This feature release adds secure support for Git over HTTPS, updates
kubectl
and kustomize
, and does a lot of internal rewiring
without changing user-visible functions or the public APIs.
From this release forward, garbage collection, namespace scoping,
and manifest generation are no longer considered experimental.
git-secret
support after accidentally breaking it
during a refactor that landed in 1.14.0
fluxcd/flux#2429splitConfigFilesAndRawManifestPaths
fluxcd/flux#2455--sync-timeout
, for configuring the timeout of sync
operations. This is mainly of interest to people making use of the
manifest generation feature, or people who are operating
exceptionally large Git repositories fluxcd/flux#2481kubectl
to 1.14.7
and kustomize
to 3.2.0
fluxcd/flux#24611.13.1
fluxcd/flux#24820.5.1
fluxcd/flux#2461snapcraft.yaml
fluxcd/flux#2427v
prefix during release, to make
it available to Go Mod fluxcd/flux#2491weaveworks
to fluxcd
fluxcd/flux#2305pkg/
fluxcd/flux#2464weaveworks
-> fluxcd
)
fluxcd/flux#2430values.
prefix from annotation examples
fluxcd/flux#2436fluxctl
on
Windows using Chocolatey fluxcd/flux#2457fluxctl
documentation fluxcd/flux#2459.flux.yaml
documentation improvements
fluxcd/flux#{#2466, #2467}mergePatchUpdater
in .flux.yaml
documentation, as it is not a thing fluxcd/flux#2469flux
as a default namespace in deploy/
examples fluxcd/flux#2475fluxctl
output
fluxcd/flux#2489--git-path
argument in ‘get started’ and
‘driving Flux’ tutorials
fluxcd/flux#{#2423, #2424}Tip of the hat and many thanks to @davidpristovnik, @dananichev, @Keralin, @domgoodwin @luxas, @squaremo, @stefanprodan, @hiddeco, @elzapp, @nodanero, @dholbach, @stealthybox, @arsiesys, @alexmt, @DarinDouglass, @holger-wg2, @chrisfowles, @timja, @2opremio, @adusumillipraveen for contributions to this release.
This is a patch release, with some important fixes to the handling of HelmRelease resources.
helm.fluxcd.io/v1
resources are present
in the cluster fluxcd/flux#2404--k8s-verbosity
, for controlling Kubernetes client
logging (formerly, this was left disabled) fluxcd/flux#2410Bouquets to @HighwayofLife, @IsNull, @adeleglise, @aliartiza75, @antonosmond, @bforchhammer, @brunowego, @cartyc, @chainlink, @cristian-radu, @dholbach, @dranner-bgt, @fshot, @hiddeco, @isen-ng, @jonohill, @kingdonb, @mflendrich, @mfrister, @mgenov, @raravena80, @rndstr, @robertgates55, @sklemmer, @smartpcr, @squaremo, @stefanprodan, @stefansedich, @yellowmegaman, @ysaakpr for contributions to this release.
This is a patch release.
HelmRelease
resources has been fixed
fluxcd/flux#2400fluxctl install
--git-paths
option has been replaced by
--git-path
, to match the fluxd
option, the --git-paths
has
been deprecated but still works
fluxcd/flux#2392fluxctl
port forward looks for a pod with one of the labels again,
instead of stopping when the first label did not return a result
fluxcd/flux#23941.12.x
fluxcd/flux#2385Thanks @aliartiza75, @ethan-daocloud, @HighwayOfLife, @stefanprodan, @2opremio, @dhbolach, @mbridgen, @hiddeco for contributing to this release.
This feature release adds a read-only mode to the Flux daemon, adds
support for mapping images in HelmRelease
resources using YAML dot
notation annotations, eases the deployment of Flux with a new fluxctl
install
command which generates the required YAML manifests, lots of
documentation improvements, and many more.
--git-readonly
, fluxd
can now sync a git repo without having
write access to it. In this mode, fluxd
will not make any commits
to the repo.
fluxcd/flux#1807HelmRelease resources
using YAML dot notation
annotations is now supported
fluxcd/flux#2249fluxctl
has a new install
command to ease generating the YAML
manifests required to deploy Flux
fluxcd/flux#2287kubectl
-> 1.13.8
fluxcd/flux#2327kustomize
-> 3.1.0
fluxcd/flux#2299fluxcd.io
, but backwards
compatibility with the old (flux.weave.works
) domain is maintained
fluxcd/flux#2219ListImagesWithOptions
has been reduced
fluxcd/flux#2338fluxctl
will only look for running fluxcd
pods while attempting
to setup a port forward
fluxcd/flux#2283--registry-poll-interval
has been renamed to --automation-interval
to better reflect what it controls; the interval at which automated
workloads are checked for updates, and updated.
fluxcd/flux#2284fluxctl
now has a global --timeout
flag, which controls how long
it waits for jobs sent to fluxd
to complete
fluxcd/flux#2056fluxcd/helm-operator
)
fluxcd/flux{#2329, #2356}fluxctl install
has been added
fluxcd/flux#2298charts.fluxcd.io
fluxcd/flux{#2337, #2339, #2341}
Many thanks for contributions from @2opremio, @AndriiOmelianenko, @GODBS, @JDavis10213, @MehrCurry, @Sleepy-GH, @adusumillipraveen, @ainmosni, @alanjcastonguay, @aliartiza75, @autarchprinceps, @benmathews, @blancsys, @carlosjgp, @cristian-radu, @cristian04, @davidkarlsen, @dcherman, @demisx, @derrickburns, @dholbach, @ethan-daocloud, @fred, @gldraphael, @hiddeco, @hlascelles, @ianmiell, @ilya-spv, @jacobsin, @judewin-alef, @jwenz723, @kaspernissen, @knackaron, @ksaritek, @larhauga, @laverya, @linuxbsdfreak, @luxas, @matthewbednarski, @mhumeSF, @mzachh, @nabadger, @obiesmans, @ogerbron, @onedr0p, @paulmil1, @primeroz, @rhockenbury, @runningman84, @rytswd, @semyonslepov, @squaremo, @stealthybox, @stefanprodan, @stefansedich, @suvl, @tjanson, @tomaszkiewicz, @tomcheah, @tschonnie, @ttarczynski, @willholley, @yellowmegaman, @zcourt.
This is a patch release, mostly concerned with adapting documentation to Flux’s new home in https://github.com/fluxcd/ and the CNCF sandbox.
--registry-require
argument mentioned in a
log message fluxcd/flux#2256.flux.yaml
(manifest generation)
docs fluxcd/flux#2270Thanks to the following for contributions since the last release: @2opremio, @aaron-trout, @adusumillipraveen, @alexhumphreys, @aliartiza75, @ariep, @binjheBenjamin, @bricef, @caniszczyk, @carlosjgp, @carlpett, @chriscorn-takt, @cloudoutloud, @derrickburns, @dholbach, @fnmeissner, @gled4er, @hiddeco, @jmtrusona, @jowparks, @jpellizzari, @ksaritek, @ktsakalozos, @mar1n3r0, @mzachh, @primeroz, @squaremo, @stefanprodan, @sureshamk, @vyckou, @ybaruchel, @zoni.
This is a patch release, including a fix for problems with using image labels as timestamps.
--registry-use-labels
weaveworks/flux#2176Thanks go to the following for contributions: @2opremio, @4c74356b41, @ArchiFleKs, @adrian, @alanjcastonguay, @alexanderbuhler, @alexhumphreys, @bobbytables, @derrickburns, @dholbach, @dlespiau, @gaffneyd4, @hiddeco, @hkalsi, @hlascelles, @jaksonwkr, @jblunck, @jwenz723, @linuxbsdfreak, @luxas, @mpashka, @nlamot, @semyonslepov, @squaremo, @stefanprodan, @tegamckinney, @ysaakpr.
This is a patch release.
Cheers to the following people for their contributions: @2opremio, @J-Lou, @aarnaud, @adrian, @airmap-madison, @alanjcastonguay, @arsiesys, @atbe-crowe, @azazel75, @bia, @carlosjgp, @chriscorn-takt, @cristian-radu, @davidkarlsen, @derrickburns, @dholbach, @dlespiau, @errordeveloper, @ewoutp, @hiddeco, @humayunjamal, @isen-ng, @judewin-alef, @kevinm444, @muhlba91, @roaddemon, @runningman84, @squaremo, @starkers, @stefanprodan, @sukrit007, @willholley.
This feature release contains an experimental feature for generating manifests from the sources in git and completes the support for GPG signatures.
metrics
API group, known to be problematic
weaveworks/flux#2096git
weaveworks/flux#2086--manifest-generation
is set, look for .flux.yaml
files in
the git repo and generate manifests according to the instructions
therein (see the docs)
weaveworks/flux#1848--git-verify-signatures
is
set; see the docs) weaveworks/flux#1791--garbage-collection-dry-run
will report what would
be deleted by garbage collection in the log, without deleting it
weaveworks/flux#2063go mod
ules and abandon go dep
weaveworks/flux#2083,
weaveworks/flux#2127, weaveworks/flux#2094snap
weaveworks/flux#1966,
weaveworks/flux#2108Many thanks for contributions from @2opremio, @AndriiOmelianenko, @ArchiFleKs, @RGPosadas, @RoryShively, @alanjcastonguay, @amstee, @arturo-c, @azazel75, @billimek, @brezerk, @bzon, @derrickburns, @dholbach, @dminca, @dmitri-lerko, @guzmo, @hiddeco, @imrtfm, @jan-schumacher, @jp83, @jpds, @kennethredler, @leoblanc, @marcelonaso, @marcossv9, @marklcg, @michaelgeorgeattard, @mr-karan, @nabadger, @ncabatoff, @primeroz, @rdubya16, @rjanovski, @rkouyoumjian, @rndstr, @runningman84, @squaremo, @stefanprodan, @stefansedich, @suvl, @tckb, @timja, @vovkanaz, @willholley.
This is a patch release.
fluxctl
weaveworks/flux#2035fluxctl release
weaveworks/flux#2048Thanks to @2opremio, @hiddeco, @squaremo and @xtellurian for contributions.
This is a patch release.
fluxctl
auto portforward connection error, by better
guiding the user about what could be wrong
weaveworks/flux#2001(Flux)HelmRelease
cluster lookups, before this change, the
same resource ID would be reported for all HelmRelease
s with e.g.
fluctl list-workloads
weaveworks/flux#2018
--controller
flag in documentation with
--workload
weaveworks/flux#1985MAINTAINERS
and include email addresses
weaveworks/flux#1995Thanks to @2opremio, @cdenneen, @hiddeco, @jan-schumacher, @squaremo, @stefanprodan for contributions.
This is a patch release.
arm
and arm64
builds weaveworks/flux#1950Thanks to @2opremio, @UnwashedMeme, @alexanderbuhler, @aronne, @arturo-c, @autarchprinceps, @benhartley, @brantb, @brezerk, @dholbach, @dlespiau, @dvelitchkov, @dwightbiddle-ef, @gtseres, @hiddeco, @hpurmann, @ingshtrom, @isen-ng, @jimangel, @jpds, @kingdonb, @koustubh25, @koustubhg, @michaelfig, @moltar, @nabadger, @primeroz, @rdubya16, @squaremo, @stealthybox, @stefanprodan, @tycoles for contributions.
This release renames some fluxctl commands and arguments while deprecating others, to better follow Kubernetes terminology. In particular, it drops the term “controller” in favour of “workload”; e.g., instead of
fluxctl list-controllers --controller=...
there is now
fluxctl list-workloads --workload=...
The old commands are deprecated but still available for now.
It also extends the namespace restriction flag
(--k8s-allow-namespace
, with a deprecated alias
--k8s-namespace-whitelist
) to cover all operations, including
syncing; previously, it covered only query operations e.g.,
list-images
etc..
fluxctl policy --tag-all
when a manifest does not
have a namespace weaveworks/flux#1901<cluster>
when parsing resource IDs, since it’s now used to
mark cluster-scoped resources weaveworks/flux#1851fluxctl
commands and wherever else it is needed
weaveworks/flux#1777regex
an alias for regexp
in tag filters
weaveworks/flux#1915*List
(e.g., DeploymentList
) resources as lists
weaveworks/flux#1883--k8s-allow-namespace
weaveworks/flux#1668Many thanks to @2opremio, @AmberAttebery, @alanjcastonguay, @alexanderbuhler, @arturo-c, @benhartley, @cruisehall, @dholbach, @dimitropoulos, @hiddeco, @hlascelles, @ipedrazas, @jrryjcksn, @marchmallow, @mazzy89, @mulcahys, @nabadger, @pmquang, @southbanksoftwaredeveloper, @squaremo, @srueg, @stefanprodan, @stevenpall, @stillinbeta, @swade1987, @timfpark, @vanderstack for contributions.
This is a bugfix release, fixing a regression introduced in 1.11.0 which caused syncs to fail when adding a CRD and instance(s) from that CRD at the same time.
This release comes with experimental garbage collection and Git commit signing:
Experimental garbage collection of cluster resources. When providing the
--sync-garbage-collection
flag, cluster resources no longer existing in Git
will be removed. Read the garbage collection documentation
for further details.
GPG
Git commit signing,
when providing --git-signing-key
flag. GPG keys can be imported with
--git-gpg-key-import
. By default Flux will import to and use the keys
in ~/.gnupg
. This path can be overridden by setting the GNUPGHOME
environment
variable.
Commit signature verification is in the works and will be released shortly.
main()
weaveworks/flux#1789fluxctl list-images
adhere to namespace filter
weaveworks/flux#1763make test
weaveworks/flux#1796Policy()
to Policies()
weaveworks/flux#1775Lots of thanks to @2opremio, @Timer, @bboreham, @dholbach, @dimitropoulos, @hiddeco, @scjudd, @squaremo and @stefanprodan for their contributions to this release.
This release provides a deeper integration with Azure (DevOps Git hosts
and ACR) and allows configuring how fluxctl
finds fluxd
(useful for
clusters with multiple fluxd installations).
Lots of thanks to @alanjcastonguay, @hiddeco, and @sarath-p for their contributions to this release.
This release adds the --registry-exclude-image
flag for excluding
images from scanning, allows for registries with self-signed
certificates, and fixes several bugs.
justinbarrick/go-k8s-portforward
to 1.0.2
to correctly
handle multiple paths in the KUBECONFIG
env variable
weaveworks/flux#1658--registry-insecure-host
now first tries to skip TLS host
host verification before falling back to HTTP, allowing registries
with self-signed certificates weaveworks/flux#1526HOME
env variable when invoking Git which allows for mounting
a config file under $HOME/config/git
weaveworks/flux#1644linting
weaveworks/flux#1673Lots of thanks to @2opremio, @alanjcastonguay, @bheesham, @brantb, @dananichev, @dholbach, @dmarkey, @hiddeco, @ncabatoff, @rade, @squaremo, @switchboardOp, @stefanprodan and @Timer for their contributions to this release, and anyone I’ve missed while writing this note.
This release adds native support for ECR (Amazon Elastic Container Registry) authentication.
/etc/hosts
mounted into the fluxd container is
respected weaveworks/flux#1630fluxctl
fails
weaveworks/flux#1615This release was made possible by welcome contributions from @2opremio, @agcooke, @cazzoo, @davidkarlsen, @dholbach, @dmarkey, @donifer, @ericbarch, @errordeveloper, @florianrusch, @gellweiler, @hiddeco, @isindir, @k, @marcincuber, @markbenschop, @Morriz, @rndstr, @roffe, @runningman84, @shahbour, @squaremo, @srueg, @stefanprodan, @stephenmoloney, @switchboardOp, @tobru, @tux-00, @u-phoria, @Viji-Sarathy-Bose.
This holiday season release fixes a handful of annoyances, and adds an
experimental --watch
flag for following the progress of fluxctl
release
.
fluxctl release --watch
shows the rollout
progress of workloads in the release weaveworks/flux#1525Thanks to @Alien2150, @batpok, @bboreham, @brantb, @camilb, @davidkarlsen, @dbluxo, @demikl, @dholbach, @dpgeekzero, @etos, @hiddeco, @iandotmartin, @jakubbujny, @JeremyParker, @JimPruitt, @johnraz, @kopachevsky, @kozejonaz, @leoblanc, @marccarre, @marcincuber, @mgazza, @michalschott, @montyz, @ncabatoff, @nmaupu, @Nogbit, @pdeveltere, @rampreethethiraj, @rndstr, @samisq, @scjudd, @sfrique, @Smirl, @songsak2299, @squaremo, @stefanprodan, @stephenmoloney, @Timer, @whereismyjetpack, @willnewby for contributions in the period up to this release.
This release completes the support for HelmRelease
resources as used
by the Helm operator from v0.5 onwards.
Note This release bakes in kubectl
v.1.11.3, while previous
releases used v1.9.0. Officially, kubectl
is compatible with one
minor version before and one minor version after its own, i.e., now
v1.10-1.12. In practice, it may work fine for most purposes in a wider
range. If you run into difficulties relating to the kubectl
version,
contact us.
HelmRelease
resources are treated as workloads, so they can be
automated, and updated with fluxctl release ...
weaveworks/flux#1382fluxctl --interactive
,
now post detailed notifications to Weave Cloud
weaveworks/flux#1472
and have better commit messages
weaveworks/flux#1479fluxctl
release
output)
weaveworks/flux#1410Thanks go to @Ashiroq, @JimPruitt, @MansM, @Morriz, @Smirl, @Timer, @aytekk, @bzon, @camilb, @claude-leveille, @demikl, @dholbach, @endrec, @foot, @hiddeco, @jrcole2884, @lelenanam, @marcusolsson, @mellena1, @montyz, @olib963, @rade, @rndstr, @sfitts, @squaremo, @stefanprodan, @whereismyjetpack for their contributions.
This release includes a change to how image registries are scanned for metadata, which should reduce the amount of polling, while being sensitive to image metadata that changes frequently, as well as respecting throttling.
--git-timeout
flag for setting the default timeout for git
operations (useful e.g., if you know git clone
will take a long
time)
weaveworks/flux#1416fluxctl list-controllers
now has an alias fluxctl
list-workloads
weaveworks/flux#1425A warm thank-you to @AugustasV, @MansM, @Morriz, @MrYadro, @Timer, @aaron-trout, @bhavin192, @brandon-bethke-neudesic, @brantb, @bzon, @dbluxo, @dholbach, @dlespiau, @endrec, @hiddeco, @justdavid, @justinbarrick, @kozejonaz, @lelenanam, @leoblanc, @marcemq, @marcusolsson, @mellena1, @mt-inside, @ncabatoff, @pcfens, @rade, @rndstr, @sc250024, @sfrique, @skurtzemann, @squaremo, @stefanprodan, @stephenmoloney, @timthelion, @tlvu, @whereismyjetpack, @white-hat, @wstrange for your contributions.
This is a patch release, mainly to include the fix for initContainer images (#1372).
fluxctl list-images
weaveworks/flux#1372fluxctl
command from help text
weaveworks/flux#1389Thanks for fixes go to @alanjcastonguay, @dholbach, and @squaremo.
This release has a soupçon of bug fixes. It gets a minor version bump,
because it introduces a new flag, --listen-metrics
.
--git-path
doesn’t
exist
weaveworks/flux#1341fluxctl
doesn’t try to connect to the cluster when just reporting
its version
weaveworks/flux#1332--listen-metrics
weaveworks/flux#1325Thank you to the following for contributions (along with anyone I’ve missed): @ariefrahmansyah, @brantb, @casibbald, @davidkarlsen, @dholbach, @hiddeco, @justinbarrick, @kozejonaz, @lelenanam, @petervandenabeele, @rade, @rndstr, @squaremo, @stefanprodan, @the-fine.
This release improves existing features, and has some new goodies like regexp tag filtering and multiple sync paths. Have fun!
We also have a new contributing guide.
fluxctl
does
automatic port forwarding
weaveworks/flux#1284fluxctl release ...
, unless --force
is
given
weaveworks/flux#1270':'
characters in resource names
weaveworks/flux#1282--git-path
arguments; sync (and update) files in
all the paths given
weaveworks/flux#1297Thank you to the following for contributions: @Alien2150, @ariefrahmansyah, @brandon-bethke-neudesic, @bzon, @dholbach, @dkerwin, @hartmut-pq, @hiddeco, @justinbarrick, @petervandenabeele, @nicolerenee, @rndstr, @squaremo, @stefanprodan, @stephenmoloney.
This release adds semver image filters, makes it easier to use
fluxctl
securely, and has an experimental interactive mode for
fluxctl release
. It also fixes some long-standing problems with
image metadata DB, including no longer being bamboozled by Windows
images.
'false'
value for automation annotation
weaveworks/flux#1264fluxctl
will now transparently port-forward to the Flux pod,
making it easier to connect securely to the Flux API
weaveworks/flux#1212fluxctl release
gained an experimental flag --interactive
that
lets you toggle each image update on or off, then apply exactly the
updates you have chosen
weaveworks/flux#1231initContainers
, and a wider variety
of Helm charts (as used in FluxHelmRelease
resources)
weaveworks/flux#1258Thanks to @ariefrahmansyah, @chy168, @cliveseldon, @davidkarlsen, @dholbach, @errordeveloper, @geofflamrock, @grantbachman, @grimesjm, @hiddeco, @jlewi, @JoeyX-u, @justinbarrick, @konfiot, @malvex, @marccampbell, @marctc, @mt-inside, @mwhittington21, @ncabatoff, @rade, @rndstr, @squaremo, @srikantheee84, @stefanprodan, @stephenmoloney, @TheJaySmith (and anyone I’ve missed!) for their contributions.
This release includes a number of usability improvements, the majority of which were suggested or contributed by community members. Thanks everyone!
default:deployment/foo.db
, which
is closer to what Kubernetes allows
weaveworks/flux#1197--k8s-namespace-whitelist
weaveworks/flux#1184This release fixes some wrinkles in the new YAML updating code, so that YAML multidocs and kubernetes List resources are fully supported.
It also introduces the fluxctl sync
command, which tells Flux to
update from git and apply to Kubernetes -- as requested in
TGI Kubernetes!
/etc/ssh
), so that it’s
easier to override it by mounting a ConfigMap into /root/.ssh/
weaveworks/flux#1154This release includes a rewrite of the YAML updating code, removing
the restrictions on using List resources and files with multiple YAML
documents, as well as fixing various bugs (like being confused by the
indentation of container
blocks).
See https://github.com/weaveworks/flux/blob/1.4.0/site/requirements.md for remaining constraints.
The YAML parser preserves comments and literal quoting, but may reindent blocks the first time it changes a file.
StatefulSet
status weaveworks/flux#1062--docker-config
so that image registry credentials can be supplied in a file mounted into the container weaveworks/flux#1065. This should make it easier to work around situations in which you don’t want to use imagePullSecrets on each resource.flux
and helm-operator
images with Open Containers Initiative (OCI) metadata weaveworks/flux#1075--git-poll-interval
weaveworks/flux#1030--git-ci-skip
(and for more fine control, --git-ci-skip-message
) for customising flux’s commit messages such that CI systems ignore the commits weaveworks/flux#1011nil
map when logging events weaveworks/flux#975The following improvements are to help if you are running a private registry.
--registry-insecure-host
for marking
a registry as accessible via HTTP (rather than HTTPS)
weaveworks/flux#918batch/v1beta1
, which are present in Kubernetes 1.7 (while those from batch/b2alpha1
are not) weaveworks/flux#868*.gcr.io
weaveworks/flux#882fluxctl identity
command only worked via the Weave Cloud
service, and not when connecting directly to the daemonThis release introduces significant changes to the way Flux works:
See https://github.com/weaveworks/flux/releases/tag/1.0.0 for full details.
Update to support newer Kubernetes (1.6.1).
kubectl
bundled in the Flux daemon image,
to work with newer (>1.5) Kubernetes.fluxctl save
command for bootstrapping a repo from an existing clusterMore informative and helpful UI.
fluxctl release
fluxctl set-config
to generate a deploy keySee also https://github.com/weaveworks/flux/issues?&q=closed%3A”2017-01-27 .. 2017-03-15”
Initial semver release.
See https://github.com/weaveworks/flux/milestone/7?closed=1 for full details.