From 7a633e08a5da3910e7a7add49177340dfbef5cc6 Mon Sep 17 00:00:00 2001 From: Flux <> Date: Fri, 6 May 2022 18:45:54 +0200 Subject: [PATCH] Add Flux v0.30.2 component manifests --- .../base/flux-system/gotk-components.yaml | 160 ++++++++++-------- 1 file changed, 94 insertions(+), 66 deletions(-) diff --git a/flux/cluster/base/flux-system/gotk-components.yaml b/flux/cluster/base/flux-system/gotk-components.yaml index 35d3661..c7d383c 100644 --- a/flux/cluster/base/flux-system/gotk-components.yaml +++ b/flux/cluster/base/flux-system/gotk-components.yaml @@ -1,6 +1,6 @@ --- # This manifest was generated by flux. DO NOT EDIT. -# Flux Version: v0.28.5 +# Flux Version: v0.30.2 # Components: source-controller,kustomize-controller,helm-controller,notification-controller,image-reflector-controller,image-automation-controller apiVersion: v1 kind: Namespace @@ -8,7 +8,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 pod-security.kubernetes.io/warn: restricted pod-security.kubernetes.io/warn-version: latest name: flux-system @@ -22,7 +22,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: alerts.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -243,7 +243,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: buckets.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -753,7 +753,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: gitrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -897,8 +897,8 @@ spec: secretRef: description: The secret name containing the Git credentials. For HTTPS repositories the secret must contain username and password fields. - For SSH repositories the secret must contain identity, identity.pub - and known_hosts fields. + For SSH repositories the secret must contain identity and known_hosts + fields. properties: name: description: Name of the referent. @@ -1241,8 +1241,7 @@ spec: description: SecretRef specifies the Secret containing authentication credentials for the GitRepository. For HTTPS repositories the Secret must contain 'username' and 'password' fields. For SSH repositories - the Secret must contain 'identity', 'identity.pub' and 'known_hosts' - fields. + the Secret must contain 'identity' and 'known_hosts' fields. properties: name: description: Name of the referent. @@ -1480,7 +1479,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: helmcharts.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -2046,7 +2045,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: helmreleases.helm.toolkit.fluxcd.io spec: group: helm.toolkit.fluxcd.io @@ -2278,20 +2277,28 @@ spec: type: string kubeConfig: description: KubeConfig for reconciling the HelmRelease on a remote - cluster. When specified, KubeConfig takes precedence over ServiceAccountName. + cluster. When used in combination with HelmReleaseSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when HelmReleaseSpec.ServiceAccountName + is empty. properties: secretRef: description: SecretRef holds the name to a secret that contains - a 'value' key with the kubeconfig file as the value. It must - be in the same namespace as the HelmRelease. It is recommended - that the kubeconfig is self-contained, and the secret is regularly - updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without - adding binaries and credentials to the Pod that is responsible - for reconciling the HelmRelease. + a key with the kubeconfig file as the value. If no key is specified + the key will default to 'value'. The secret must be in the same + namespace as the HelmRelease. It is recommended that the kubeconfig + is self-contained, and the secret is regularly updated if credentials + such as a cloud-access-token expire. Cloud specific `cmd-path` + auth helpers will not function without adding binaries and credentials + to the Pod that is responsible for reconciling the HelmRelease. properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string name: - description: Name of the referent. + description: Name of the Secret. type: string required: - name @@ -2885,7 +2892,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: helmrepositories.source.toolkit.fluxcd.io spec: group: source.toolkit.fluxcd.io @@ -3366,7 +3373,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: imagepolicies.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -3957,7 +3964,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: imagerepositories.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -4403,6 +4410,11 @@ spec: required: - name type: object + serviceAccountName: + description: ServiceAccountName is the name of the Kubernetes ServiceAccount + used to authenticate the image pull if the service account has attached + pull secrets. + type: string suspend: description: This flag tells the controller to suspend subsequent image scans. It does not apply to already started scans. Defaults @@ -4533,7 +4545,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: imageupdateautomations.image.toolkit.fluxcd.io spec: group: image.toolkit.fluxcd.io @@ -5347,7 +5359,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: kustomizations.kustomize.toolkit.fluxcd.io spec: group: kustomize.toolkit.fluxcd.io @@ -6033,21 +6045,28 @@ spec: type: string kubeConfig: description: The KubeConfig for reconciling the Kustomization on a - remote cluster. When specified, KubeConfig takes precedence over - ServiceAccountName. + remote cluster. When used in combination with KustomizationSpec.ServiceAccountName, + forces the controller to act on behalf of that Service Account at + the target cluster. If the --default-service-account flag is set, + its value will be used as a controller level fallback for when KustomizationSpec.ServiceAccountName + is empty. properties: secretRef: - description: SecretRef holds the name to a secret that contains - a 'value' key with the kubeconfig file as the value. It must - be in the same namespace as the Kustomization. It is recommended - that the kubeconfig is self-contained, and the secret is regularly - updated if credentials such as a cloud-access-token expire. - Cloud specific `cmd-path` auth helpers will not function without - adding binaries and credentials to the Pod that is responsible - for reconciling the Kustomization. + description: SecretRef holds the name of a secret that contains + a key with the kubeconfig file as the value. If no key is set, + the key will default to 'value'. The secret must be in the same + namespace as the Kustomization. It is recommended that the kubeconfig + is self-contained, and the secret is regularly updated if credentials + such as a cloud-access-token expire. Cloud specific `cmd-path` + auth helpers will not function without adding binaries and credentials + to the Pod that is responsible for reconciling the Kustomization. properties: + key: + description: Key in the Secret, when not specified an implementation-specific + default key is used. + type: string name: - description: Name of the referent. + description: Name of the Secret. type: string required: - name @@ -6462,7 +6481,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: providers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6667,7 +6686,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: receivers.notification.toolkit.fluxcd.io spec: group: notification.toolkit.fluxcd.io @@ -6893,7 +6912,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: helm-controller namespace: flux-system --- @@ -6903,7 +6922,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: image-automation-controller namespace: flux-system --- @@ -6913,7 +6932,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: image-reflector-controller namespace: flux-system --- @@ -6923,7 +6942,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: kustomize-controller namespace: flux-system --- @@ -6933,7 +6952,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: notification-controller namespace: flux-system --- @@ -6943,7 +6962,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: source-controller namespace: flux-system --- @@ -6953,7 +6972,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: crd-controller-flux-system rules: - apiGroups: @@ -6991,6 +7010,8 @@ rules: resources: - namespaces - secrets + - configmaps + - serviceaccounts verbs: - get - list @@ -7006,7 +7027,6 @@ rules: - "" resources: - configmaps - - configmaps/status verbs: - get - list @@ -7015,6 +7035,14 @@ rules: - update - patch - delete +- apiGroups: + - "" + resources: + - configmaps/status + verbs: + - get + - update + - patch - apiGroups: - coordination.k8s.io resources: @@ -7034,7 +7062,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: cluster-reconciler-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7054,7 +7082,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: crd-controller-flux-system roleRef: apiGroup: rbac.authorization.k8s.io @@ -7086,7 +7114,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: notification-controller namespace: flux-system @@ -7106,7 +7134,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: source-controller namespace: flux-system @@ -7126,7 +7154,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: webhook-receiver namespace: flux-system @@ -7146,7 +7174,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: helm-controller namespace: flux-system @@ -7175,7 +7203,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/helm-controller:v0.18.2 + image: ghcr.io/fluxcd/helm-controller:v0.21.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7228,7 +7256,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: image-automation-controller namespace: flux-system @@ -7257,7 +7285,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-automation-controller:v0.21.3 + image: ghcr.io/fluxcd/image-automation-controller:v0.22.1 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7310,7 +7338,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: image-reflector-controller namespace: flux-system @@ -7339,7 +7367,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/image-reflector-controller:v0.17.1 + image: ghcr.io/fluxcd/image-reflector-controller:v0.18.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7396,7 +7424,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: kustomize-controller namespace: flux-system @@ -7425,7 +7453,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/kustomize-controller:v0.22.3 + image: ghcr.io/fluxcd/kustomize-controller:v0.25.0 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7478,7 +7506,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: notification-controller namespace: flux-system @@ -7506,7 +7534,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/notification-controller:v0.23.2 + image: ghcr.io/fluxcd/notification-controller:v0.23.5 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7565,7 +7593,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 control-plane: controller name: source-controller namespace: flux-system @@ -7598,7 +7626,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: ghcr.io/fluxcd/source-controller:v0.22.5 + image: ghcr.io/fluxcd/source-controller:v0.24.4 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7658,7 +7686,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: allow-egress namespace: flux-system spec: @@ -7678,7 +7706,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: allow-scraping namespace: flux-system spec: @@ -7698,7 +7726,7 @@ metadata: labels: app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux - app.kubernetes.io/version: v0.28.5 + app.kubernetes.io/version: v0.30.2 name: allow-webhooks namespace: flux-system spec: