Commit Log
handle len(args) < 1 case
AI Summary
The code change modifies the `getPatchedResumables` function to pass `args` to the `patch` function, enabling more detailed error messages based on specific object names. This change allows the function to handle individual object resumption by name, improving error reporting when objects are not found.
Commit Log
pass args to enable more detailed error message
AI Summary
The commit updates a golden file to reflect a more specific error message when a Kustomization object is not found. The change improves clarity by specifying the exact name of the missing Kustomization object.
Commit Log
fix golden file
AI Summary
The code adds a more specific error message when a non-existent object is specified during a 'flux resume' operation. It checks if the list of resumable objects is empty and logs a failure message with the object name and namespace.
Commit Log
Improve "flux resume" error message on non-existent object
AI Summary
The code change updates the call to `upsertAndWait` to use the `names` variable instead of `imageRepositoryType`, aligning with the intended resource type. This change likely ensures that the correct resource type (e.g., ImagePolicy) is used during creation, improving consistency and correctness.
Commit Log
Fix create command always using imageRepositoryType
AI Summary
The commit adds OpenShift versions 4.16 and 4.17 to the conformance testing matrix. This ensures compatibility and functionality are validated against newer OpenShift versions.
Commit Log
Add OpenShift 4.16 & 4.17 to conformance testing
AI Summary
This RFC introduces a mechanism to allow Flux users to define custom metadata in annotations of Flux objects, which will be propagated to notification providers as event metadata. The proposed solution uses a specific API group prefix `event.toolkit.fluxcd.io/` for annotations, which will be included in event metadata sent to notification-controller.
Commit Log
Add RFC 0008 - Custom Event Metadata from Annotations
AI Summary
The code change enforces that at least one of the debug flags (showStatus or showValues) must be selected in the 'flux debug hr' command. The modification introduces a condition that checks for either both flags being false or both being true, returning an error in such cases.
Commit Log
Make `flux debug hr` single flag selection required
AI Summary
The code adds links to status documentation for HelmRelease and Kustomization in the `flux debug` commands to improve user guidance. It also includes a check for the presence of PostBuild in Kustomization and replicates controller behavior for value substitution.
Commit Log
Add links to status docs in `flux debug` commands
AI Summary
The code adds name completion functionality to debug commands for HelmRelease and Kustomization resources. This allows users to auto-complete resource names when running the debug commands, improving usability.
Commit Log
Add name completion to debug commands
AI Summary
The code implements a new `flux debug kustomization` command to debug Flux Kustomization resources by printing their status or final substitution variables. It includes test cases to validate the command's behavior with different flags and scenarios, ensuring correct handling of ConfigMaps and Secrets.
Commit Log
Implement `flux debug kustomization` command
AI Summary
The code adds missing copyright headers to test files in the flux project. These headers are necessary for compliance with the Apache License, Version 2.0.
Commit Log
Add missing copyright headers
AI Summary
The code adds a preview note to the long description of the `debug helmrelease` command to indicate it's in preview mode. This change likely aims to inform users that the command is experimental or under development.
Commit Log
Add preview note to `debug hr`
AI Summary
The commit updates dependencies to Kubernetes 1.32.0 and Go 1.23.0, aligning the project with the latest versions for improved compatibility and security. It also updates the Alpine base image in Dockerfiles and adjusts versioned dependencies in go.mod and go.sum to ensure compatibility with the new Go version and Kubernetes release.
Commit Log
Update dependencies to Kubernetes 1.32.0 and Go 1.23.0
AI Summary
The commit updates the conformance test workflow to include Kubernetes version 1.32.0. This change ensures that the project's conformance tests now validate compatibility with the latest Kubernetes release.
Commit Log
Run conformance tests for Kubernetes 1.32.0
AI Summary
The code implements a new `flux debug helmrelease` command to debug HelmRelease resources by printing their status and final values. It includes a test suite to validate the command's behavior with different scenarios, such as inline values and values from ConfigMaps and Secrets.
Commit Log
Implement `flux debug helmrelease` command
AI Summary
The commit adds a step to set up Terraform using the hashicorp/setup-terraform action version v3.1.2 in both e2e-azure.yaml and e2e-gcp.yaml workflows. This change ensures that the latest version of Terraform is installed before running end-to-end tests on Azure and GCP platforms.
Commit Log
workflows: Use setup-terraform to install latest
AI Summary
The code diff updates project dependencies to newer versions. This likely aims to incorporate bug fixes, security patches, and new features from updated libraries.
Commit Log
Update dependencies
AI Summary
The commit updates multiple GitHub Actions dependencies across various workflows to newer versions, including actions/checkout, actions/setup-go, and others. These updates likely aim to incorporate bug fixes, security patches, and new features from the latest versions of the dependencies.
Commit Log
build(deps): bump the ci group across 1 directory with 11 updates Bumps the ci group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.0` | `4.2.2` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.2` | `5.1.0` | | [fluxcd/pkg](https://github.com/fluxcd/pkg) | `30c101fc7c9fac4d84937ff4890a3da46a9db2dd` | `5bf9095331052934ae6b4585b8632c0e5b0a2106` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.5` | `2.1.7` | | [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `2.1.1` | `2.1.2` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.6.1` | `3.7.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `4.4.3` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.26.9` | `3.27.6` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.17.2` | `0.17.8` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.6.0` | `3.7.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `6.0.0` | `6.1.0` |
AI Summary
The diff fixes misplaced quotes in command-line arguments for flux build and diff commands, ensuring correct parsing of ignore paths and local sources. The changes are minor and likely aimed at improving code readability and preventing potential parsing issues in the CLI arguments.
Commit Log
fix misplaced quotes
AI Summary
The code modification skips diffing Kustomizations that reference remote clusters via `kubeConfig.secretRef` to avoid incorrect diffs. A warning message is added to indicate that remote Kustomizations are skipped during recursive diffs.
Commit Log
fix: skip remote Kustomizations on recursive diff When recursively diffing Kustomization objects on a cluster, each Kustomization is built and then a server-side dry-run apply is performed. This isn't practical to perform if the Kustomization references a remote cluster via `kubeConfig.secretRef`. Currently, because it's not skipped, it's treated as though it's being applied to the context cluster, not the remote cluter, which results in an incorrect diff. Instead, write out special message / warnings indicating that it has been skipped: ``` ► Kustomization/my-ns/my-kst skipped: diff not supported for remote clusters ```
AI Summary
The commit adds a reference to the Flux upgrade guide in the release notes template to help users find upgrade instructions. This change improves user experience by directing users to up-to-date upgrade information.
Commit Log
docs: Mention Flux upgrade guide in release notes See https://github.com/fluxcd/flux2/discussions/5072
AI Summary
The code change updates an error message to clarify that the missing 'kind' is the issue, not the name. This change improves error clarity for users when a kustomization source lacks a specified kind.
Commit Log
fix: error message for missing kind
AI Summary
The commit updates the GitHub Actions workflow to use a different action repository for creating clusters. The change replaces 'compatibility-actions' with 'replicated-actions' in the action's GitHub path.
Commit Log
Update conformance.yaml
AI Summary
The commit updates several dependencies in the project to newer versions, primarily focusing on Kubernetes-related packages and other supporting libraries. This update likely aims to address security vulnerabilities, improve functionality, or align with new features in the updated dependencies.
Commit Log
Update Kubernetes dependencies to v1.31.1
AI Summary
The code change removes deprecated TLS flags from the `flux create secret` command, replacing them with newer, standardized flags to improve compatibility and maintainability. This change likely aims to deprecate and remove older TLS-related flags that are no longer supported or recommended, ensuring the tool aligns with current best practices and standards. Potential risks include breaking changes for users who relied on the deprecated flags, requiring them to update their workflows or scripts accordingly.
Commit Log
Remove TLS deprecated flags from `flux create secret`
AI Summary
The code adds a `flux create secret proxy` command to generate a Kubernetes secret for proxy authentication with specified address, username, and password. It integrates with the existing secret generation framework by using the `sourcesecret` package and supports exporting the secret in YAML format for encryption with SOPS.
Commit Log
Add `flux create secret proxy` command
AI Summary
The code adds a `--proxy-secret-ref` flag to the `flux create source` commands for bucket, Git, and OCI sources, allowing proxy credentials to be referenced from a secret. This change enables users to securely provide proxy credentials by referencing an existing secret instead of embedding them directly in the command.
Commit Log
Add `--proxy-secret-ref` to `flux create source` commands
AI Summary
The commit updates several Flux2 controller versions to their latest releases, including helm-controller, kustomize-controller, notification-controller, image-reflector-controller, and image-automation-controller, along with minor updates to k8s.io dependencies. It also updates the CRD and deployment manifests for each controller to match the new versions, ensuring compatibility with the latest APIs and features.
Commit Log
Update toolkit components - helm-controller to v1.1.0 https://github.com/fluxcd/helm-controller/blob/v1.1.0/CHANGELOG.md - kustomize-controller to v1.4.0 https://github.com/fluxcd/kustomize-controller/blob/v1.4.0/CHANGELOG.md - notification-controller to v1.4.0 https://github.com/fluxcd/notification-controller/blob/v1.4.0/CHANGELOG.md - image-reflector-controller to v0.33.0 https://github.com/fluxcd/image-reflector-controller/blob/v0.33.0/CHANGELOG.md - image-automation-controller to v0.39.0 https://github.com/fluxcd/image-automation-controller/blob/v0.39.0/CHANGELOG.md
AI Summary
The code promotes the `bucket` commands to General Availability (GA) by updating API version references from v1beta2 to v1 across multiple files. This change involves updating imports, function definitions, and API version references to align with the new stable API version, ensuring compatibility with the latest source-controller API. Potential risks include breaking changes if the new API version (v1) is not fully backward compatible with v1beta2, which could affect existing deployments or integrations.
Commit Log
Promote `bucket` commands to GA
AI Summary
The commit updates the Kubernetes Kind version to v0.24.0 in multiple workflows to align with newer Kubernetes versions. It also updates the node and kubectl versions in the workflows to match the new Kind version, ensuring compatibility.
Commit Log
Update Kubernetes Kind to v0.24.0
AI Summary
The commit updates the Kubernetes and K3s versions in the conformance tests to include newer releases (1.29.7, 1.30.2, 1.31.1) for better compatibility and validation. This change ensures the project remains aligned with the latest Kubernetes and K3s versions, improving test coverage and catching potential issues early.
Commit Log
Run conformance tests for Kubernetes 1.29-1.31
AI Summary
The commit updates multiple GitHub Actions and dependencies across various workflows to newer versions, primarily to improve functionality, security, and compatibility. The changes include upgrading actions/checkout, fluxcd/pkg, Azure/login, actions/upload-artifact, codeql-action, and create-pull-request to their latest versions.
Commit Log
build(deps): bump the ci group across 1 directory with 6 updates Bumps the ci group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.7` | `4.2.0` | | [fluxcd/pkg](https://github.com/fluxcd/pkg) | `e40e7ed2bc31c6b6e36d263b6299e5082d9fef12` | `30c101fc7c9fac4d84937ff4890a3da46a9db2dd` | | [Azure/login](https://github.com/azure/login) | `2.1.1` | `2.2.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.6` | `4.4.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.26.5` | `3.26.9` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.1.0` | `7.0.5` | Updates `actions/checkout` from 4.1.7 to 4.2.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...d632683dd7b4114ad314bca15554477dd762a938)
AI Summary
The code adds a 'provider' field to the GitRepository spec, allowing users to specify the Git provider (azure or generic) when creating a source. Unit tests validate the generated YAML and error handling for valid and invalid provider values.
Commit Log
Flux CLI change to add provider field to GitRepository spec. - Add provider flag to `flux create source git` command with supported values: azure, generic. - Unit tests validating the generated yaml and error conditions.
AI Summary
The commit updates the source-controller dependency to version 1.4.1, which includes bug fixes and improvements. It also updates several Go dependencies to newer versions, potentially addressing security issues or adding new features.
Commit Log
Update toolkit components - source-controller to v1.4.1 https://github.com/fluxcd/source-controller/blob/v1.4.1/CHANGELOG.md
AI Summary
The code adds recursive Kustomization building and diffing functionality, allowing Flux to process nested Kustomizations and local sources. New flags like --recursive and --local-sources are introduced to control recursive behavior and local repository mappings. The implementation includes helper functions to detect Kustomizations, compare them, and build or diff recursively. Test cases are added to validate the recursive behavior and ensure correct handling of local sources and Kustomization diffs.
Commit Log
Recursively build and diff Kustomizations
AI Summary
The code updates the notation-go dependency to version v1.2.1 and adds related indirect dependencies, likely to fix bugs or add new features. The test file was modified to update an error message to match the new version's expected output, ensuring compatibility with the updated library.
Commit Log
build(deps): bump notation-go to v1.2.1
AI Summary
The code change replaces hardcoded file paths with a temporary directory to avoid manual garbage collection. This ensures that test files are cleaned up automatically and reduces the risk of leftover files affecting subsequent tests.
Commit Log
tests: use tempdir to avoid manual gc
AI Summary
The code updates several dependencies in the go.mod and go.sum files to newer versions, including go-git-providers to v0.21.0. The change removes the check for token permissions in the tests/bootstrap/main.go file, which may affect test behavior or validation.
Commit Log
Update `go-git-providers` to v0.21.0
AI Summary
The commit updates dependencies in GitHub Actions workflows to newer versions of fluxcd/pkg and github/codeql-action. The changes ensure the workflows use the latest features and security fixes from the updated packages.
Commit Log
build(deps): bump the ci group with 2 updates Bumps the ci group with 2 updates: [fluxcd/pkg](https://github.com/fluxcd/pkg) and [github/codeql-action](https://github.com/github/codeql-action). Updates `fluxcd/pkg` from 11195c91e5e1898cfa5840267a7fd0aa462cd040 to e40e7ed2bc31c6b6e36d263b6299e5082d9fef12 - [Commits](https://github.com/fluxcd/pkg/compare/11195c91e5e1898cfa5840267a7fd0aa462cd040...e40e7ed2bc31c6b6e36d263b6299e5082d9fef12) Updates `github/codeql-action` from 3.26.4 to 3.26.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/f0f3afee809481da311ca3a6ff1ff51d81dbeb24...2c779ab0d087cd7fe7b826087247c2c81f27bfa6) --- updated-dependencies: - dependency-name: fluxcd/pkg dependency-type: direct:production dependency-group: ci - dependency-name: github/codeql-action dependency-type: direct:production
AI Summary
The commit updates several GitHub Actions used in CI workflows to newer versions, likely to benefit from bug fixes, security patches, or new features. The changes include updating the backport-action, auth, codeql-action, and sbom-action to their latest versions, which may improve reliability and functionality.
Commit Log
build(deps): bump the ci group across 1 directory with 4 updates Bumps the ci group with 4 updates in the / directory: [korthout/backport-action](https://github.com/korthout/backport-action), [google-github-actions/auth](https://github.com/google-github-actions/auth), [github/codeql-action](https://github.com/github/codeql-action) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `korthout/backport-action` from 3.0.2 to 3.1.0 - [Release notes](https://github.com/korthout/backport-action/releases) - [Commits](https://github.com/korthout/backport-action/compare/bd410d37cdcae80be6d969823ff5a225fe5c833f...be567af183754f6a5d831ae90f648954763f17f5) Updates `google-github-actions/auth` from 2.1.4 to 2.1.5 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](https://github.com/google-github-actions/auth/compare/f112390a2df9932162083945e46d439060d66ec2...62cf5bd3e4211a0a0b51f2c6d6a37129d828611d) Updates `github/codeql-action` from 3.26.1 to 3.26.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/29d86d22a34ea372b1bbf3b2dced2e25ca6b3384...f0f3afee809481da311ca3a6ff1ff51d81dbeb24) Updates `anchore/sbom-action` from 0.17.1 to 0.17.2
AI Summary
The commit updates several GitHub Actions workflows to pin specific versions of dependencies, ensuring consistent behavior and avoiding potential issues with token permissions and dependency updates. The changes include specifying exact commit hashes for actions like kustomize, yq, and others, which helps prevent unexpected behavior due to breaking changes in newer versions.
Commit Log
fix: fixed the token-permission and pinned dependencies issue
AI Summary
The commit updates the Alpine Linux version from 3.19 to 3.20 in the Dockerfile for the flux-cli image. It also upgrades the Kubernetes version from 1.30.0 to 1.31.0 to ensure compatibility with the new Alpine version.
Commit Log
Update alpine to 3.20 for flux-cli
AI Summary
The commit updates the Go version from 1.22.x to 1.23.x across multiple GitHub Actions workflows. This change ensures compatibility with the latest Go version, potentially enabling new language features and improvements.
Commit Log
Build with Go 1.23
AI Summary
The code diff updates the Kubernetes dependency to version 1.31.0, aligning with the latest stable release. This change ensures compatibility with newer Kubernetes features and security patches.
Commit Log
Update dependencies to Kubernetes v1.31.0
AI Summary
The commit updates multiple GitHub Actions dependencies across various workflows to their latest versions. This is likely done to benefit from bug fixes, security patches, and new features provided by the updated versions.
Commit Log
build(deps): bump the ci group across 1 directory with 13 updates Bumps the ci group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.6` | `4.1.7` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.1` | `5.0.2` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.3` | `2.1.4` | | [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `2.1.0` | `2.1.1` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.0.0` | `3.2.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.3.0` | `3.6.1` | | [docker/login-action](https://github.com/docker/login-action) | `3.2.0` | `3.3.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.3.6` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.8` | `3.26.1` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.16.0` | `0.17.1` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.5.0` | `3.6.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.5` | `6.1.0` |
AI Summary
The commit adds Kubernetes v1.31.0 to the list of versions tested in the conformance workflow. This change ensures the project is tested against the latest Kubernetes version for compatibility and functionality.
Commit Log
Run conformance tests for Kubernetes v1.31
AI Summary
The code introduces spinner start and stop methods to manage a spinner during build and diff operations, replacing direct spinner control with encapsulated methods. The Cancel method now stops the spinner before cleaning up the repository, ensuring the spinner is properly terminated during cancellation.
Commit Log
Stop spinner on cancel
AI Summary
The code change updates the description of the reconcile HelmRelease command to correct the spelling of 'helmrelease'. This is a minor documentation fix aimed at improving clarity and consistency in the command description.
Commit Log
Fix reconcile helmrelease command description
AI Summary
The code introduces a visibility flag for GitLab repositories in flux2, allowing users to specify repository visibility as public, private, or internal. It replaces the deprecated --private flag with --visibility, and includes validation and parsing logic for the new flag.
Commit Log
Introduce visibility flag for bootstrap gitlab
AI Summary
The README.md file has been updated to change the scorecard badge link to a new format. The new link directs to the OpenSSF Scorecard viewer instead of the badge API endpoint.
Commit Log
changed the scorecard badge link to the standard format
AI Summary
The commit updates the conformance test matrix to include Kubernetes v1.30.2, ensuring compatibility with the latest version. This change likely aims to validate the project's functionality against the new Kubernetes version to catch any regressions or incompatibilities.
Commit Log
Update conformance tests to Kubernetes v1.30.2
AI Summary
The commit modifies the GitHub Actions workflow to run e2e tests on ARM64 GitHub runners instead of self-hosted Equinix runners. It replaces the custom `kind` cluster setup with a Helm action for Kubernetes setup and changes the kubeconfig path for test execution.
Commit Log
Run ARM64 e2e tests on GitHub runners
AI Summary
The commit adds the `app.kubernetes.io/part-of: flux` label to the base manifests of multiple controllers in the Flux2 project. This label is likely intended to categorize these controllers under the Flux project for better organization and discovery in Kubernetes environments.
Commit Log
Add `part-of` label to controllers base
AI Summary
This RFC proposes adding passwordless authentication for Git repositories in Flux by supporting OIDC, OAuth2, and IAM methods for major cloud providers and Git SaaS platforms. The new `provider` field in the `GitRepository` API allows users to specify authentication methods like AWS, Azure, GCP, GitHub, and GitLab, eliminating the need for storing passwords in secrets.
Commit Log
RFC: Add passswordless auth for git repos
AI Summary
The code change removes a redundant word 'from' in the comment, improving clarity without altering functionality. This is a minor stylistic improvement with no impact on the behavior of the asyncCopy function.
Commit Log
chore: remove repetitive word
AI Summary
The commit updates the project to use GoRelease v2 by modifying the release configuration files. Changes include adjusting command arguments, build versions, and brew configuration to align with v2's syntax and features.
Commit Log
Adapt config to GoRelease v2
AI Summary
The commit updates multiple CI tool versions across workflows to their latest releases, primarily focusing on improving security, stability, and functionality. The changes include updating actions/checkout, backport-action, Azure/login, Google auth, Docker login, CodeQL, and others to their latest versions.
Commit Log
build(deps): bump the ci group across 1 directory with 8 updates Bumps the ci group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.5` | `4.1.6` | | [korthout/backport-action](https://github.com/korthout/backport-action) | `2.5.0` | `3.0.2` | | [Azure/login](https://github.com/azure/login) | `2.1.0` | `2.1.1` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.2` | `2.1.3` | | [docker/login-action](https://github.com/docker/login-action) | `3.1.0` | `3.2.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `2.13.4` | `3.25.8` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.11` | `0.16.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `5.1.0` | `6.0.0` | Updates `actions/checkout` from 4.1.5 to 4.1.6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
AI Summary
The commit updates multiple GitHub Actions dependencies to their latest versions, including actions/checkout, ossf/scorecard-action, and goreleaser/goreleaser-action. These updates likely aim to benefit from bug fixes, security patches, and new features provided by the latest versions of these actions.
Commit Log
build(deps): bump the ci group with 3 updates Bumps the ci group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [ossf/scorecard-action](https://github.com/ossf/scorecard-action) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action). Updates `actions/checkout` from 4.1.4 to 4.1.5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dcec353f45205ec38ea70b...44c2b7a8a4ea60a981eaca3cf939b5f4305c123b) Updates `ossf/scorecard-action` from 2.3.1 to 2.3.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/0864cf19026789058feabb7e87baa5f140aac736...dc50aa9510b46c811795eb24b2f1ba02a914e534) Updates `goreleaser/goreleaser-action` from 5.0.0 to 5.1.0 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](https://github.com/goreleaser/goreleaser-action/compare/7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8...5742e2a039330cbb23ebf35f046f814d4c6ff811) ---
AI Summary
The code adds support for creating HelmReleases using a chart reference from either a HelmChart or OCIRepository resource, enhancing flexibility in chart source configuration. It introduces new flags and validation logic to handle chart-ref inputs, and updates the reconciliation logic to support chartRef in HelmRelease resources.
Commit Log
Add support for creating HR with .spec.ChartRef