From 4c9c1b90326e41d56d862d8c50b76e7648d9a291 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 09:37:48 +0000 Subject: [PATCH 01/11] Update helm-controller CRDs Signed-off-by: Rafael da Fonseca --- .../flux2/templates/helm-controller.crds.yaml | 1245 +++++++++++++++++ 1 file changed, 1245 insertions(+) diff --git a/charts/flux2/templates/helm-controller.crds.yaml b/charts/flux2/templates/helm-controller.crds.yaml index 7dde6cc..182333a 100644 --- a/charts/flux2/templates/helm-controller.crds.yaml +++ b/charts/flux2/templates/helm-controller.crds.yaml @@ -36,6 +36,8 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v2beta1 HelmRelease is deprecated, upgrade to v2beta2 name: v2beta1 schema: openAPIV3Schema: @@ -891,6 +893,99 @@ spec: description: HelmChart is the namespaced name of the HelmChart resource created by the controller for the HelmRelease. type: string + history: + description: "History holds the history of Helm releases performed + for this HelmRelease up to the last successfully completed release. + \n Note: this field is provisional to the v2beta2 API, and not actively + used by v2beta1 HelmReleases." + items: + description: Snapshot captures a point-in-time copy of the status + information for a Helm release, as managed by the controller. + properties: + apiVersion: + description: 'APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field + is changed, this field will be used to distinguish between + the old and new methods.' + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: ChartVersion is the chart version of the release + object in storage. + type: string + configDigest: + description: ConfigDigest is the checksum of the config (better + known as "values") of the release object in storage. It has + the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: Digest is the checksum of the release object in + storage. It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: TestHookStatus holds the status information for + a test hook as observed to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: TestHooks is the list of test hooks for the release + as observed to be run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array installFailures: description: InstallFailures is the install failure count against the latest desired state. It is reset after a successful reconciliation. @@ -900,6 +995,24 @@ spec: description: LastAppliedRevision is the revision of the last successfully applied source. type: string + lastAttemptedConfigDigest: + description: "LastAttemptedConfigDigest is the digest for the config + (better known as \"values\") of the last reconciliation attempt. + \n Note: this field is provisional to the v2beta2 API, and not actively + used by v2beta1 HelmReleases." + type: string + lastAttemptedGeneration: + description: "LastAttemptedGeneration is the last generation the controller + attempted to reconcile. \n Note: this field is provisional to the + v2beta2 API, and not actively used by v2beta1 HelmReleases." + format: int64 + type: integer + lastAttemptedReleaseAction: + description: "LastAttemptedReleaseAction is the last release action + performed for this HelmRelease. It is used to determine the active + remediation strategy. \n Note: this field is provisional to the + v2beta2 API, and not actively used by v2beta1 HelmReleases." + type: string lastAttemptedRevision: description: LastAttemptedRevision is the revision of the last reconciliation attempt. @@ -921,6 +1034,1138 @@ spec: description: ObservedGeneration is the last observed generation. format: int64 type: integer + storageNamespace: + description: "StorageNamespace is the namespace of the Helm release + storage for the current release. \n Note: this field is provisional + to the v2beta2 API, and not actively used by v2beta1 HelmReleases." + type: string + upgradeFailures: + description: UpgradeFailures is the upgrade failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + type: object + type: object + served: true + storage: false + subresources: + status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + name: v2beta2 + schema: + openAPIV3Schema: + description: HelmRelease is the Schema for the helmreleases API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: HelmReleaseSpec defines the desired state of a Helm release. + properties: + chart: + description: Chart defines the template of the v1beta2.HelmChart that + should be created for this HelmRelease. + properties: + metadata: + description: ObjectMeta holds the template for metadata like labels + and annotations. + properties: + annotations: + additionalProperties: + type: string + description: 'Annotations is an unstructured key value map + stored with a resource that may be set by external tools + to store and retrieve arbitrary metadata. They are not queryable + and should be preserved when modifying objects. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/' + type: object + labels: + additionalProperties: + type: string + description: 'Map of string keys and values that can be used + to organize and categorize (scope and select) objects. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/' + type: object + type: object + spec: + description: Spec holds the template for the v1beta2.HelmChartSpec + for this HelmRelease. + properties: + chart: + description: The name or path the Helm chart is available + at in the SourceRef. + maxLength: 2048 + minLength: 1 + type: string + interval: + description: Interval at which to check the v1.Source for + updates. Defaults to 'HelmReleaseSpec.Interval'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + reconcileStrategy: + default: ChartVersion + description: Determines what enables the creation of a new + artifact. Valid values are ('ChartVersion', 'Revision'). + See the documentation of the values for an explanation on + their behavior. Defaults to ChartVersion when omitted. + enum: + - ChartVersion + - Revision + type: string + sourceRef: + description: The name and namespace of the v1.Source the chart + is available at. + properties: + apiVersion: + description: APIVersion of the referent. + type: string + kind: + description: Kind of the referent. + enum: + - HelmRepository + - GitRepository + - Bucket + type: string + name: + description: Name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: Namespace of the referent. + maxLength: 63 + minLength: 1 + type: string + required: + - name + type: object + valuesFile: + description: Alternative values file to use as the default + chart values, expected to be a relative path in the SourceRef. + Deprecated in favor of ValuesFiles, for backwards compatibility + the file defined here is merged before the ValuesFiles items. + Ignored when omitted. + type: string + valuesFiles: + description: Alternative list of values files to use as the + chart values (values.yaml is not included by default), expected + to be a relative path in the SourceRef. Values files are + merged in the order of this list with the last file overriding + the first. Ignored when omitted. + items: + type: string + type: array + verify: + description: Verify contains the secret name containing the + trusted public keys used to verify the signature and specifies + which provider to use to check whether OCI image is authentic. + This field is only supported for OCI sources. Chart dependencies, + which are not bundled in the umbrella chart artifact, are + not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret + containing the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object + version: + default: '*' + description: Version semver expression, ignored for charts + from v1beta2.GitRepository and v1beta2.Bucket sources. Defaults + to latest when omitted. + type: string + required: + - chart + - sourceRef + type: object + required: + - spec + type: object + dependsOn: + description: DependsOn may contain a meta.NamespacedObjectReference + slice with references to HelmRelease resources that must be ready + before this HelmRelease can be reconciled. + items: + description: NamespacedObjectReference contains enough information + to locate the referenced Kubernetes resource object in any namespace. + properties: + name: + description: Name of the referent. + type: string + namespace: + description: Namespace of the referent, when not specified it + acts as LocalObjectReference. + type: string + required: + - name + type: object + type: array + driftDetection: + description: DriftDetection holds the configuration for detecting + and handling differences between the manifest in the Helm storage + and the resources currently existing in the cluster. + properties: + ignore: + description: Ignore contains a list of rules for specifying which + changes to ignore during diffing. + items: + description: IgnoreRule defines a rule to selectively disregard + specific changes during the drift detection process. + properties: + paths: + description: Paths is a list of JSON Pointer (RFC 6901) + paths to be excluded from consideration in a Kubernetes + object. + items: + type: string + type: array + target: + description: Target is a selector for specifying Kubernetes + objects to which this rule applies. If Target is not set, + the Paths will be ignored for all Kubernetes objects within + the manifest of the Helm release. + properties: + annotationSelector: + description: AnnotationSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select resources + from. Together with Version and Kind it is capable + of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources + from. Together with Group and Version it is capable + of unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select resources + from. Together with Group and Kind it is capable of + unambiguously identifying and/or selecting resources. + https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - paths + type: object + type: array + mode: + description: Mode defines how differences should be handled between + the Helm manifest and the manifest currently applied to the + cluster. If not explicitly set, it defaults to DiffModeDisabled. + enum: + - enabled + - warn + - disabled + type: string + type: object + install: + description: Install holds the configuration for Helm install actions + for this HelmRelease. + properties: + crds: + description: "CRDs upgrade CRDs from the Helm Chart's crds directory + according to the CRD upgrade policy provided here. Valid values + are `Skip`, `Create` or `CreateReplace`. Default is `Create` + and if omitted CRDs are installed but not updated. \n Skip: + do neither install nor replace (update) any CRDs. \n Create: + new CRDs are created, existing CRDs are neither updated nor + deleted. \n CreateReplace: new CRDs are created, existing CRDs + are updated (replaced) but not deleted. \n By default, CRDs + are applied (installed) during Helm install action. With this + option users can opt in to CRD replace existing CRDs on Helm + install actions, which is not (yet) natively supported by Helm. + https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + enum: + - Skip + - Create + - CreateReplace + type: string + createNamespace: + description: CreateNamespace tells the Helm install action to + create the HelmReleaseSpec.TargetNamespace if it does not exist + yet. On uninstall, the namespace will not be garbage collected. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm install action. + type: boolean + disableOpenAPIValidation: + description: DisableOpenAPIValidation prevents the Helm install + action from validating rendered templates against the Kubernetes + OpenAPI Schema. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm install has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm install has been performed. + type: boolean + remediation: + description: Remediation holds the remediation configuration for + when the Helm install action for the HelmRelease fails. The + default is to not perform any action. + properties: + ignoreTestFailures: + description: IgnoreTestFailures tells the controller to skip + remediation when the Helm tests are run after an install + action but fail. Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: RemediateLastFailure tells the controller to + remediate the last failure, when no retries remain. Defaults + to 'false'. + type: boolean + retries: + description: Retries is the number of retries that should + be attempted on failures before bailing. Remediation, using + an uninstall, is performed between each attempt. Defaults + to '0', a negative integer equals to unlimited retries. + type: integer + type: object + replace: + description: Replace tells the Helm install action to re-use the + 'ReleaseName', but only if that name is a deleted release which + remains in the history. + type: boolean + skipCRDs: + description: "SkipCRDs tells the Helm install action to not install + any CRDs. By default, CRDs are installed if not already present. + \n Deprecated use CRD policy (`crds`) attribute with value `Skip` + instead." + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + interval: + description: Interval at which to reconcile the Helm release. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + kubeConfig: + description: KubeConfig for reconciling the HelmRelease on a remote + cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. + properties: + secretRef: + description: SecretRef holds the name of a secret that contains + a key with the kubeconfig file as the value. If no key is set, + the key will default to 'value'. It is recommended that the + kubeconfig is self-contained, and the secret is regularly updated + if credentials such as a cloud-access-token expire. Cloud specific + `cmd-path` auth helpers will not function without adding binaries + and credentials to the Pod that is responsible for reconciling + Kubernetes resources. + properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string + name: + description: Name of the Secret. + type: string + required: + - name + type: object + required: + - secretRef + type: object + maxHistory: + description: MaxHistory is the number of revisions saved by Helm for + this HelmRelease. Use '0' for an unlimited number of revisions; + defaults to '5'. + type: integer + persistentClient: + description: "PersistentClient tells the controller to use a persistent + Kubernetes client for this release. When enabled, the client will + be reused for the duration of the reconciliation, instead of being + created and destroyed for each (step of a) Helm action. \n This + can improve performance, but may cause issues with some Helm charts + that for example do create Custom Resource Definitions during installation + outside Helm's CRD lifecycle hooks, which are then not observed + to be available by e.g. post-install hooks. \n If not set, it defaults + to true." + type: boolean + postRenderers: + description: PostRenderers holds an array of Helm PostRenderers, which + will be applied in order of their definition. + items: + description: PostRenderer contains a Helm PostRenderer specification. + properties: + kustomize: + description: Kustomization to apply as PostRenderer. + properties: + images: + description: Images is a list of (image name, new name, + new tag or digest) for changing image names, tags or digests. + This can also be achieved with a patch, but this operator + is simpler to specify. + items: + description: Image contains an image name, a new name, + a new tag or digest, which will replace the original + name and tag. + properties: + digest: + description: Digest is the value used to replace the + original image tag. If digest is present NewTag + value is ignored. + type: string + name: + description: Name is a tag-less image name. + type: string + newName: + description: NewName is the value used to replace + the original name. + type: string + newTag: + description: NewTag is the value used to replace the + original tag. + type: string + required: + - name + type: object + type: array + patches: + description: Strategic merge and JSON patches, defined as + inline YAML objects, capable of targeting objects based + on kind, label and annotation selectors. + items: + description: Patch contains an inline StrategicMerge or + JSON6902 patch, and the target the patch should be applied + to. + properties: + patch: + description: Patch contains an inline StrategicMerge + patch or an inline JSON6902 patch with an array + of operation objects. + type: string + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that + follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select + resources from. Together with Version and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources + from. Together with Group and Version it is + capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select + resources from. Together with Group and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + type: object + type: array + patchesJson6902: + description: 'JSON 6902 patches, defined as inline YAML + objects. Deprecated: use Patches instead.' + items: + description: JSON6902Patch contains a JSON6902 patch and + the target the patch should be applied to. + properties: + patch: + description: Patch contains the JSON6902 patch document + with an array of operation objects. + items: + description: JSON6902 is a JSON6902 operation object. + https://datatracker.ietf.org/doc/html/rfc6902#section-4 + properties: + from: + description: From contains a JSON-pointer value + that references a location within the target + document where the operation is performed. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. + type: string + op: + description: Op indicates the operation to perform. + Its value MUST be one of "add", "remove", + "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4 + enum: + - test + - remove + - add + - replace + - move + - copy + type: string + path: + description: Path contains the JSON-pointer + value that references a location within the + target document where the operation is performed. + The meaning of the value depends on the value + of Op. + type: string + value: + description: Value contains a valid JSON structure. + The meaning of the value depends on the value + of Op, and is NOT taken into account by all + operations. + x-kubernetes-preserve-unknown-fields: true + required: + - op + - path + type: object + type: array + target: + description: Target points to the resources that the + patch document should be applied to. + properties: + annotationSelector: + description: AnnotationSelector is a string that + follows the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource annotations. + type: string + group: + description: Group is the API group to select + resources from. Together with Version and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + kind: + description: Kind of the API Group to select resources + from. Together with Group and Version it is + capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + labelSelector: + description: LabelSelector is a string that follows + the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api + It matches with the resource labels. + type: string + name: + description: Name to match resources with. + type: string + namespace: + description: Namespace to select resources from. + type: string + version: + description: Version of the API Group to select + resources from. Together with Group and Kind + it is capable of unambiguously identifying and/or + selecting resources. https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md + type: string + type: object + required: + - patch + - target + type: object + type: array + patchesStrategicMerge: + description: 'Strategic merge patches, defined as inline + YAML objects. Deprecated: use Patches instead.' + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + type: array + releaseName: + description: ReleaseName used for the Helm release. Defaults to a + composition of '[TargetNamespace-]Name'. + maxLength: 53 + minLength: 1 + type: string + rollback: + description: Rollback holds the configuration for Helm rollback actions + for this HelmRelease. + properties: + cleanupOnFail: + description: CleanupOnFail allows deletion of new resources created + during the Helm rollback action when it fails. + type: boolean + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm rollback has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm rollback has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + recreate: + description: Recreate performs pod restarts for the resource if + applicable. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + serviceAccountName: + description: The name of the Kubernetes service account to impersonate + when reconciling this HelmRelease. + maxLength: 253 + minLength: 1 + type: string + storageNamespace: + description: StorageNamespace used for the Helm storage. Defaults + to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + suspend: + description: Suspend tells the controller to suspend reconciliation + for this HelmRelease, it does not apply to already started reconciliations. + Defaults to false. + type: boolean + targetNamespace: + description: TargetNamespace to target when performing operations + for the HelmRelease. Defaults to the namespace of the HelmRelease. + maxLength: 63 + minLength: 1 + type: string + test: + description: Test holds the configuration for Helm test actions for + this HelmRelease. + properties: + enable: + description: Enable enables Helm test actions for this HelmRelease + after an Helm install or upgrade action has been performed. + type: boolean + filters: + description: Filters is a list of tests to run or exclude from + running. + items: + description: Filter holds the configuration for individual Helm + test filters. + properties: + exclude: + description: Exclude specifies whether the named test should + be excluded. + type: boolean + name: + description: Name is the name of the test. + maxLength: 253 + minLength: 1 + type: string + required: + - name + type: object + type: array + ignoreFailures: + description: IgnoreFailures tells the controller to skip remediation + when the Helm tests are run but fail. Can be overwritten for + tests run after install or upgrade actions in 'Install.IgnoreTestFailures' + and 'Upgrade.IgnoreTestFailures'. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation during the performance of a Helm test action. Defaults + to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a Helm + action. Defaults to '5m0s'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + uninstall: + description: Uninstall holds the configuration for Helm uninstall + actions for this HelmRelease. + properties: + deletionPropagation: + default: background + description: DeletionPropagation specifies the deletion propagation + policy when a Helm uninstall is performed. + enum: + - background + - foreground + - orphan + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm rollback action. + type: boolean + disableWait: + description: DisableWait disables waiting for all the resources + to be deleted after a Helm uninstall is performed. + type: boolean + keepHistory: + description: KeepHistory tells Helm to remove all associated resources + and mark the release as deleted, but retain the release history. + type: boolean + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + upgrade: + description: Upgrade holds the configuration for Helm upgrade actions + for this HelmRelease. + properties: + cleanupOnFail: + description: CleanupOnFail allows deletion of new resources created + during the Helm upgrade action when it fails. + type: boolean + crds: + description: "CRDs upgrade CRDs from the Helm Chart's crds directory + according to the CRD upgrade policy provided here. Valid values + are `Skip`, `Create` or `CreateReplace`. Default is `Skip` and + if omitted CRDs are neither installed nor upgraded. \n Skip: + do neither install nor replace (update) any CRDs. \n Create: + new CRDs are created, existing CRDs are neither updated nor + deleted. \n CreateReplace: new CRDs are created, existing CRDs + are updated (replaced) but not deleted. \n By default, CRDs + are not applied during Helm upgrade action. With this option + users can opt-in to CRD upgrade, which is not (yet) natively + supported by Helm. https://helm.sh/docs/chart_best_practices/custom_resource_definitions." + enum: + - Skip + - Create + - CreateReplace + type: string + disableHooks: + description: DisableHooks prevents hooks from running during the + Helm upgrade action. + type: boolean + disableOpenAPIValidation: + description: DisableOpenAPIValidation prevents the Helm upgrade + action from validating rendered templates against the Kubernetes + OpenAPI Schema. + type: boolean + disableWait: + description: DisableWait disables the waiting for resources to + be ready after a Helm upgrade has been performed. + type: boolean + disableWaitForJobs: + description: DisableWaitForJobs disables waiting for jobs to complete + after a Helm upgrade has been performed. + type: boolean + force: + description: Force forces resource updates through a replacement + strategy. + type: boolean + preserveValues: + description: PreserveValues will make Helm reuse the last release's + values and merge in overrides from 'Values'. Setting this flag + makes the HelmRelease non-declarative. + type: boolean + remediation: + description: Remediation holds the remediation configuration for + when the Helm upgrade action for the HelmRelease fails. The + default is to not perform any action. + properties: + ignoreTestFailures: + description: IgnoreTestFailures tells the controller to skip + remediation when the Helm tests are run after an upgrade + action but fail. Defaults to 'Test.IgnoreFailures'. + type: boolean + remediateLastFailure: + description: RemediateLastFailure tells the controller to + remediate the last failure, when no retries remain. Defaults + to 'false' unless 'Retries' is greater than 0. + type: boolean + retries: + description: Retries is the number of retries that should + be attempted on failures before bailing. Remediation, using + 'Strategy', is performed between each attempt. Defaults + to '0', a negative integer equals to unlimited retries. + type: integer + strategy: + description: Strategy to use for failure remediation. Defaults + to 'rollback'. + enum: + - rollback + - uninstall + type: string + type: object + timeout: + description: Timeout is the time to wait for any individual Kubernetes + operation (like Jobs for hooks) during the performance of a + Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ + type: string + type: object + values: + description: Values holds the values for this Helm release. + x-kubernetes-preserve-unknown-fields: true + valuesFrom: + description: ValuesFrom holds references to resources containing Helm + values for this HelmRelease, and information about how they should + be merged. + items: + description: ValuesReference contains a reference to a resource + containing Helm values, and optionally the key they can be found + at. + properties: + kind: + description: Kind of the values referent, valid values are ('Secret', + 'ConfigMap'). + enum: + - Secret + - ConfigMap + type: string + name: + description: Name of the values referent. Should reside in the + same namespace as the referring resource. + maxLength: 253 + minLength: 1 + type: string + optional: + description: Optional marks this ValuesReference as optional. + When set, a not found error for the values reference is ignored, + but any ValuesKey, TargetPath or transient error will still + result in a reconciliation failure. + type: boolean + targetPath: + description: TargetPath is the YAML dot notation path the value + should be merged at. When set, the ValuesKey is expected to + be a single flat value. Defaults to 'None', which results + in the values getting merged at the root. + maxLength: 250 + pattern: ^([a-zA-Z0-9_\-.\\\/]|\[[0-9]{1,5}\])+$ + type: string + valuesKey: + description: ValuesKey is the data key where the values.yaml + or a specific value can be found at. Defaults to 'values.yaml'. + maxLength: 253 + pattern: ^[\-._a-zA-Z0-9]+$ + type: string + required: + - kind + - name + type: object + type: array + required: + - chart + - interval + type: object + status: + default: + observedGeneration: -1 + description: HelmReleaseStatus defines the observed state of a HelmRelease. + properties: + conditions: + description: Conditions holds the conditions for the HelmRelease. + items: + description: "Condition contains details for one aspect of the current + state of this API Resource. --- This struct is intended for direct + use as an array at the field path .status.conditions. For example, + \n type FooStatus struct{ // Represents the observations of a + foo's current state. // Known .status.conditions.type are: \"Available\", + \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge + // +listType=map // +listMapKey=type Conditions []metav1.Condition + `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" + protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + properties: + lastTransitionTime: + description: lastTransitionTime is the last time the condition + transitioned from one status to another. This should be when + the underlying condition changed. If that is not known, then + using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: message is a human readable message indicating + details about the transition. This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: observedGeneration represents the .metadata.generation + that the condition was set based upon. For instance, if .metadata.generation + is currently 12, but the .status.conditions[x].observedGeneration + is 9, the condition is out of date with respect to the current + state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: reason contains a programmatic identifier indicating + the reason for the condition's last transition. Producers + of specific condition types may define expected values and + meanings for this field, and whether the values are considered + a guaranteed API. The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: type of condition in CamelCase or in foo.example.com/CamelCase. + --- Many .condition.type values are consistent across resources + like Available, but because arbitrary conditions can be useful + (see .node.status.conditions), the ability to deconflict is + important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + failures: + description: Failures is the reconciliation failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + helmChart: + description: HelmChart is the namespaced name of the HelmChart resource + created by the controller for the HelmRelease. + type: string + history: + description: History holds the history of Helm releases performed + for this HelmRelease up to the last successfully completed release. + items: + description: Snapshot captures a point-in-time copy of the status + information for a Helm release, as managed by the controller. + properties: + apiVersion: + description: 'APIVersion is the API version of the Snapshot. + Provisional: when the calculation method of the Digest field + is changed, this field will be used to distinguish between + the old and new methods.' + type: string + chartName: + description: ChartName is the chart name of the release object + in storage. + type: string + chartVersion: + description: ChartVersion is the chart version of the release + object in storage. + type: string + configDigest: + description: ConfigDigest is the checksum of the config (better + known as "values") of the release object in storage. It has + the format of `:`. + type: string + deleted: + description: Deleted is when the release was deleted. + format: date-time + type: string + digest: + description: Digest is the checksum of the release object in + storage. It has the format of `:`. + type: string + firstDeployed: + description: FirstDeployed is when the release was first deployed. + format: date-time + type: string + lastDeployed: + description: LastDeployed is when the release was last deployed. + format: date-time + type: string + name: + description: Name is the name of the release. + type: string + namespace: + description: Namespace is the namespace the release is deployed + to. + type: string + status: + description: Status is the current state of the release. + type: string + testHooks: + additionalProperties: + description: TestHookStatus holds the status information for + a test hook as observed to be run by the controller. + properties: + lastCompleted: + description: LastCompleted is the time the test hook last + completed. + format: date-time + type: string + lastStarted: + description: LastStarted is the time the test hook was + last started. + format: date-time + type: string + phase: + description: Phase the test hook was observed to be in. + type: string + type: object + description: TestHooks is the list of test hooks for the release + as observed to be run by the controller. + type: object + version: + description: Version is the version of the release object in + storage. + type: integer + required: + - chartName + - chartVersion + - configDigest + - digest + - firstDeployed + - lastDeployed + - name + - namespace + - status + - version + type: object + type: array + installFailures: + description: InstallFailures is the install failure count against + the latest desired state. It is reset after a successful reconciliation. + format: int64 + type: integer + lastAppliedRevision: + description: 'LastAppliedRevision is the revision of the last successfully + applied source. Deprecated: the revision can now be found in the + History.' + type: string + lastAttemptedConfigDigest: + description: LastAttemptedConfigDigest is the digest for the config + (better known as "values") of the last reconciliation attempt. + type: string + lastAttemptedGeneration: + description: LastAttemptedGeneration is the last generation the controller + attempted to reconcile. + format: int64 + type: integer + lastAttemptedReleaseAction: + description: LastAttemptedReleaseAction is the last release action + performed for this HelmRelease. It is used to determine the active + remediation strategy. + enum: + - install + - upgrade + type: string + lastAttemptedRevision: + description: LastAttemptedRevision is the Source revision of the last + reconciliation attempt. + type: string + lastAttemptedValuesChecksum: + description: 'LastAttemptedValuesChecksum is the SHA1 checksum for + the values of the last reconciliation attempt. Deprecated: Use LastAttemptedConfigDigest + instead.' + type: string + lastHandledForceAt: + description: LastHandledForceAt holds the value of the most recent + force request value, so a change of the annotation value can be + detected. + type: string + lastHandledReconcileAt: + description: LastHandledReconcileAt holds the value of the most recent + reconcile request value, so a change of the annotation value can + be detected. + type: string + lastHandledResetAt: + description: LastHandledResetAt holds the value of the most recent + reset request value, so a change of the annotation value can be + detected. + type: string + lastReleaseRevision: + description: 'LastReleaseRevision is the revision of the last successful + Helm release. Deprecated: Use History instead.' + type: integer + observedGeneration: + description: ObservedGeneration is the last observed generation. + format: int64 + type: integer + storageNamespace: + description: StorageNamespace is the namespace of the Helm release + storage for the current release. + maxLength: 63 + minLength: 1 + type: string upgradeFailures: description: UpgradeFailures is the upgrade failure count against the latest desired state. It is reset after a successful reconciliation. From ee3735a1be13408276fcd218f0b619775e9be6b4 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 09:43:59 +0000 Subject: [PATCH 02/11] update image-reflect-controller CRDs Signed-off-by: Rafael da Fonseca --- charts/flux2/templates/image-reflector-controller.crds.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/charts/flux2/templates/image-reflector-controller.crds.yaml b/charts/flux2/templates/image-reflector-controller.crds.yaml index fb30088..1bf92fa 100644 --- a/charts/flux2/templates/image-reflector-controller.crds.yaml +++ b/charts/flux2/templates/image-reflector-controller.crds.yaml @@ -737,6 +737,10 @@ spec: image: description: Image is the name of the image repository type: string + insecure: + description: Insecure allows connecting to a non-TLS HTTP container + registry. + type: boolean interval: description: Interval is the length of time to wait between scans of the image repository. From 493c0de0160d95f980208cc74fb466719a02cf20 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 09:57:19 +0000 Subject: [PATCH 03/11] update source-controller CRDs Signed-off-by: Rafael da Fonseca --- .../templates/source-controller.crds.yaml | 67 ++++++++++++++++++- 1 file changed, 64 insertions(+), 3 deletions(-) diff --git a/charts/flux2/templates/source-controller.crds.yaml b/charts/flux2/templates/source-controller.crds.yaml index 40f0e7c..d4fccd6 100644 --- a/charts/flux2/templates/source-controller.crds.yaml +++ b/charts/flux2/templates/source-controller.crds.yaml @@ -341,6 +341,10 @@ spec: to ensure efficient use of resources. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string + prefix: + description: Prefix to use for server-side filtering of files in the + Bucket. + type: string provider: default: generic description: Provider of the object storage bucket. Defaults to 'generic', @@ -2150,6 +2154,32 @@ spec: Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified. properties: + matchOIDCIdentity: + description: MatchOIDCIdentity specifies the identity matching + criteria to use while verifying an OCI artifact which was signed + using Cosign keyless signing. The artifact's identity is deemed + to be verified if any of the specified matchers match against + the identity. + items: + description: OIDCIdentityMatch specifies options for verifying + the certificate identity, i.e. the issuer and the subject + of the certificate. + properties: + issuer: + description: Issuer specifies the regex pattern to match + against to verify the OIDC issuer in the Fulcio certificate. + The pattern must be a valid Go regular expression. + type: string + subject: + description: Subject specifies the regex pattern to match + against to verify the identity subject in the Fulcio certificate. + The pattern must be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign description: Provider specifies the technology used to sign the @@ -2653,6 +2683,11 @@ spec: required: - name type: object + insecure: + description: Insecure allows connecting to a non-TLS HTTP container + registry. This field is only taken into account if the .spec.type + field is set to 'oci'. + type: boolean interval: description: Interval at which the HelmRepository URL is checked for updates. This interval is approximate and may be subject to jitter @@ -2697,10 +2732,10 @@ spec: of this HelmRepository. type: boolean timeout: - default: 60s description: Timeout is used for the index fetch operation for an HTTPS helm repository, and for remote OCI Repository operations - like pulling for an OCI helm repository. Its default value is 60s. + like pulling for an OCI helm chart by the associated HelmChart. + Its default value is 60s. pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ type: string type: @@ -2713,9 +2748,9 @@ spec: url: description: URL of the Helm repository, a valid URL contains at least a protocol and host. + pattern: ^(http|https|oci)://.*$ type: string required: - - interval - url type: object status: @@ -3033,6 +3068,32 @@ spec: public keys used to verify the signature and specifies which provider to use to check whether OCI image is authentic. properties: + matchOIDCIdentity: + description: MatchOIDCIdentity specifies the identity matching + criteria to use while verifying an OCI artifact which was signed + using Cosign keyless signing. The artifact's identity is deemed + to be verified if any of the specified matchers match against + the identity. + items: + description: OIDCIdentityMatch specifies options for verifying + the certificate identity, i.e. the issuer and the subject + of the certificate. + properties: + issuer: + description: Issuer specifies the regex pattern to match + against to verify the OIDC issuer in the Fulcio certificate. + The pattern must be a valid Go regular expression. + type: string + subject: + description: Subject specifies the regex pattern to match + against to verify the identity subject in the Fulcio certificate. + The pattern must be a valid Go regular expression. + type: string + required: + - issuer + - subject + type: object + type: array provider: default: cosign description: Provider specifies the technology used to sign the From 0cd8d63885c6931a765165cd6d6d5e430cca9212 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 10:02:15 +0000 Subject: [PATCH 04/11] update notification-controller CRDs Signed-off-by: Rafael da Fonseca --- .../notification-controller.crds.yaml | 257 +++++++++++++++++- 1 file changed, 255 insertions(+), 2 deletions(-) diff --git a/charts/flux2/templates/notification-controller.crds.yaml b/charts/flux2/templates/notification-controller.crds.yaml index 732422b..ffed371 100644 --- a/charts/flux2/templates/notification-controller.crds.yaml +++ b/charts/flux2/templates/notification-controller.crds.yaml @@ -33,6 +33,8 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: @@ -227,6 +229,8 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: @@ -436,9 +440,140 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Alert is the Schema for the alerts API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AlertSpec defines an alerting rule for events involving a + list of objects. + properties: + eventMetadata: + additionalProperties: + type: string + description: EventMetadata is an optional field for adding metadata + to events dispatched by the controller. This can be used for enhancing + the context of the event. If a field would override one already + present on the original event as generated by the emitter, then + the override doesn't happen, i.e. the original value is preserved, + and an info log is printed. + type: object + eventSeverity: + default: info + description: EventSeverity specifies how to filter events based on + severity. If set to 'info' no events will be filtered. + enum: + - info + - error + type: string + eventSources: + description: EventSources specifies how to filter events based on + the involved object kind, name and namespace. + items: + description: CrossNamespaceObjectReference contains enough information + to let you locate the typed referenced object at cluster level + properties: + apiVersion: + description: API version of the referent + type: string + kind: + description: Kind of the referent + enum: + - Bucket + - GitRepository + - Kustomization + - HelmRelease + - HelmChart + - HelmRepository + - ImageRepository + - ImagePolicy + - ImageUpdateAutomation + - OCIRepository + type: string + matchLabels: + additionalProperties: + type: string + description: MatchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. MatchLabels requires the name to be set to `*`. + type: object + name: + description: Name of the referent If multiple resources are + targeted `*` may be set. + maxLength: 53 + minLength: 1 + type: string + namespace: + description: Namespace of the referent + maxLength: 53 + minLength: 1 + type: string + required: + - kind + - name + type: object + type: array + exclusionList: + description: ExclusionList specifies a list of Golang regular expressions + to be used for excluding messages. + items: + type: string + type: array + inclusionList: + description: InclusionList specifies a list of Golang regular expressions + to be used for including messages. + items: + type: string + type: array + providerRef: + description: ProviderRef specifies which Provider this Alert should + use. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + summary: + description: Summary holds a short description of the impact and affected + cluster. + maxLength: 255 + type: string + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this Alert. + type: boolean + required: + - eventSources + - providerRef + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition @@ -474,6 +609,8 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3 name: v1beta1 schema: openAPIV3Schema: @@ -657,6 +794,8 @@ spec: - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status type: string + deprecated: true + deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3 name: v1beta2 schema: openAPIV3Schema: @@ -741,6 +880,7 @@ spec: - github - gitlab - gitea + - bitbucketserver - bitbucket - azuredevops - googlechat @@ -851,9 +991,122 @@ spec: type: object type: object served: true - storage: true + storage: false subresources: status: {} + - additionalPrinterColumns: + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta3 + schema: + openAPIV3Schema: + description: Provider is the Schema for the providers API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ProviderSpec defines the desired state of the Provider. + properties: + address: + description: Address specifies the endpoint, in a generic sense, to + where alerts are sent. What kind of endpoint depends on the specific + Provider type being used. For the generic Provider, for example, + this is an HTTP/S address. For other Provider types this could be + a project ID or a namespace. + maxLength: 2048 + type: string + certSecretRef: + description: "CertSecretRef specifies the Secret containing a PEM-encoded + CA certificate (in the `ca.crt` key). \n Note: Support for the `caFile` + key has been deprecated." + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + channel: + description: Channel specifies the destination channel where events + should be posted. + maxLength: 2048 + type: string + proxy: + description: Proxy the HTTP/S address of the proxy server. + maxLength: 2048 + pattern: ^(http|https)://.*$ + type: string + secretRef: + description: SecretRef specifies the Secret containing the authentication + credentials for this Provider. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + suspend: + description: Suspend tells the controller to suspend subsequent events + handling for this Provider. + type: boolean + timeout: + description: Timeout for sending alerts to the Provider. + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + type: string + type: + description: Type specifies which Provider implementation to use. + enum: + - slack + - discord + - msteams + - rocket + - generic + - generic-hmac + - github + - gitlab + - gitea + - bitbucketserver + - bitbucket + - azuredevops + - googlechat + - googlepubsub + - webex + - sentry + - azureeventhub + - telegram + - lark + - matrix + - opsgenie + - alertmanager + - grafana + - githubdispatch + - pagerduty + - datadog + - nats + type: string + username: + description: Username specifies the name under which events are posted. + maxLength: 2048 + type: string + required: + - type + type: object + type: object + served: true + storage: true + subresources: {} --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition From 1bdcb7b3fdcdeb60256cbdac4b9001ec11ac5f15 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 10:07:03 +0000 Subject: [PATCH 05/11] Bump component and chart versions Signed-off-by: Rafael da Fonseca --- charts/flux2/Chart.yaml | 4 ++-- charts/flux2/values.yaml | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/flux2/Chart.yaml b/charts/flux2/Chart.yaml index dd49f81..29d2ae9 100644 --- a/charts/flux2/Chart.yaml +++ b/charts/flux2/Chart.yaml @@ -1,6 +1,6 @@ annotations: artifacthub.io/changes: | - - "feat: adding CRD and RBAC annotation option" + - "feat: update CRDs and component versions" apiVersion: v2 appVersion: 2.1.2 description: A Helm chart for flux2 @@ -8,4 +8,4 @@ name: flux2 sources: - https://github.com/fluxcd-community/helm-charts type: application -version: 2.11.1 +version: 2.12.0 diff --git a/charts/flux2/values.yaml b/charts/flux2/values.yaml index 3815b41..2ec5ee9 100644 --- a/charts/flux2/values.yaml +++ b/charts/flux2/values.yaml @@ -36,7 +36,7 @@ cli: helmController: create: true image: ghcr.io/fluxcd/helm-controller - tag: v0.36.2 + tag: v0.37.0 resources: limits: {} # cpu: 1000m @@ -84,7 +84,7 @@ helmController: imageAutomationController: create: true image: ghcr.io/fluxcd/image-automation-controller - tag: v0.36.1 + tag: v0.37.0 resources: limits: {} # cpu: 1000m @@ -112,7 +112,7 @@ imageAutomationController: imageReflectionController: create: true image: ghcr.io/fluxcd/image-reflector-controller - tag: v0.30.0 + tag: v0.31.1 resources: limits: {} # cpu: 1000m @@ -140,7 +140,7 @@ imageReflectionController: kustomizeController: create: true image: ghcr.io/fluxcd/kustomize-controller - tag: v1.1.1 + tag: v1.2.0 resources: limits: {} # cpu: 1000m @@ -188,7 +188,7 @@ kustomizeController: notificationController: create: true image: ghcr.io/fluxcd/notification-controller - tag: v1.1.0 + tag: v1.2.2 resources: limits: {} # cpu: 1000m @@ -241,7 +241,7 @@ notificationController: sourceController: create: true image: ghcr.io/fluxcd/source-controller - tag: v1.1.2 + tag: v1.2.2 resources: limits: {} # cpu: 1000m From 7be1607e870d0e61be1c1d7a2f7713f296e02a59 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 10:17:37 +0000 Subject: [PATCH 06/11] Update helm-docs Signed-off-by: Rafael da Fonseca --- charts/flux2/README.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/charts/flux2/README.md b/charts/flux2/README.md index 88b4d0e..6c578da 100644 --- a/charts/flux2/README.md +++ b/charts/flux2/README.md @@ -1,6 +1,6 @@ # flux2 -![Version: 2.11.0](https://img.shields.io/badge/Version-2.11.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.1.2](https://img.shields.io/badge/AppVersion-2.1.2-informational?style=flat-square) +![Version: 2.12.0](https://img.shields.io/badge/Version-2.12.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.1.2](https://img.shields.io/badge/AppVersion-2.1.2-informational?style=flat-square) A Helm chart for flux2 @@ -41,7 +41,7 @@ This helm chart is maintained and released by the fluxcd-community on a best eff | helmController.serviceAccount.annotations | object | `{}` | | | helmController.serviceAccount.automount | bool | `true` | | | helmController.serviceAccount.create | bool | `true` | | -| helmController.tag | string | `"v0.36.2"` | | +| helmController.tag | string | `"v0.37.0"` | | | helmController.tolerations | list | `[]` | | | imageAutomationController.affinity | object | `{}` | | | imageAutomationController.annotations."prometheus.io/port" | string | `"8080"` | | @@ -60,7 +60,7 @@ This helm chart is maintained and released by the fluxcd-community on a best eff | imageAutomationController.serviceAccount.annotations | object | `{}` | | | imageAutomationController.serviceAccount.automount | bool | `true` | | | imageAutomationController.serviceAccount.create | bool | `true` | | -| imageAutomationController.tag | string | `"v0.36.1"` | | +| imageAutomationController.tag | string | `"v0.37.0"` | | | imageAutomationController.tolerations | list | `[]` | | | imagePullSecrets | list | `[]` | contents of pod imagePullSecret in form 'name=[secretName]'; applied to all controllers | | imageReflectionController.affinity | object | `{}` | | @@ -80,7 +80,7 @@ This helm chart is maintained and released by the fluxcd-community on a best eff | imageReflectionController.serviceAccount.annotations | object | `{}` | | | imageReflectionController.serviceAccount.automount | bool | `true` | | | imageReflectionController.serviceAccount.create | bool | `true` | | -| imageReflectionController.tag | string | `"v0.30.0"` | | +| imageReflectionController.tag | string | `"v0.31.1"` | | | imageReflectionController.tolerations | list | `[]` | | | installCRDs | bool | `true` | | | kustomizeController.affinity | object | `{}` | | @@ -105,7 +105,7 @@ This helm chart is maintained and released by the fluxcd-community on a best eff | kustomizeController.serviceAccount.annotations | object | `{}` | | | kustomizeController.serviceAccount.automount | bool | `true` | | | kustomizeController.serviceAccount.create | bool | `true` | | -| kustomizeController.tag | string | `"v1.1.1"` | | +| kustomizeController.tag | string | `"v1.2.0"` | | | kustomizeController.tolerations | list | `[]` | | | logLevel | string | `"info"` | | | multitenancy.defaultServiceAccount | string | `"default"` | All Kustomizations and HelmReleases which don’t have spec.serviceAccountName specified, will use the default account from the tenant’s namespace. Tenants have to specify a service account in their Flux resources to be able to deploy workloads in their namespaces as the default account has no permissions. | @@ -130,7 +130,7 @@ This helm chart is maintained and released by the fluxcd-community on a best eff | notificationController.serviceAccount.annotations | object | `{}` | | | notificationController.serviceAccount.automount | bool | `true` | | | notificationController.serviceAccount.create | bool | `true` | | -| notificationController.tag | string | `"v1.1.0"` | | +| notificationController.tag | string | `"v1.2.2"` | | | notificationController.tolerations | list | `[]` | | | notificationController.webhookReceiver.ingress.annotations | object | `{}` | | | notificationController.webhookReceiver.ingress.create | bool | `false` | | @@ -169,6 +169,6 @@ This helm chart is maintained and released by the fluxcd-community on a best eff | sourceController.serviceAccount.annotations | object | `{}` | | | sourceController.serviceAccount.automount | bool | `true` | | | sourceController.serviceAccount.create | bool | `true` | | -| sourceController.tag | string | `"v1.1.2"` | | +| sourceController.tag | string | `"v1.2.2"` | | | sourceController.tolerations | list | `[]` | | | watchAllNamespaces | bool | `true` | | From 8056e139c1a152a7156a5391c84076e8e3979120 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 10:28:27 +0000 Subject: [PATCH 07/11] Update tests Signed-off-by: Rafael da Fonseca --- .../flux2/tests/__snapshot__/helm-controller_test.yaml.snap | 4 ++-- .../__snapshot__/image-automation-controller_test.yaml.snap | 4 ++-- .../__snapshot__/image-reflector-controller_test.yaml.snap | 4 ++-- .../__snapshot__/kustomize-controller-secret_test.yaml.snap | 2 +- .../tests/__snapshot__/kustomize-controller_test.yaml.snap | 4 ++-- .../tests/__snapshot__/notification-controller_test.yaml.snap | 4 ++-- .../flux2/tests/__snapshot__/pre-install-job_test.yaml.snap | 4 ++-- .../flux2/tests/__snapshot__/source-controller_test.yaml.snap | 4 ++-- 8 files changed, 15 insertions(+), 15 deletions(-) diff --git a/charts/flux2/tests/__snapshot__/helm-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/helm-controller_test.yaml.snap index 5e003e4..70abcb5 100644 --- a/charts/flux2/tests/__snapshot__/helm-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/helm-controller_test.yaml.snap @@ -10,7 +10,7 @@ should match snapshot of default values: app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 control-plane: controller - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 labeltestkey: labeltestvalue labeltestkey2: labeltestvalue2 name: helm-controller @@ -42,7 +42,7 @@ should match snapshot of default values: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.36.2 + image: ghcr.io/fluxcd/helm-controller:v0.37.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/charts/flux2/tests/__snapshot__/image-automation-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/image-automation-controller_test.yaml.snap index b1cde2a..060ea79 100644 --- a/charts/flux2/tests/__snapshot__/image-automation-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/image-automation-controller_test.yaml.snap @@ -10,7 +10,7 @@ should match snapshot of default values: app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 control-plane: controller - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 name: image-automation-controller spec: replicas: 1 @@ -38,7 +38,7 @@ should match snapshot of default values: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.36.1 + image: ghcr.io/fluxcd/image-automation-controller:v0.37.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/charts/flux2/tests/__snapshot__/image-reflector-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/image-reflector-controller_test.yaml.snap index 5bfc5de..94a2bd2 100644 --- a/charts/flux2/tests/__snapshot__/image-reflector-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/image-reflector-controller_test.yaml.snap @@ -10,7 +10,7 @@ should match snapshot of default values: app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 control-plane: controller - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 name: image-reflector-controller spec: replicas: 1 @@ -38,7 +38,7 @@ should match snapshot of default values: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.30.0 + image: ghcr.io/fluxcd/image-reflector-controller:v0.31.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/charts/flux2/tests/__snapshot__/kustomize-controller-secret_test.yaml.snap b/charts/flux2/tests/__snapshot__/kustomize-controller-secret_test.yaml.snap index b991696..789b1d5 100644 --- a/charts/flux2/tests/__snapshot__/kustomize-controller-secret_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/kustomize-controller-secret_test.yaml.snap @@ -10,7 +10,7 @@ should match snapshot of default values: app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 name: test1 namespace: NAMESPACE type: Opaque diff --git a/charts/flux2/tests/__snapshot__/kustomize-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/kustomize-controller_test.yaml.snap index 893b6b5..fa20591 100644 --- a/charts/flux2/tests/__snapshot__/kustomize-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/kustomize-controller_test.yaml.snap @@ -10,7 +10,7 @@ should match snapshot of default values: app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 control-plane: controller - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 name: kustomize-controller spec: replicas: 1 @@ -38,7 +38,7 @@ should match snapshot of default values: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v1.1.1 + image: ghcr.io/fluxcd/kustomize-controller:v1.2.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/charts/flux2/tests/__snapshot__/notification-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/notification-controller_test.yaml.snap index 7f6412e..01b40f3 100644 --- a/charts/flux2/tests/__snapshot__/notification-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/notification-controller_test.yaml.snap @@ -10,7 +10,7 @@ should match snapshot of default values: app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 control-plane: controller - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 name: notification-controller spec: replicas: 1 @@ -37,7 +37,7 @@ should match snapshot of default values: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v1.1.0 + image: ghcr.io/fluxcd/notification-controller:v1.2.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: diff --git a/charts/flux2/tests/__snapshot__/pre-install-job_test.yaml.snap b/charts/flux2/tests/__snapshot__/pre-install-job_test.yaml.snap index 7806cf8..5c85e43 100644 --- a/charts/flux2/tests/__snapshot__/pre-install-job_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/pre-install-job_test.yaml.snap @@ -12,7 +12,7 @@ should match snapshot of default values: app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 name: RELEASE-NAME-flux-check spec: backoffLimit: 1 @@ -23,7 +23,7 @@ should match snapshot of default values: app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 name: RELEASE-NAME spec: automountServiceAccountToken: true diff --git a/charts/flux2/tests/__snapshot__/source-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/source-controller_test.yaml.snap index de3035c..1a8b111 100644 --- a/charts/flux2/tests/__snapshot__/source-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/source-controller_test.yaml.snap @@ -10,7 +10,7 @@ should match snapshot of default values: app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.1.2 control-plane: controller - helm.sh/chart: flux2-2.11.1 + helm.sh/chart: flux2-2.12.0 name: source-controller spec: replicas: 1 @@ -42,7 +42,7 @@ should match snapshot of default values: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v1.1.2 + image: ghcr.io/fluxcd/source-controller:v1.2.2 imagePullPolicy: IfNotPresent livenessProbe: httpGet: From e9b352febfbb8d5bbfd15655b759b7c1f1015963 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 19:05:56 +0000 Subject: [PATCH 08/11] Update flux app version to v2.2.0 Signed-off-by: Rafael da Fonseca --- Makefile | 2 +- charts/flux2-notification/Chart.yaml | 2 +- .../tests/__snapshot__/alert_test.yaml.snap | 2 +- .../tests/__snapshot__/provider_test.yaml.snap | 2 +- .../tests/__snapshot__/secret_test.yaml.snap | 2 +- charts/flux2-sync/Chart.yaml | 2 +- charts/flux2-sync/values.yaml | 2 +- charts/flux2/Chart.yaml | 4 ++-- charts/flux2/README.md | 2 +- .../flux2/tests/__snapshot__/helm-controller_test.yaml.snap | 2 +- .../__snapshot__/image-automation-controller_test.yaml.snap | 2 +- .../__snapshot__/image-reflector-controller_test.yaml.snap | 2 +- .../__snapshot__/kustomize-controller-secret_test.yaml.snap | 2 +- .../tests/__snapshot__/kustomize-controller_test.yaml.snap | 2 +- .../__snapshot__/notification-controller_test.yaml.snap | 2 +- .../flux2/tests/__snapshot__/pre-install-job_test.yaml.snap | 6 +++--- .../tests/__snapshot__/source-controller_test.yaml.snap | 2 +- charts/flux2/values.yaml | 2 +- 18 files changed, 21 insertions(+), 21 deletions(-) diff --git a/Makefile b/Makefile index be3298b..4a1b5cd 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ # ==================================================================================== # Setup Project -FLUX2_VERSION ?= v2.1.2 +FLUX2_VERSION ?= v2.2.0 # set the shell to bash always SHELL := /bin/bash diff --git a/charts/flux2-notification/Chart.yaml b/charts/flux2-notification/Chart.yaml index 232be64..a6d606e 100644 --- a/charts/flux2-notification/Chart.yaml +++ b/charts/flux2-notification/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: flux2-notification type: application version: 1.12.4 -appVersion: 2.1.2 +appVersion: 2.2.0 description: A Helm chart for flux2 alerts and the needed providers and secrets sources: - https://github.com/fluxcd-community/helm-charts diff --git a/charts/flux2-notification/tests/__snapshot__/alert_test.yaml.snap b/charts/flux2-notification/tests/__snapshot__/alert_test.yaml.snap index 108466e..d904e7e 100644 --- a/charts/flux2-notification/tests/__snapshot__/alert_test.yaml.snap +++ b/charts/flux2-notification/tests/__snapshot__/alert_test.yaml.snap @@ -7,7 +7,7 @@ should match snapshot: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 helm.sh/chart: flux2-notification-1.12.4 name: all-kustomizations namespace: NAMESPACE diff --git a/charts/flux2-notification/tests/__snapshot__/provider_test.yaml.snap b/charts/flux2-notification/tests/__snapshot__/provider_test.yaml.snap index 5b4f0f2..c7035b6 100644 --- a/charts/flux2-notification/tests/__snapshot__/provider_test.yaml.snap +++ b/charts/flux2-notification/tests/__snapshot__/provider_test.yaml.snap @@ -7,7 +7,7 @@ should match snapshot: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 helm.sh/chart: flux2-notification-1.12.4 name: on-call-slack namespace: NAMESPACE diff --git a/charts/flux2-notification/tests/__snapshot__/secret_test.yaml.snap b/charts/flux2-notification/tests/__snapshot__/secret_test.yaml.snap index b82d2ea..1de462b 100644 --- a/charts/flux2-notification/tests/__snapshot__/secret_test.yaml.snap +++ b/charts/flux2-notification/tests/__snapshot__/secret_test.yaml.snap @@ -7,7 +7,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 helm.sh/chart: flux2-notification-1.12.4 name: webhook-url namespace: NAMESPACE diff --git a/charts/flux2-sync/Chart.yaml b/charts/flux2-sync/Chart.yaml index 5bbf08a..715fdae 100644 --- a/charts/flux2-sync/Chart.yaml +++ b/charts/flux2-sync/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: flux2-sync type: application version: 1.7.3 -appVersion: 2.1.2 +appVersion: 2.2.0 description: A Helm chart for flux2 GitRepository to sync with sources: - https://github.com/fluxcd-community/helm-charts diff --git a/charts/flux2-sync/values.yaml b/charts/flux2-sync/values.yaml index 1355042..40fa18f 100644 --- a/charts/flux2-sync/values.yaml +++ b/charts/flux2-sync/values.yaml @@ -17,7 +17,7 @@ secret: cli: image: ghcr.io/fluxcd/flux-cli - tag: v2.1.1 + tag: v2.2.0 nodeSelector: {} affinity: {} tolerations: [] diff --git a/charts/flux2/Chart.yaml b/charts/flux2/Chart.yaml index 29d2ae9..9c40dca 100644 --- a/charts/flux2/Chart.yaml +++ b/charts/flux2/Chart.yaml @@ -1,8 +1,8 @@ annotations: artifacthub.io/changes: | - - "feat: update CRDs and component versions" + - "feat: update CRDs and component versions to flux v2.2.0" apiVersion: v2 -appVersion: 2.1.2 +appVersion: 2.2.0 description: A Helm chart for flux2 name: flux2 sources: diff --git a/charts/flux2/README.md b/charts/flux2/README.md index 6c578da..b9203b7 100644 --- a/charts/flux2/README.md +++ b/charts/flux2/README.md @@ -19,7 +19,7 @@ This helm chart is maintained and released by the fluxcd-community on a best eff | cli.image | string | `"ghcr.io/fluxcd/flux-cli"` | | | cli.nodeSelector | object | `{}` | | | cli.serviceAccount.automount | bool | `true` | | -| cli.tag | string | `"v2.1.2"` | | +| cli.tag | string | `"v2.2.0"` | | | cli.tolerations | list | `[]` | | | clusterDomain | string | `"cluster.local"` | | | crds.annotations | object | `{}` | Add annotations to all CRD resources, e.g. "helm.sh/resource-policy": keep | diff --git a/charts/flux2/tests/__snapshot__/helm-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/helm-controller_test.yaml.snap index 70abcb5..55bad54 100644 --- a/charts/flux2/tests/__snapshot__/helm-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/helm-controller_test.yaml.snap @@ -8,7 +8,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 control-plane: controller helm.sh/chart: flux2-2.12.0 labeltestkey: labeltestvalue diff --git a/charts/flux2/tests/__snapshot__/image-automation-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/image-automation-controller_test.yaml.snap index 060ea79..c41bff2 100644 --- a/charts/flux2/tests/__snapshot__/image-automation-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/image-automation-controller_test.yaml.snap @@ -8,7 +8,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 control-plane: controller helm.sh/chart: flux2-2.12.0 name: image-automation-controller diff --git a/charts/flux2/tests/__snapshot__/image-reflector-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/image-reflector-controller_test.yaml.snap index 94a2bd2..761131c 100644 --- a/charts/flux2/tests/__snapshot__/image-reflector-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/image-reflector-controller_test.yaml.snap @@ -8,7 +8,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 control-plane: controller helm.sh/chart: flux2-2.12.0 name: image-reflector-controller diff --git a/charts/flux2/tests/__snapshot__/kustomize-controller-secret_test.yaml.snap b/charts/flux2/tests/__snapshot__/kustomize-controller-secret_test.yaml.snap index 789b1d5..0290321 100644 --- a/charts/flux2/tests/__snapshot__/kustomize-controller-secret_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/kustomize-controller-secret_test.yaml.snap @@ -9,7 +9,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 helm.sh/chart: flux2-2.12.0 name: test1 namespace: NAMESPACE diff --git a/charts/flux2/tests/__snapshot__/kustomize-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/kustomize-controller_test.yaml.snap index fa20591..126d6ab 100644 --- a/charts/flux2/tests/__snapshot__/kustomize-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/kustomize-controller_test.yaml.snap @@ -8,7 +8,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 control-plane: controller helm.sh/chart: flux2-2.12.0 name: kustomize-controller diff --git a/charts/flux2/tests/__snapshot__/notification-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/notification-controller_test.yaml.snap index 01b40f3..762b6da 100644 --- a/charts/flux2/tests/__snapshot__/notification-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/notification-controller_test.yaml.snap @@ -8,7 +8,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 control-plane: controller helm.sh/chart: flux2-2.12.0 name: notification-controller diff --git a/charts/flux2/tests/__snapshot__/pre-install-job_test.yaml.snap b/charts/flux2/tests/__snapshot__/pre-install-job_test.yaml.snap index 5c85e43..fdb2106 100644 --- a/charts/flux2/tests/__snapshot__/pre-install-job_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/pre-install-job_test.yaml.snap @@ -11,7 +11,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 helm.sh/chart: flux2-2.12.0 name: RELEASE-NAME-flux-check spec: @@ -22,7 +22,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 helm.sh/chart: flux2-2.12.0 name: RELEASE-NAME spec: @@ -34,7 +34,7 @@ should match snapshot of default values: - --pre - --namespace - NAMESPACE - image: ghcr.io/fluxcd/flux-cli:v2.1.2 + image: ghcr.io/fluxcd/flux-cli:v2.2.0 name: flux-cli securityContext: allowPrivilegeEscalation: false diff --git a/charts/flux2/tests/__snapshot__/source-controller_test.yaml.snap b/charts/flux2/tests/__snapshot__/source-controller_test.yaml.snap index 1a8b111..2ca50fa 100644 --- a/charts/flux2/tests/__snapshot__/source-controller_test.yaml.snap +++ b/charts/flux2/tests/__snapshot__/source-controller_test.yaml.snap @@ -8,7 +8,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - app.kubernetes.io/version: 2.1.2 + app.kubernetes.io/version: 2.2.0 control-plane: controller helm.sh/chart: flux2-2.12.0 name: source-controller diff --git a/charts/flux2/values.yaml b/charts/flux2/values.yaml index 2ec5ee9..5f5ad7f 100644 --- a/charts/flux2/values.yaml +++ b/charts/flux2/values.yaml @@ -23,7 +23,7 @@ clusterDomain: cluster.local cli: image: ghcr.io/fluxcd/flux-cli - tag: v2.1.2 + tag: v2.2.0 nodeSelector: {} affinity: {} tolerations: [] From ffc34c228d3d33d75e75c51c0edcff8143363023 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 19:18:16 +0000 Subject: [PATCH 09/11] Bump GH actions to kube 1.28 Signed-off-by: Rafael da Fonseca --- .github/workflows/e2e-sync.yaml | 2 +- .github/workflows/lint-test.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/e2e-sync.yaml b/.github/workflows/e2e-sync.yaml index 243ed24..8565888 100644 --- a/.github/workflows/e2e-sync.yaml +++ b/.github/workflows/e2e-sync.yaml @@ -18,7 +18,7 @@ jobs: uses: helm/kind-action@v1.4.0 with: cluster_name: kind - node_image: kindest/node:v1.25.11 + node_image: kindest/node:v1.28.0 - name: Setup Helm uses: fluxcd/pkg//actions/helm@main with: diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index 56c12c5..80e85c1 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -46,7 +46,7 @@ jobs: uses: helm/kind-action@v1.7.0 if: steps.list-changed.outputs.changed == 'true' with: - node_image: kindest/node:v1.25.11 + node_image: kindest/node:v1.28.0 - name: Run chart-testing (install) for flux2 run: ct install --config ct.yaml --charts charts/flux2 From d6b8b3f62727f2253a47a272becc2e68c7899aa5 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 19:27:06 +0000 Subject: [PATCH 10/11] Bump flux2-notification alert to v1beta3, bump flux2-notification and flux2-sync charts Signed-off-by: Rafael da Fonseca --- charts/flux2-notification/Chart.yaml | 2 +- charts/flux2-notification/templates/alert.yaml | 2 +- charts/flux2-sync/Chart.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/flux2-notification/Chart.yaml b/charts/flux2-notification/Chart.yaml index a6d606e..c008c75 100644 --- a/charts/flux2-notification/Chart.yaml +++ b/charts/flux2-notification/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: flux2-notification type: application -version: 1.12.4 +version: 1.13.0 appVersion: 2.2.0 description: A Helm chart for flux2 alerts and the needed providers and secrets sources: diff --git a/charts/flux2-notification/templates/alert.yaml b/charts/flux2-notification/templates/alert.yaml index d6a9c3b..aaafa69 100644 --- a/charts/flux2-notification/templates/alert.yaml +++ b/charts/flux2-notification/templates/alert.yaml @@ -1,7 +1,7 @@ {{- if .Values.alertlist}} {{- range $key, $alert := .Values.alertlist }} --- -apiVersion: notification.toolkit.fluxcd.io/v1beta2 +apiVersion: notification.toolkit.fluxcd.io/v1beta3 kind: Alert metadata: labels: diff --git a/charts/flux2-sync/Chart.yaml b/charts/flux2-sync/Chart.yaml index 715fdae..fd1b215 100644 --- a/charts/flux2-sync/Chart.yaml +++ b/charts/flux2-sync/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: flux2-sync type: application -version: 1.7.3 +version: 1.8.0 appVersion: 2.2.0 description: A Helm chart for flux2 GitRepository to sync with sources: From 9197451f1132f251cf0ac0dcdbd8b99651c1ff16 Mon Sep 17 00:00:00 2001 From: Rafael da Fonseca Date: Tue, 12 Dec 2023 19:33:44 +0000 Subject: [PATCH 11/11] Fix chart tests Signed-off-by: Rafael da Fonseca --- charts/flux2-notification/templates/provider.yaml | 2 +- .../tests/__snapshot__/alert_test.yaml.snap | 4 ++-- .../tests/__snapshot__/provider_test.yaml.snap | 4 ++-- .../tests/__snapshot__/secret_test.yaml.snap | 2 +- .../tests/__snapshot__/flux-gitrepository_test.yaml.snap | 4 ++-- .../tests/__snapshot__/flux-kustomization_test.yaml.snap | 2 +- charts/flux2-sync/tests/__snapshot__/secret_test.yaml.snap | 2 +- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/charts/flux2-notification/templates/provider.yaml b/charts/flux2-notification/templates/provider.yaml index 7202f26..6e178c6 100644 --- a/charts/flux2-notification/templates/provider.yaml +++ b/charts/flux2-notification/templates/provider.yaml @@ -1,7 +1,7 @@ {{- if .Values.providerlist}} {{- range $key, $provider := .Values.providerlist }} --- -apiVersion: notification.toolkit.fluxcd.io/v1beta2 +apiVersion: notification.toolkit.fluxcd.io/v1beta3 kind: Provider metadata: labels: diff --git a/charts/flux2-notification/tests/__snapshot__/alert_test.yaml.snap b/charts/flux2-notification/tests/__snapshot__/alert_test.yaml.snap index d904e7e..2dca996 100644 --- a/charts/flux2-notification/tests/__snapshot__/alert_test.yaml.snap +++ b/charts/flux2-notification/tests/__snapshot__/alert_test.yaml.snap @@ -1,6 +1,6 @@ should match snapshot: 1: | - apiVersion: notification.toolkit.fluxcd.io/v1beta2 + apiVersion: notification.toolkit.fluxcd.io/v1beta3 kind: Alert metadata: labels: @@ -8,7 +8,7 @@ should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.2.0 - helm.sh/chart: flux2-notification-1.12.4 + helm.sh/chart: flux2-notification-1.13.0 name: all-kustomizations namespace: NAMESPACE spec: diff --git a/charts/flux2-notification/tests/__snapshot__/provider_test.yaml.snap b/charts/flux2-notification/tests/__snapshot__/provider_test.yaml.snap index c7035b6..a84ba06 100644 --- a/charts/flux2-notification/tests/__snapshot__/provider_test.yaml.snap +++ b/charts/flux2-notification/tests/__snapshot__/provider_test.yaml.snap @@ -1,6 +1,6 @@ should match snapshot: 1: | - apiVersion: notification.toolkit.fluxcd.io/v1beta2 + apiVersion: notification.toolkit.fluxcd.io/v1beta3 kind: Provider metadata: labels: @@ -8,7 +8,7 @@ should match snapshot: app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.2.0 - helm.sh/chart: flux2-notification-1.12.4 + helm.sh/chart: flux2-notification-1.13.0 name: on-call-slack namespace: NAMESPACE spec: diff --git a/charts/flux2-notification/tests/__snapshot__/secret_test.yaml.snap b/charts/flux2-notification/tests/__snapshot__/secret_test.yaml.snap index 1de462b..1df5621 100644 --- a/charts/flux2-notification/tests/__snapshot__/secret_test.yaml.snap +++ b/charts/flux2-notification/tests/__snapshot__/secret_test.yaml.snap @@ -8,7 +8,7 @@ should match snapshot of default values: app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux app.kubernetes.io/version: 2.2.0 - helm.sh/chart: flux2-notification-1.12.4 + helm.sh/chart: flux2-notification-1.13.0 name: webhook-url namespace: NAMESPACE stringData: diff --git a/charts/flux2-sync/tests/__snapshot__/flux-gitrepository_test.yaml.snap b/charts/flux2-sync/tests/__snapshot__/flux-gitrepository_test.yaml.snap index 6afa51c..2981ea0 100644 --- a/charts/flux2-sync/tests/__snapshot__/flux-gitrepository_test.yaml.snap +++ b/charts/flux2-sync/tests/__snapshot__/flux-gitrepository_test.yaml.snap @@ -7,7 +7,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - helm.sh/chart: flux2-sync-1.7.3 + helm.sh/chart: flux2-sync-1.8.0 name: RELEASE-NAME namespace: NAMESPACE spec: @@ -24,7 +24,7 @@ should match snapshot with special values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - helm.sh/chart: flux2-sync-1.7.3 + helm.sh/chart: flux2-sync-1.8.0 name: RELEASE-NAME namespace: NAMESPACE spec: diff --git a/charts/flux2-sync/tests/__snapshot__/flux-kustomization_test.yaml.snap b/charts/flux2-sync/tests/__snapshot__/flux-kustomization_test.yaml.snap index 4cf1dc3..36066b2 100644 --- a/charts/flux2-sync/tests/__snapshot__/flux-kustomization_test.yaml.snap +++ b/charts/flux2-sync/tests/__snapshot__/flux-kustomization_test.yaml.snap @@ -7,7 +7,7 @@ should match kubeconfig: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - helm.sh/chart: flux2-sync-1.7.3 + helm.sh/chart: flux2-sync-1.8.0 name: RELEASE-NAME namespace: NAMESPACE spec: diff --git a/charts/flux2-sync/tests/__snapshot__/secret_test.yaml.snap b/charts/flux2-sync/tests/__snapshot__/secret_test.yaml.snap index 48c4d1e..8e7ea2c 100644 --- a/charts/flux2-sync/tests/__snapshot__/secret_test.yaml.snap +++ b/charts/flux2-sync/tests/__snapshot__/secret_test.yaml.snap @@ -10,7 +10,7 @@ should match snapshot of default values: app.kubernetes.io/instance: NAMESPACE app.kubernetes.io/managed-by: Helm app.kubernetes.io/part-of: flux - helm.sh/chart: flux2-sync-1.7.3 + helm.sh/chart: flux2-sync-1.8.0 name: RELEASE-NAME namespace: NAMESPACE type: Opaque