From 148e77663103995c414980702f13e01a7f5ebdd3 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 24 Oct 2022 12:41:01 +0000 Subject: [PATCH] chore(deps): update dependency fluxcd/flux2 to v0.36.0 --- cluster/base/flux-system/gotk-components.yaml | 225 ++++++++++++++---- 1 file changed, 176 insertions(+), 49 deletions(-) diff --git a/cluster/base/flux-system/gotk-components.yaml b/cluster/base/flux-system/gotk-components.yaml index 0f286ac7..8fcdf055 100644 --- a/cluster/base/flux-system/gotk-components.yaml +++ b/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.35.0 +# Flux Version: v0.36.0 # Components: source-controller,kustomize-controller,helm-controller,notification-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -23,7 +23,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -245,7 +245,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -733,6 +733,10 @@ spec: the Bucket object. format: int64 type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string url: description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact @@ -761,7 +765,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1415,13 +1419,14 @@ spec: type: object type: array contentConfigChecksum: - description: 'ContentConfigChecksum is a checksum of all the configurations + description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the source artifact: - .spec.ignore - .spec.recurseSubmodules - .spec.included and the checksum of the included artifacts observed in .status.observedGeneration version of the object. This can be used to determine if the content of the included repository has changed. It has the format of `:`, - for example: `sha256:`.' + for example: `sha256:`. \n Deprecated: Replaced with explicit + fields for observed artifact content config in the status." type: string includedArtifacts: description: IncludedArtifacts contains a list of the last successfully @@ -1480,6 +1485,44 @@ spec: the GitRepository object. format: int64 type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedInclude: + description: ObservedInclude is the observed list of GitRepository + resources used to to produce the current Artifact. + items: + description: GitRepositoryInclude specifies a local reference to + a GitRepository which Artifact (sub-)contents must be included, + and where they should be placed. + properties: + fromPath: + description: FromPath specifies the path to copy contents from, + defaults to the root of the Artifact. + type: string + repository: + description: GitRepositoryRef specifies the GitRepository which + Artifact contents must be included. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + toPath: + description: ToPath specifies the path to copy contents to, + defaults to the name of the GitRepositoryRef. + type: string + required: + - repository + type: object + type: array + observedRecurseSubmodules: + description: ObservedRecurseSubmodules is the observed resource submodules + configuration used to produce the current Artifact. + type: boolean url: description: URL is the dynamic fetch link for the latest Artifact. It is provided on a "best effort" basis, and using the precise GitRepositoryStatus.Artifact @@ -1508,7 +1551,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -1907,6 +1950,34 @@ spec: items: type: string type: array + verify: + description: Verify contains the secret name containing the trusted + public keys used to verify the signature and specifies which provider + to use to check whether OCI image is authentic. This field is only + supported when using HelmRepository source with spec.type 'oci'. + Chart dependencies, which are not bundled in the umbrella chart + artifact, are not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to sign the + OCI Artifact. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret containing + the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object version: default: '*' description: Version is the chart version semver expression, ignored @@ -2079,7 +2150,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2192,6 +2263,34 @@ spec: items: type: string type: array + verify: + description: Verify contains the secret name containing the + trusted public keys used to verify the signature and specifies + which provider to use to check whether OCI image is authentic. + This field is only supported for OCI sources. Chart dependencies, + which are not bundled in the umbrella chart artifact, are + not verified. + properties: + provider: + default: cosign + description: Provider specifies the technology used to + sign the OCI Helm chart. + enum: + - cosign + type: string + secretRef: + description: SecretRef specifies the Kubernetes Secret + containing the trusted public keys. + properties: + name: + description: Name of the referent. + type: string + required: + - name + type: object + required: + - provider + type: object version: default: '*' description: Version semver expression, ignored for charts @@ -2305,7 +2404,7 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm install action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object interval: @@ -2582,7 +2681,7 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm rollback action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object serviceAccountName: @@ -2624,7 +2723,7 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation during the performance of a Helm test action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object timeout: @@ -2653,7 +2752,7 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm uninstall action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object upgrade: @@ -2740,7 +2839,7 @@ spec: description: Timeout is the time to wait for any individual Kubernetes operation (like Jobs for hooks) during the performance of a Helm upgrade action. Defaults to 'HelmReleaseSpec.Timeout'. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string type: object values: @@ -2940,7 +3039,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3448,7 +3547,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -4143,12 +4242,12 @@ spec: secretRef: description: SecretRef holds the name of a secret that contains a key with the kubeconfig file as the value. If no key is set, - the key will default to 'value'. The secret must be in the same - namespace as the Kustomization. It is recommended that the kubeconfig - is self-contained, and the secret is regularly updated if credentials - such as a cloud-access-token expire. Cloud specific `cmd-path` - auth helpers will not function without adding binaries and credentials - to the Pod that is responsible for reconciling the Kustomization. + the key will default to 'value'. It is recommended that the + kubeconfig is self-contained, and the secret is regularly updated + if credentials such as a cloud-access-token expire. Cloud specific + `cmd-path` auth helpers will not function without adding binaries + and credentials to the Pod that is responsible for reconciling + Kubernetes resources. properties: key: description: Key in the Secret, when not specified an implementation-specific @@ -4160,6 +4259,8 @@ spec: required: - name type: object + required: + - secretRef type: object patches: description: Strategic merge and JSON patches, defined as inline YAML @@ -4415,7 +4516,7 @@ spec: timeout: description: Timeout for validation, apply and health checking operations. Defaults to 'Interval' duration. - pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$ + pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$ type: string validation: description: 'Deprecated: Not used in v1beta2.' @@ -4573,7 +4674,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: ocirepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -4870,12 +4971,14 @@ spec: type: object type: array contentConfigChecksum: - description: 'ContentConfigChecksum is a checksum of all the configurations + description: "ContentConfigChecksum is a checksum of all the configurations related to the content of the source artifact: - .spec.ignore - .spec.layerSelector observed in .status.observedGeneration version of the object. This can be used to determine if the content configuration has changed and the artifact needs to be rebuilt. It has the format - of `:`, for example: `sha256:`.' + of `:`, for example: `sha256:`. \n Deprecated: + Replaced with explicit fields for observed artifact content config + in the status." type: string lastHandledReconcileAt: description: LastHandledReconcileAt holds the value of the most recent @@ -4886,6 +4989,29 @@ spec: description: ObservedGeneration is the last observed generation. format: int64 type: integer + observedIgnore: + description: ObservedIgnore is the observed exclusion patterns used + for constructing the source artifact. + type: string + observedLayerSelector: + description: ObservedLayerSelector is the observed layer selector + used for constructing the source artifact. + properties: + mediaType: + description: MediaType specifies the OCI media type of the layer + which should be extracted from the OCI Artifact. The first layer + matching this type is selected. + type: string + operation: + description: Operation specifies how the selected layer should + be processed. By default, the layer compressed content is extracted + to storage. When the operation is set to 'copy', the layer compressed + content is persisted to storage as it is. + enum: + - extract + - copy + type: string + type: object url: description: URL is the download link for the artifact output of the last OCI Repository sync. @@ -4913,7 +5039,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5001,6 +5127,7 @@ spec: - msteams - rocket - generic + - generic-hmac - github - gitlab - bitbucket @@ -5123,7 +5250,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -5350,7 +5477,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: helm-controller namespace: flux-system --- @@ -5361,7 +5488,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: kustomize-controller namespace: flux-system --- @@ -5372,7 +5499,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: notification-controller namespace: flux-system --- @@ -5383,7 +5510,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: source-controller namespace: flux-system --- @@ -5393,7 +5520,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: crd-controller-flux-system rules: - apiGroups: @@ -5483,7 +5610,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5503,7 +5630,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -5536,7 +5663,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 control-plane: controller name: notification-controller namespace: flux-system @@ -5557,7 +5684,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 control-plane: controller name: source-controller namespace: flux-system @@ -5578,7 +5705,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 control-plane: controller name: webhook-receiver namespace: flux-system @@ -5599,7 +5726,7 @@ metadata: app.kubernetes.io/component: helm-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 control-plane: controller name: helm-controller namespace: flux-system @@ -5628,7 +5755,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.25.0 + image: ghcr.io/fluxcd/helm-controller:v0.26.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5682,7 +5809,7 @@ metadata: app.kubernetes.io/component: kustomize-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 control-plane: controller name: kustomize-controller namespace: flux-system @@ -5711,7 +5838,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.29.0 + image: ghcr.io/fluxcd/kustomize-controller:v0.30.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5765,7 +5892,7 @@ metadata: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 control-plane: controller name: notification-controller namespace: flux-system @@ -5793,7 +5920,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.27.0 + image: ghcr.io/fluxcd/notification-controller:v0.28.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5853,7 +5980,7 @@ metadata: app.kubernetes.io/component: source-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 control-plane: controller name: source-controller namespace: flux-system @@ -5888,7 +6015,7 @@ spec: fieldPath: metadata.namespace - name: TUF_ROOT value: /tmp/.sigstore - image: ghcr.io/fluxcd/source-controller:v0.30.0 + image: ghcr.io/fluxcd/source-controller:v0.31.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5948,7 +6075,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: allow-egress namespace: flux-system spec: @@ -5968,7 +6095,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: allow-scraping namespace: flux-system spec: @@ -5988,7 +6115,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.35.0 + app.kubernetes.io/version: v0.36.0 name: allow-webhooks namespace: flux-system spec: