From 9fdbaf7359bb78e372148588c5b29b033e899f31 Mon Sep 17 00:00:00 2001
From: wojcik91 <wojcik91@users.noreply.github.com>
Date: Wed, 23 Nov 2022 12:24:15 +0000
Subject: [PATCH] chore(deps): upgrade flux components to v0.37.0
---
cluster/base/flux-system/gotk-components.yaml | 221 ++++++++++++++----
1 file changed, 174 insertions(+), 47 deletions(-)
diff --git a/cluster/base/flux-system/gotk-components.yaml b/cluster/base/flux-system/gotk-components.yaml
index daa0ec1e..9c45b886 100644
--- a/cluster/base/flux-system/gotk-components.yaml
+++ b/cluster/base/flux-system/gotk-components.yaml
@@ -1,6 +1,6 @@
---
# This manifest was generated by flux. DO NOT EDIT.
-# Flux Version: v0.35.0
+# Flux Version: v0.37.0
# Components: source-controller,kustomize-controller,helm-controller,notification-controller
apiVersion: v1
kind: Namespace
@@ -8,7 +8,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
pod-security.kubernetes.io/warn: restricted
pod-security.kubernetes.io/warn-version: latest
name: flux-system
@@ -23,7 +23,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: alerts.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
@@ -245,7 +245,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: buckets.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@@ -733,6 +733,10 @@ spec:
the Bucket object.
format: int64
type: integer
+ observedIgnore:
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
+ type: string
url:
description: URL is the dynamic fetch link for the latest Artifact.
It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact
@@ -761,7 +765,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: gitrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@@ -1415,13 +1419,14 @@ spec:
type: object
type: array
contentConfigChecksum:
- description: 'ContentConfigChecksum is a checksum of all the configurations
+ description: "ContentConfigChecksum is a checksum of all the configurations
related to the content of the source artifact: - .spec.ignore -
.spec.recurseSubmodules - .spec.included and the checksum of the
included artifacts observed in .status.observedGeneration version
of the object. This can be used to determine if the content of the
included repository has changed. It has the format of `<algo>:<checksum>`,
- for example: `sha256:<checksum>`.'
+ for example: `sha256:<checksum>`. \n Deprecated: Replaced with explicit
+ fields for observed artifact content config in the status."
type: string
includedArtifacts:
description: IncludedArtifacts contains a list of the last successfully
@@ -1480,6 +1485,44 @@ spec:
the GitRepository object.
format: int64
type: integer
+ observedIgnore:
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
+ type: string
+ observedInclude:
+ description: ObservedInclude is the observed list of GitRepository
+ resources used to to produce the current Artifact.
+ items:
+ description: GitRepositoryInclude specifies a local reference to
+ a GitRepository which Artifact (sub-)contents must be included,
+ and where they should be placed.
+ properties:
+ fromPath:
+ description: FromPath specifies the path to copy contents from,
+ defaults to the root of the Artifact.
+ type: string
+ repository:
+ description: GitRepositoryRef specifies the GitRepository which
+ Artifact contents must be included.
+ properties:
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - name
+ type: object
+ toPath:
+ description: ToPath specifies the path to copy contents to,
+ defaults to the name of the GitRepositoryRef.
+ type: string
+ required:
+ - repository
+ type: object
+ type: array
+ observedRecurseSubmodules:
+ description: ObservedRecurseSubmodules is the observed resource submodules
+ configuration used to produce the current Artifact.
+ type: boolean
url:
description: URL is the dynamic fetch link for the latest Artifact.
It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact
@@ -1508,7 +1551,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: helmcharts.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@@ -1907,6 +1950,34 @@ spec:
items:
type: string
type: array
+ verify:
+ description: Verify contains the secret name containing the trusted
+ public keys used to verify the signature and specifies which provider
+ to use to check whether OCI image is authentic. This field is only
+ supported when using HelmRepository source with spec.type 'oci'.
+ Chart dependencies, which are not bundled in the umbrella chart
+ artifact, are not verified.
+ properties:
+ provider:
+ default: cosign
+ description: Provider specifies the technology used to sign the
+ OCI Artifact.
+ enum:
+ - cosign
+ type: string
+ secretRef:
+ description: SecretRef specifies the Kubernetes Secret containing
+ the trusted public keys.
+ properties:
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - provider
+ type: object
version:
default: '*'
description: Version is the chart version semver expression, ignored
@@ -2079,7 +2150,7 @@ metadata:
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: helmreleases.helm.toolkit.fluxcd.io
spec:
group: helm.toolkit.fluxcd.io
@@ -2192,6 +2263,34 @@ spec:
items:
type: string
type: array
+ verify:
+ description: Verify contains the secret name containing the
+ trusted public keys used to verify the signature and specifies
+ which provider to use to check whether OCI image is authentic.
+ This field is only supported for OCI sources. Chart dependencies,
+ which are not bundled in the umbrella chart artifact, are
+ not verified.
+ properties:
+ provider:
+ default: cosign
+ description: Provider specifies the technology used to
+ sign the OCI Helm chart.
+ enum:
+ - cosign
+ type: string
+ secretRef:
+ description: SecretRef specifies the Kubernetes Secret
+ containing the trusted public keys.
+ properties:
+ name:
+ description: Name of the referent.
+ type: string
+ required:
+ - name
+ type: object
+ required:
+ - provider
+ type: object
version:
default: '*'
description: Version semver expression, ignored for charts
@@ -2305,7 +2404,7 @@ spec:
description: Timeout is the time to wait for any individual Kubernetes
operation (like Jobs for hooks) during the performance of a
Helm install action. Defaults to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
interval:
@@ -2582,7 +2681,7 @@ spec:
description: Timeout is the time to wait for any individual Kubernetes
operation (like Jobs for hooks) during the performance of a
Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
serviceAccountName:
@@ -2624,14 +2723,14 @@ spec:
description: Timeout is the time to wait for any individual Kubernetes
operation during the performance of a Helm test action. Defaults
to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
timeout:
description: Timeout is the time to wait for any individual Kubernetes
operation (like Jobs for hooks) during the performance of a Helm
action. Defaults to '5m0s'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
uninstall:
description: Uninstall holds the configuration for Helm uninstall
@@ -2653,7 +2752,7 @@ spec:
description: Timeout is the time to wait for any individual Kubernetes
operation (like Jobs for hooks) during the performance of a
Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
upgrade:
@@ -2740,7 +2839,7 @@ spec:
description: Timeout is the time to wait for any individual Kubernetes
operation (like Jobs for hooks) during the performance of a
Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
type: object
values:
@@ -2940,7 +3039,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: helmrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@@ -3448,7 +3547,7 @@ metadata:
app.kubernetes.io/component: kustomize-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: kustomizations.kustomize.toolkit.fluxcd.io
spec:
group: kustomize.toolkit.fluxcd.io
@@ -4143,12 +4242,12 @@ spec:
secretRef:
description: SecretRef holds the name of a secret that contains
a key with the kubeconfig file as the value. If no key is set,
- the key will default to 'value'. The secret must be in the same
- namespace as the Kustomization. It is recommended that the kubeconfig
- is self-contained, and the secret is regularly updated if credentials
- such as a cloud-access-token expire. Cloud specific `cmd-path`
- auth helpers will not function without adding binaries and credentials
- to the Pod that is responsible for reconciling the Kustomization.
+ the key will default to 'value'. It is recommended that the
+ kubeconfig is self-contained, and the secret is regularly updated
+ if credentials such as a cloud-access-token expire. Cloud specific
+ `cmd-path` auth helpers will not function without adding binaries
+ and credentials to the Pod that is responsible for reconciling
+ Kubernetes resources.
properties:
key:
description: Key in the Secret, when not specified an implementation-specific
@@ -4160,6 +4259,8 @@ spec:
required:
- name
type: object
+ required:
+ - secretRef
type: object
patches:
description: Strategic merge and JSON patches, defined as inline YAML
@@ -4415,7 +4516,7 @@ spec:
timeout:
description: Timeout for validation, apply and health checking operations.
Defaults to 'Interval' duration.
- pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
+ pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
validation:
description: 'Deprecated: Not used in v1beta2.'
@@ -4573,7 +4674,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: ocirepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
@@ -4870,12 +4971,14 @@ spec:
type: object
type: array
contentConfigChecksum:
- description: 'ContentConfigChecksum is a checksum of all the configurations
+ description: "ContentConfigChecksum is a checksum of all the configurations
related to the content of the source artifact: - .spec.ignore -
.spec.layerSelector observed in .status.observedGeneration version
of the object. This can be used to determine if the content configuration
has changed and the artifact needs to be rebuilt. It has the format
- of `<algo>:<checksum>`, for example: `sha256:<checksum>`.'
+ of `<algo>:<checksum>`, for example: `sha256:<checksum>`. \n Deprecated:
+ Replaced with explicit fields for observed artifact content config
+ in the status."
type: string
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
@@ -4886,6 +4989,29 @@ spec:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
+ observedIgnore:
+ description: ObservedIgnore is the observed exclusion patterns used
+ for constructing the source artifact.
+ type: string
+ observedLayerSelector:
+ description: ObservedLayerSelector is the observed layer selector
+ used for constructing the source artifact.
+ properties:
+ mediaType:
+ description: MediaType specifies the OCI media type of the layer
+ which should be extracted from the OCI Artifact. The first layer
+ matching this type is selected.
+ type: string
+ operation:
+ description: Operation specifies how the selected layer should
+ be processed. By default, the layer compressed content is extracted
+ to storage. When the operation is set to 'copy', the layer compressed
+ content is persisted to storage as it is.
+ enum:
+ - extract
+ - copy
+ type: string
+ type: object
url:
description: URL is the download link for the artifact output of the
last OCI Repository sync.
@@ -4913,7 +5039,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: providers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
@@ -5001,6 +5127,7 @@ spec:
- msteams
- rocket
- generic
+ - generic-hmac
- github
- gitlab
- bitbucket
@@ -5123,7 +5250,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: receivers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
@@ -5350,7 +5477,7 @@ metadata:
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: helm-controller
namespace: flux-system
---
@@ -5361,7 +5488,7 @@ metadata:
app.kubernetes.io/component: kustomize-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: kustomize-controller
namespace: flux-system
---
@@ -5372,7 +5499,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: notification-controller
namespace: flux-system
---
@@ -5383,7 +5510,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: source-controller
namespace: flux-system
---
@@ -5393,7 +5520,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: crd-controller-flux-system
rules:
- apiGroups:
@@ -5483,7 +5610,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: cluster-reconciler-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -5503,7 +5630,7 @@ metadata:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
name: crd-controller-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
@@ -5536,7 +5663,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
control-plane: controller
name: notification-controller
namespace: flux-system
@@ -5557,7 +5684,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
control-plane: controller
name: source-controller
namespace: flux-system
@@ -5578,7 +5705,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
control-plane: controller
name: webhook-receiver
namespace: flux-system
@@ -5599,7 +5726,7 @@ metadata:
app.kubernetes.io/component: helm-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
control-plane: controller
name: helm-controller
namespace: flux-system
@@ -5628,7 +5755,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/helm-controller:v0.25.0
+ image: ghcr.io/fluxcd/helm-controller:v0.27.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@@ -5682,7 +5809,7 @@ metadata:
app.kubernetes.io/component: kustomize-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
control-plane: controller
name: kustomize-controller
namespace: flux-system
@@ -5711,7 +5838,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/kustomize-controller:v0.29.0
+ image: ghcr.io/fluxcd/kustomize-controller:v0.31.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@@ -5765,7 +5892,7 @@ metadata:
app.kubernetes.io/component: notification-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
control-plane: controller
name: notification-controller
namespace: flux-system
@@ -5793,7 +5920,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/notification-controller:v0.27.0
+ image: ghcr.io/fluxcd/notification-controller:v0.29.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
@@ -5853,7 +5980,7 @@ metadata:
app.kubernetes.io/component: source-controller
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.35.0
+ app.kubernetes.io/version: v0.37.0
control-plane: controller
name: source-controller
namespace: flux-system
@@ -5888,7 +6015,7 @@ spec:
fieldPath: metadata.namespace
- name: TUF_ROOT
value: /tmp/.sigstore
- image: ghcr.io/fluxcd/source-controller:v0.30.0
+ image: ghcr.io/fluxcd/source-controller:v0.32.1
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet: