Skip to content

Releases: fluxcd/flux2

v2.7.5

27 Nov 11:42
@github-actions github-actions
v2.7.5
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
8454b02
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.7.5 Latest
Latest

Highlights

Flux v2.7.5 is a patch release that comes with fixes to helm-controller. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

  • Fix HelmRelease history truncation when using the RetryOnFailure strategy.

⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3.
Flux users are advised to use Cosign v2.6 for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.

Components changelog

CLI changelog

Full Changelog: v2.7.4...v2.7.5

Contributors

fluxcdbot
Assets 19

v2.7.4

24 Nov 15:42
@github-actions github-actions
v2.7.4
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
06ed49d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.7.4

Highlights

Flux v2.7.4 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

  • Add DisableConfigWatchers feature gate to all controllers for disabling the Secrets/ConfigMaps watchers
  • Fix Workload Identity for Azure China Cloud in all controllers
  • Update Helm Go SDK to v3.19.2 fixing schema validation issues in helm-controller
  • Skip secret decryption for remote kustomize patches in kustomize-controller
  • Improve post-build error reporting in kustomize-controller
  • Add ArtifactGenerator to aggregated RBAC roles

⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3.
Flux users are advised to use Cosign v2.6 for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.

Components changelog

CLI changelog

  • [release/v2.7.x] ci: Include source-watcher in the e2e test suite by @fluxcdbot in #5615
  • [release/v2.7.x] Add source.extensions.fluxcd.io group to aggregated RBAC roles by @fluxcdbot in #5628
  • [release/v2.7.x] Fix panic on reconcile with source of ExternalArtifact kind by @fluxcdbot in #5631
  • [release/v2.7.x] Upgrade k8s to 1.34.2, c-r to 0.22.4 and helm to 3.19.2 by @fluxcdbot in #5634
  • [release/v2.7.x] diff: report if object is skipped by @fluxcdbot in #5635
  • [release/v2.7.x] Update toolkit components by @fluxcdbot in #5640
  • [release/v2.7.x] Allow option to skip tenant namespace creation by @fluxcdbot in #5642

Full Changelog: v2.7.3...v2.7.4

Contributors

fluxcdbot
Loading

v2.7.3

28 Oct 16:45
@github-actions github-actions
v2.7.3
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
b6e76ca
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.7.3

Highlights

Flux v2.7.3 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Fixes:

  • Restore SOCKS5 proxy support in all controllers
  • Fix status reporting of HelmReleases with RetryOnFailure strategy
  • Automated retries for ImagePolicies when no image tags are found in the database
  • Fix alerting for Telegram's message_thread_id
  • Allow running kustomize-controller and helm-controller on the same loopback interface as source-watcher

⚠️ Note that signature verification for OCI artifacts in source-controller is not compatible with Cosign v3. Users are advised to use Cosign v2.6 for signing Flux OCI artifacts and Helm charts, until support for Cosign v3 is added in Flux v2.8.

Components changelog

CLI changelog

  • [release/v2.7.x] Pin cosign to v2.6.1 by @fluxcdbot in #5595
  • [release/v2.7.x] Update toolkit components by @fluxcdbot in #5605
  • [release/v2.7.x] fix: return accepted values for flags when calling Values.Type() by @fluxcdbot in #5606

Full Changelog: v2.7.2...v2.7.3

Contributors

fluxcdbot
Loading

v2.7.2

08 Oct 18:20
@github-actions github-actions
v2.7.2
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
4a15fa6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.7.2

Highlights

Flux v2.7.2 is a patch release that comes with security fixes. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

All Flux components are now built with Go 1.25.2 which includes fixes for vulnerabilities in the Go stdlib that could lead to denial of service. The list of security fixes can be found in the Go 1.25.2 release notes.

Components changelog

CLI changelog

  • [release/v2.7.x] Fix manifest generation for --storage-adv-addr and --events-addr flags by @github-actions[bot] in #5575
  • [release/v2.7.x] Update dependencies to Kubernetes v1.34.1 and Go 1.25.2 by @github-actions[bot] in #5577
  • [release/v2.7.x] Update toolkit components by @github-actions[bot] in #5579

Full Changelog: v2.7.1...v2.7.2

Loading

v2.7.1

06 Oct 16:08
@github-actions github-actions
v2.7.1
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
ca29bb1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.7.1

Highlights

Flux v2.7.1 is a patch release that comes with various improvements and fixes. Users are encouraged to upgrade for the best experience.

ℹ️ Please follow the Upgrade Procedure for Flux v2.7+ for a smooth upgrade from Flux v2.6 to the latest version.

Improvements:

  • Extend flux migrate with support for migrating manifests in Git repositories to the latest API versions.
  • Add recommendations for configuring HelmReleases on production environments.

Fixes:

  • Fix flux migrate command to handle managed fields properly.
  • Fix self-signed TLS cert handling for public Helm repositories in source-controller.
  • Fix the default API versions used by receivers in notification-controller.
  • Fix redundant Ready condition patching in helm-controller.
  • Fix workload identity configuration examples for kubeconfig in helm-controller and kustomize-controller.

Components changelog

CLI changelog

  • [release/v2.7.x] Backport CI fixes and updates by @matheuscscp in #5552
  • [release/v2.7.x] Fix flux push artifact not working with --provider by @github-actions[bot] in #5553
  • [release/v2.7.x] Extend flux migrate to work with local files by @github-actions[bot] in #5557
  • [release/v2.7.x] Improve flux migrate for live cluster migrations by @github-actions[bot] in #5559
  • [release/v2.7.x] Fix flux migrate -f command to work with comments by @github-actions[bot] in #5561
  • [release/v2.7.x] Fix flux migrate -f not considering kind comments by @github-actions[bot] in #5564
  • [release/v2.7.x] Update toolkit components by @github-actions[bot] in #5569
  • [release/v2.7.x] Disable AUR publishing by @github-actions[bot] in #5571

Full Changelog: v2.7.0...v2.7.1

Contributors

matheuscscp
Loading

v2.7.0

30 Sep 08:42
@github-actions github-actions
v2.7.0
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
f251e8e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.7.0

Highlights

Flux v2.7.0 is a feature release. Users are encouraged to upgrade for the best experience.

For a compressive overview of new features and API changes included in this release, please refer to the Announcing Flux 2.7 GA blog post.

Overview of the new features:

  • General availability release of the Image Automation APIs (ImagePolicy, ImageRepository, ImageUpdateAutomation)
  • Watch for changes in ConfigMaps and Secrets references (Kustomization, HelmRelease)
  • Support for remote cluster authentication using Workload Identity (Kustomization, HelmRelease)
  • Extend the readiness evaluation of dependencies with CEL expressions (Kustomization, HelmRelease)
  • Support for global SOPS Age decryption keys on single-tenant clusters (Kustomization)
  • Support for optional Kustomize components (Kustomization)
  • Introduce RetryOnFailure lifecycle management strategy (HelmRelease)
  • Support mTLS for sending alerts to external systems (Provider)
  • Object-level workload identity authentication (Bucket, Provider)
  • Support mTLS for GitHub App transport (GitRepository, ImageUpdateAutomation, Provider)
  • OpenTelemetry tracing for Kustomization and HelmRelease reconciliation (Provider)
  • Support for 3rd-party source controllers (ExternalArtifact)
  • Support for source composition and decomposition patterns (ArtifactGenerator)
  • CancelHealthCheckOnNewRevision feature gate (kustomize-controller)
  • GitSparseCheckout feature gate (image-automation-controller)

❤️ Big thanks to all the Flux contributors that helped us with this release!

Kubernetes compatibility

This release is compatible with the following Kubernetes versions:

Kubernetes version Minimum required
v1.32 >= 1.32.0
v1.33 >= 1.33.0
v1.34 >= 1.34.1

Note

Note that the Flux project offers support only for the latest three minor versions of Kubernetes.
Backwards compatibility with older versions of Kubernetes and OpenShift is offered by vendors such as
ControlPlane that provide enterprise support for Flux.

OpenShift compatibility

Flux can be installed on Red Hat OpenShift cluster directly from OperatorHub using Flux Operator. The operator allows the configuration of Flux multi-tenancy lockdown, network policies, persistent storage, sharding, vertical scaling and the synchronization of the cluster state from Git repositories, OCI artifacts, and S3-compatible storage.

Upgrade procedure

⚠️ The Flux APIs v1beta1 and v2beta1 (deprecated in 2023) have reached end-of-life and have been removed from the CRDs.

Unless you are using Flux Operator to deploy the Flux controllers, you must run the flux migrate command on clusters before upgrading.

For more details, please refer to the Flux v2.7 upgrade guide.

Components changelog

New Documentation

CLI changelog

Read more

Contributors

pinkavaj, matheuscscp, and 14 other contributors
Loading

v2.6.4

08 Jul 09:55
@github-actions github-actions
v2.6.4
This tag was signed with the committer’s verified signature.
matheuscscp Matheus Pimenta
GPG key ID: DE594AAD698A94DE
Verified
Learn about vigilant mode.
6bf37f6
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.6.4

Highlights

Flux v2.6.4 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.

Fixes:

  • Fix for SOPS decryption with US Government KMS keys failing with the error:
STS: AssumeRoleWithWebIdentity, https response error\n   StatusCode: 0, RequestID: ,
request send failed, Post\n \"https://sts.arn.amazonaws.com/\": dial tcp:
lookupts.arn.amazonaws.com on 10.100.0.10:53: no such host

Components changelog

CLI changed

Full Changelog: v2.6.3...v2.6.4

Contributors

fluxcdbot
Loading

v2.6.3

27 Jun 11:07
@github-actions github-actions
v2.6.3
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
bda4c81
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.6.3

Highlights

Flux v2.6.3 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.

Fixes:

  • Fix for rsa-sha2-512 and rsa-sha2-256 algorithms not being prioritized for ssh-rsa host keys in source-controller, image-automation-controller and Flux CLI bootstrap.

Components changelog

CLI changed

Full Changelog: v2.6.2...v2.6.3

Contributors

fluxcdbot
Loading

v2.6.2

16 Jun 12:24
@github-actions github-actions
v2.6.2
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
a48f81a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.6.2

Highlights

Flux v2.6.2 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.

Fixes:

  • Fix authentication for flux push artifact --provider=azure on Azure DevOps runners.
  • Fix OIDC authentication for Amazon ECR Public in source-controller and image-reflector-controller.
  • Fix knownhosts key mismatch regression bug in the Flux CLI, source-controller and image-automation-controller.

Components changelog

CLI changelog

  • [release/v2.6.x] fix: Allow Azure CLI calls in flux push artifact --provider azure on DevOps runners by @fluxcdbot in #5396
  • [release/v2.6.x] Fix knownhosts key mismatch regression bug by @fluxcdbot in #5405
  • [release/v2.6.x] Update toolkit components by @fluxcdbot in #5410

Full Changelog: v2.6.1...v2.6.2

Contributors

fluxcdbot
Loading

v2.6.1

02 Jun 06:24
@github-actions github-actions
v2.6.1
This tag was signed with the committer’s verified signature.
stefanprodan Stefan Prodan
GPG key ID: 3299AEB0E4085BAF
Verified
Learn about vigilant mode.
b73c7f7
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.6.1

Highlights

Flux v2.6.1 is a patch release that comes with various fixes. Users are encouraged to upgrade for the best experience.

Fixes:

  • Fix a bug introduced in image-reflector-controller v0.35.0 that was causing spurious error events for policies during image repository reconciliation.
  • Fix excessive logging in image-reflector-controller after a restart when the image tags cache is empty.

Components changelog

  • image-reflector-controller v0.35.1

CLI changelog

  • [release/v2.6.x] Update image-reflector-controller to v0.35.1 by @fluxcdbot in #5382
  • [release/v2.6.x] Add digest pinning to image automation testing by @fluxcdbot in #5384

Full Changelog: v2.6.0...v2.6.1

Contributors

fluxcdbot
Loading