diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f7dffe4..246408f2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,65 @@ All notable changes to this project are documented in this file. +## 1.8.0 + +**Release date:** 2026-02-17 + +This minor release comes with various bug fixes and improvements. + +⚠️ The `v1beta2` APIs were removed. Before upgrading the CRDs, Flux users +must run [`flux migrate`](https://github.com/fluxcd/flux2/pull/5473) to +migrate the cluster storage off `v1beta2`. + +### Kustomization + +The controller now cancels in-progress health checks when a new reconciliation +request is received, reducing the mean time to recovery (MTTR) in case of +failed deployments. This is available through the `CancelHealthCheckOnNewRevision` +feature gate, that previously worked only for new source revisions but now also +works for any watch events that trigger a new reconciliation. + +A custom SSA stage has been introduced, allowing Role and RoleBinding objects +to be applied in the same call even when the impersonated ServiceAccount does +not have a ClusterRoleBinding for `cluster-admin`. This can be specified with +the flag `--custom-apply-stage-kinds=rbac.authorization.k8s.io/Role`. + +Health checks now handle Jobs with TTL set to zero seconds that are deleted +before or during health checking. + +A `DirectSourceFetch` feature gate has been added to bypass cache for source +objects, enabling immediate consistency for source object reads. + +### General updates + +In addition, the Kubernetes dependencies have been updated to v1.35.0, +Kustomize has been updated to v5.8.1 and the controller is now built +with Go 1.26. + +Fixes: +- Fix decryptor copy of auth.Option slices (avoid overrides) + [#1570](https://github.com/fluxcd/kustomize-controller/pull/1570) + +Improvements: +- Reduce the mean time to recovery (MTTR) in case of failed deployments + [#1536](https://github.com/fluxcd/kustomize-controller/pull/1536) +- Introduce custom SSA stage + [#1571](https://github.com/fluxcd/kustomize-controller/pull/1571) +- Handle Jobs with TTL in health checks + [#1578](https://github.com/fluxcd/kustomize-controller/pull/1578) +- Add `DirectSourceFetch` feature gate to bypass cache for source objects + [#1586](https://github.com/fluxcd/kustomize-controller/pull/1586) +- Remove deprecated APIs in group `kustomize.toolkit.fluxcd.io/v1beta2` + [#1584](https://github.com/fluxcd/kustomize-controller/pull/1584) +- Various dependency updates + [#1566](https://github.com/fluxcd/kustomize-controller/pull/1566) + [#1572](https://github.com/fluxcd/kustomize-controller/pull/1572) + [#1575](https://github.com/fluxcd/kustomize-controller/pull/1575) + [#1581](https://github.com/fluxcd/kustomize-controller/pull/1581) + [#1585](https://github.com/fluxcd/kustomize-controller/pull/1585) + [#1588](https://github.com/fluxcd/kustomize-controller/pull/1588) + [#1589](https://github.com/fluxcd/kustomize-controller/pull/1589) + ## 1.7.3 **Release date:** 2025-11-19 diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 3370c4a1..bafdc52b 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -2,8 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization namespace: kustomize-system resources: -- https://github.com/fluxcd/source-controller/releases/download/v1.7.2/source-controller.crds.yaml -- https://github.com/fluxcd/source-controller/releases/download/v1.7.2/source-controller.deployment.yaml +- https://github.com/fluxcd/source-controller/releases/download/v1.8.0/source-controller.crds.yaml +- https://github.com/fluxcd/source-controller/releases/download/v1.8.0/source-controller.deployment.yaml - ../crd - ../rbac - ../manager diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index cbdfe3ed..4ece535f 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -5,4 +5,4 @@ resources: images: - name: fluxcd/kustomize-controller newName: fluxcd/kustomize-controller - newTag: v1.7.0 + newTag: v1.8.0 diff --git a/go.mod b/go.mod index edb34cc4..e5548b04 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/cyphar/filepath-securejoin v0.6.1 github.com/dimchansky/utfbom v1.1.1 github.com/fluxcd/cli-utils v0.37.1-flux.1 - github.com/fluxcd/kustomize-controller/api v1.7.0 + github.com/fluxcd/kustomize-controller/api v1.8.0 github.com/fluxcd/pkg/apis/acl v0.9.0 github.com/fluxcd/pkg/apis/event v0.24.0 github.com/fluxcd/pkg/apis/kustomize v1.15.0 @@ -32,7 +32,7 @@ require ( github.com/fluxcd/pkg/ssa v0.67.1 github.com/fluxcd/pkg/tar v0.17.0 github.com/fluxcd/pkg/testserver v0.13.0 - github.com/fluxcd/source-controller/api v1.7.2 + github.com/fluxcd/source-controller/api v1.8.0 github.com/getsops/sops/v3 v3.11.0 github.com/google/cel-go v0.26.1 github.com/hashicorp/vault/api v1.22.0 diff --git a/go.sum b/go.sum index 79652a96..f24cffd1 100644 --- a/go.sum +++ b/go.sum @@ -220,8 +220,8 @@ github.com/fluxcd/pkg/tar v0.17.0 h1:uNxbFXy8ly8C7fJ8D7w3rjTNJFrb4Hp1aY/30XkfvxY github.com/fluxcd/pkg/tar v0.17.0/go.mod h1:b1xyIRYDD0ket4SV5u0UXYv+ZdN/O/HmIO5jZQdHQls= github.com/fluxcd/pkg/testserver v0.13.0 h1:xEpBcEYtD7bwvZ+i0ZmChxKkDo/wfQEV3xmnzVybSSg= github.com/fluxcd/pkg/testserver v0.13.0/go.mod h1:akRYv3FLQUsme15na9ihECRG6hBuqni4XEY9W8kzs8E= -github.com/fluxcd/source-controller/api v1.7.2 h1:/lg/xoyRjxwdhHKqjTxQS2o1cp+DMKJ8W4rpm+ZLemQ= -github.com/fluxcd/source-controller/api v1.7.2/go.mod h1:2JtCeUVpl0aqKImS19jUz9EEnMdzgqNWHkllrIhV004= +github.com/fluxcd/source-controller/api v1.8.0 h1:ndrYmcv6ZMcdQHFSUkOrFVDO7h16SfDBSw/DOqf/LPo= +github.com/fluxcd/source-controller/api v1.8.0/go.mod h1:1O7+sMbqc1+3tPvjmtgFz+bASTl794Y9SxpebHDDSGA= github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k= github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM=