aggarwalakshun/k3s
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity

Update dependency fluxcd/flux2 to v2.7.5 #147

Merged
aggarwalakshun merged 1 commits from renovate/fluxcd-flux2-2.x into main 2025-11-29 04:38:29 +00:00
Conversation 0 Commits 1 Files Changed 1 +46 -44
aggarwalakshun commented 2025-11-28 00:04:19 +00:00
Owner
Copy Link

This PR contains the following updates:

Package Update Change
fluxcd/flux2 patch v2.7.0 -> v2.7.5

Release Notes

fluxcd/flux2 (fluxcd/flux2)

v2.7.5

Compare Source

Highlights

Flux v2.7.5 is a patch release that comes with fixes to helm-controller. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

  • Fix HelmRelease history truncation when using the RetryOnFailure strategy.

⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3.
Flux users are advised to use Cosign v2.6 for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.

Components changelog

CLI changelog

Full Changelog: https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5

v2.7.4

Compare Source

Highlights

Flux v2.7.4 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

  • Add DisableConfigWatchers feature gate to all controllers for disabling the Secrets/ConfigMaps watchers
  • Fix Workload Identity for Azure China Cloud in all controllers
  • Update Helm Go SDK to v3.19.2 fixing schema validation issues in helm-controller
  • Skip secret decryption for remote kustomize patches in kustomize-controller
  • Improve post-build error reporting in kustomize-controller
  • Add ArtifactGenerator to aggregated RBAC roles

⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3.
Flux users are advised to use Cosign v2.6 for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.

Components changelog

CLI changelog

Full Changelog: https://github.com/fluxcd/flux2/compare/v2.7.3...v2.7.4

v2.7.3

Compare Source

Highlights

Flux v2.7.3 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

  • Restore SOCKS5 proxy support in all controllers
  • Fix status reporting of HelmReleases with RetryOnFailure strategy
  • Automated retries for ImagePolicies when no image tags are found in the database
  • Fix alerting for Telegram's message_thread_id
  • Allow running kustomize-controller and helm-controller on the same loopback interface as source-watcher

⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Users are advised to use Cosign v2.6 for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.

Components changelog

CLI changelog

Full Changelog: https://github.com/fluxcd/flux2/compare/v2.7.2...v2.7.3

v2.7.2

Compare Source

Highlights

Flux v2.7.2 is a patch release that comes with security fixes. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

All Flux components are now built with Go 1.25.2 which includes fixes for vulnerabilities in the Go stdlib that could lead to denial of service. The list of security fixes can be found in the Go 1.25.2 release notes.

Components changelog

CLI changelog

Full Changelog: https://github.com/fluxcd/flux2/compare/v2.7.1...v2.7.2

v2.7.1

Compare Source

Highlights

Flux v2.7.1 is a patch release that comes with various improvements and fixes. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Improvements:

  • Extend flux migrate with support for migrating manifests in Git repositories to the latest API versions.
  • Add recommendations for configuring HelmReleases on production environments.

Fixes:

  • Fix flux migrate command to handle managed fields properly.
  • Fix self-signed TLS cert handling for public Helm repositories in source-controller.
  • Fix the default API versions used by receivers in notification-controller.
  • Fix redundant Ready condition patching in helm-controller.
  • Fix workload identity configuration examples for kubeconfig in helm-controller and kustomize-controller.

Components changelog

CLI changelog

Full Changelog: https://github.com/fluxcd/flux2/compare/v2.7.0...v2.7.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [fluxcd/flux2](https://github.com/fluxcd/flux2) | patch | `v2.7.0` -> `v2.7.5` | --- ### Release Notes <details> <summary>fluxcd/flux2 (fluxcd/flux2)</summary> ### [`v2.7.5`](https://github.com/fluxcd/flux2/releases/tag/v2.7.5) [Compare Source](https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5) #### Highlights Flux v2.7.5 is a patch release that comes with fixes to helm-controller. Users are encouraged to upgrade for the best experience. ℹ️ Please follow the [Upgrade Procedure for Flux v2.7+](https://github.com/fluxcd/flux2/discussions/5572) for a smooth upgrade from Flux v2.6 to the latest version. Fixes: - Fix HelmRelease history truncation when using the `RetryOnFailure` strategy. :warning: Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Flux users are advised to use [Cosign v2.6](https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries) for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8. #### Components changelog - helm-controller [v1.4.5](https://github.com/fluxcd/helm-controller/blob/v1.4.5/CHANGELOG.md) #### CLI changelog - \[release/v2.7.x] Update toolkit components by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5649](https://github.com/fluxcd/flux2/pull/5649) **Full Changelog**: <https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5> ### [`v2.7.4`](https://github.com/fluxcd/flux2/releases/tag/v2.7.4) [Compare Source](https://github.com/fluxcd/flux2/compare/v2.7.3...v2.7.4) #### Highlights Flux v2.7.4 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience. ℹ️ Please follow the [Upgrade Procedure for Flux v2.7+](https://github.com/fluxcd/flux2/discussions/5572) for a smooth upgrade from Flux v2.6 to the latest version. Fixes: - Add `DisableConfigWatchers` feature gate to all controllers for disabling the Secrets/ConfigMaps watchers - Fix Workload Identity for Azure China Cloud in all controllers - Update Helm Go SDK to v3.19.2 fixing schema validation issues in helm-controller - Skip secret decryption for remote kustomize patches in kustomize-controller - Improve post-build error reporting in kustomize-controller - Add `ArtifactGenerator` to aggregated RBAC roles :warning: Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Flux users are advised to use [Cosign v2.6](https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries) for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8. #### Components changelog - source-controller [v1.7.4](https://github.com/fluxcd/source-controller/blob/v1.7.4/CHANGELOG.md) - kustomize-controller [v1.7.3](https://github.com/fluxcd/kustomize-controller/blob/v1.7.3/CHANGELOG.md) - notification-controller [v1.7.5](https://github.com/fluxcd/notification-controller/blob/v1.7.5/CHANGELOG.md) - helm-controller [v1.4.4](https://github.com/fluxcd/helm-controller/blob/v1.4.4/CHANGELOG.md) - image-reflector-controller [v1.0.4](https://github.com/fluxcd/image-reflector-controller/blob/v1.0.4/CHANGELOG.md) - image-automation-controller [v1.0.4](https://github.com/fluxcd/image-automation-controller/blob/v1.0.4/CHANGELOG.md) - source-watcher [v2.0.3](https://github.com/fluxcd/source-watcher/blob/v2.0.3/CHANGELOG.md) #### CLI changelog - \[release/v2.7.x] ci: Include source-watcher in the e2e test suite by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5615](https://github.com/fluxcd/flux2/pull/5615) - \[release/v2.7.x] Add source.extensions.fluxcd.io group to aggregated RBAC roles by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5628](https://github.com/fluxcd/flux2/pull/5628) - \[release/v2.7.x] Fix panic on reconcile with source of ExternalArtifact kind by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5631](https://github.com/fluxcd/flux2/pull/5631) - \[release/v2.7.x] Upgrade k8s to 1.34.2, c-r to 0.22.4 and helm to 3.19.2 by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5634](https://github.com/fluxcd/flux2/pull/5634) - \[release/v2.7.x] diff: report if object is skipped by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5635](https://github.com/fluxcd/flux2/pull/5635) - \[release/v2.7.x] Update toolkit components by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5640](https://github.com/fluxcd/flux2/pull/5640) - \[release/v2.7.x] Allow option to skip tenant namespace creation by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5642](https://github.com/fluxcd/flux2/pull/5642) **Full Changelog**: <https://github.com/fluxcd/flux2/compare/v2.7.3...v2.7.4> ### [`v2.7.3`](https://github.com/fluxcd/flux2/releases/tag/v2.7.3) [Compare Source](https://github.com/fluxcd/flux2/compare/v2.7.2...v2.7.3) #### Highlights Flux v2.7.3 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience. ℹ️ Please follow the [Upgrade Procedure for Flux v2.7+](https://github.com/fluxcd/flux2/discussions/5572) for a smooth upgrade from Flux v2.6 to the latest version. Fixes: - Restore SOCKS5 proxy support in all controllers - Fix status reporting of HelmReleases with `RetryOnFailure` strategy - Automated retries for ImagePolicies when no image tags are found in the database - Fix alerting for Telegram's `message_thread_id` - Allow running kustomize-controller and helm-controller on the same loopback interface as source-watcher :warning: Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Users are advised to use [Cosign v2.6](https://fluxcd.io/flux/flux-gh-action/#push-and-sign-kubernetes-manifests-to-container-registries) for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8. #### Components changelog - source-controller [v1.7.3](https://github.com/fluxcd/source-controller/blob/v1.7.3/CHANGELOG.md) - kustomize-controller [v1.7.2](https://github.com/fluxcd/kustomize-controller/blob/v1.7.2/CHANGELOG.md) - notification-controller [v1.7.4](https://github.com/fluxcd/notification-controller/blob/v1.7.4/CHANGELOG.md) - helm-controller [v1.4.3](https://github.com/fluxcd/helm-controller/blob/v1.4.3/CHANGELOG.md) - image-reflector-controller [v1.0.3](https://github.com/fluxcd/image-reflector-controller/blob/v1.0.3/CHANGELOG.md) - image-automation-controller [v1.0.3](https://github.com/fluxcd/image-automation-controller/blob/v1.0.3/CHANGELOG.md) #### CLI changelog - \[release/v2.7.x] Pin cosign to v2.6.1 by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5595](https://github.com/fluxcd/flux2/pull/5595) - \[release/v2.7.x] Update toolkit components by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5605](https://github.com/fluxcd/flux2/pull/5605) - \[release/v2.7.x] fix: return accepted values for flags when calling Values.Type() by [@&#8203;fluxcdbot](https://github.com/fluxcdbot) in [#&#8203;5606](https://github.com/fluxcd/flux2/pull/5606) **Full Changelog**: <https://github.com/fluxcd/flux2/compare/v2.7.2...v2.7.3> ### [`v2.7.2`](https://github.com/fluxcd/flux2/releases/tag/v2.7.2) [Compare Source](https://github.com/fluxcd/flux2/compare/v2.7.1...v2.7.2) #### Highlights Flux v2.7.2 is a patch release that comes with security fixes. Users are encouraged to upgrade for the best experience. ℹ️ Please follow the [Upgrade Procedure for Flux v2.7+](https://github.com/fluxcd/flux2/discussions/5572) for a smooth upgrade from Flux v2.6 to the latest version. All Flux components are now built with Go 1.25.2 which includes fixes for vulnerabilities in the Go stdlib that could lead to denial of service. The list of security fixes can be found in the [Go 1.25.2 release notes](https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI/m/qZN5nc-mBgAJ). #### Components changelog - source-controller [v1.7.2](https://github.com/fluxcd/source-controller/blob/v1.7.2/CHANGELOG.md) - kustomize-controller [v1.7.1](https://github.com/fluxcd/kustomize-controller/blob/v1.7.1/CHANGELOG.md) - notification-controller [v1.7.3](https://github.com/fluxcd/notification-controller/blob/v1.7.3/CHANGELOG.md) - helm-controller [v1.4.2](https://github.com/fluxcd/helm-controller/blob/v1.4.2/CHANGELOG.md) - image-reflector-controller [v1.0.2](https://github.com/fluxcd/image-reflector-controller/blob/v1.0.2/CHANGELOG.md) - image-automation-controller [v1.0.2](https://github.com/fluxcd/image-automation-controller/blob/v1.0.2/CHANGELOG.md) - source-watcher [v2.0.2](https://github.com/fluxcd/source-watcher/blob/v2.0.2/CHANGELOG.md) #### CLI changelog - \[release/v2.7.x] Fix manifest generation for `--storage-adv-addr` and `--events-addr` flags by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5575](https://github.com/fluxcd/flux2/pull/5575) - \[release/v2.7.x] Update dependencies to Kubernetes v1.34.1 and Go 1.25.2 by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5577](https://github.com/fluxcd/flux2/pull/5577) - \[release/v2.7.x] Update toolkit components by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5579](https://github.com/fluxcd/flux2/pull/5579) **Full Changelog**: <https://github.com/fluxcd/flux2/compare/v2.7.1...v2.7.2> ### [`v2.7.1`](https://github.com/fluxcd/flux2/releases/tag/v2.7.1) [Compare Source](https://github.com/fluxcd/flux2/compare/v2.7.0...v2.7.1) #### Highlights Flux v2.7.1 is a patch release that comes with various improvements and fixes. Users are encouraged to upgrade for the best experience. ℹ️ Please follow the [Upgrade Procedure for Flux v2.7+](https://github.com/fluxcd/flux2/discussions/5572) for a smooth upgrade from Flux v2.6 to the latest version. Improvements: - Extend [flux migrate](https://fluxcd.io/flux/cmd/flux_migrate/) with support for migrating manifests in Git repositories to the latest API versions. - Add [recommendations](https://fluxcd.io/flux/components/helm/helmreleases/#recommended-settings) for configuring HelmReleases on production environments. Fixes: - Fix `flux migrate` command to handle managed fields properly. - Fix self-signed TLS cert handling for public Helm repositories in source-controller. - Fix the default API versions used by receivers in notification-controller. - Fix redundant `Ready` condition patching in helm-controller. - Fix workload identity configuration examples for kubeconfig in helm-controller and kustomize-controller. #### Components changelog - source-controller [v1.7.1](https://github.com/fluxcd/source-controller/blob/v1.7.1/CHANGELOG.md) - notification-controller [v1.7.2](https://github.com/fluxcd/notification-controller/blob/v1.7.2/CHANGELOG.md) - helm-controller [v1.4.1](https://github.com/fluxcd/helm-controller/blob/v1.4.1/CHANGELOG.md) #### CLI changelog - \[release/v2.7.x] Backport CI fixes and updates by [@&#8203;matheuscscp](https://github.com/matheuscscp) in [#&#8203;5552](https://github.com/fluxcd/flux2/pull/5552) - \[release/v2.7.x] Fix `flux push artifact` not working with `--provider` by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5553](https://github.com/fluxcd/flux2/pull/5553) - \[release/v2.7.x] Extend `flux migrate` to work with local files by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5557](https://github.com/fluxcd/flux2/pull/5557) - \[release/v2.7.x] Improve `flux migrate` for live cluster migrations by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5559](https://github.com/fluxcd/flux2/pull/5559) - \[release/v2.7.x] Fix `flux migrate -f` command to work with comments by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5561](https://github.com/fluxcd/flux2/pull/5561) - \[release/v2.7.x] Fix `flux migrate -f` not considering kind comments by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5564](https://github.com/fluxcd/flux2/pull/5564) - \[release/v2.7.x] Update toolkit components by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5569](https://github.com/fluxcd/flux2/pull/5569) - \[release/v2.7.x] Disable AUR publishing by [@&#8203;github-actions](https://github.com/github-actions)\[bot] in [#&#8203;5571](https://github.com/fluxcd/flux2/pull/5571) **Full Changelog**: <https://github.com/fluxcd/flux2/compare/v2.7.0...v2.7.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNjUuMiIsInVwZGF0ZWRJblZlciI6IjQxLjE2NS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
aggarwalakshun added 1 commit 2025-11-28 00:04:20 +00:00
Update dependency fluxcd/flux2 to v2.7.5 2219b86f01
aggarwalakshun merged commit 0cbbdb632e into main 2025-11-29 04:38:29 +00:00
aggarwalakshun deleted branch renovate/fluxcd-flux2-2.x 2025-11-29 04:38:30 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
aggarwalakshun
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: aggarwalakshun/k3s#147
Delete Branch "renovate/fluxcd-flux2-2.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?