flux-system.yaml: |
---
# This manifest was generated by flux. DO NOT EDIT.
- # Flux Version: v0.25.3
+ # Flux Version: v0.27.0
# Components: source-controller,kustomize-controller,helm-controller,notification-controller
apiVersion: v1
kind: Namespace
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
+ pod-security.kubernetes.io/warn: restricted
+ pod-security.kubernetes.io/warn-version: latest
name: flux-system
---
apiVersion: apiextensions.k8s.io/v1
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: alerts.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
- ImagePolicy
- ImageUpdateAutomation
type: string
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
name:
description: Name of the referent
maxLength: 53
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: buckets.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
of this source.
type: boolean
timeout:
- default: 20s
- description: The timeout for download operations, defaults to 20s.
+ default: 60s
+ description: The timeout for download operations, defaults to 60s.
type: string
required:
- bucketName
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: gitrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
of this source.
type: boolean
timeout:
- default: 20s
+ default: 60s
description: The timeout for remote Git operations like cloning, defaults
- to 20s.
+ to 60s.
type: string
url:
description: The repository URL, can be a HTTP/S or SSH address.
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: helmcharts.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: helmreleases.helm.toolkit.fluxcd.io
spec:
group: helm.toolkit.fluxcd.io
description: DisableHooks prevents hooks from running during the
Helm rollback action.
type: boolean
+ disableWait:
+ description: DisableWait disables waiting for all the resources
+ to be deleted after a Helm uninstall is performed.
+ type: boolean
keepHistory:
description: KeepHistory tells Helm to remove all associated resources
and mark the release as deleted, but retain the release history.
kind: CustomResourceDefinition
metadata:
annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
+ controller-gen.kubebuilder.io/version: v0.7.0
creationTimestamp: null
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: helmrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: kustomizations.kustomize.toolkit.fluxcd.io
spec:
group: kustomize.toolkit.fluxcd.io
maxLength: 253
minLength: 1
type: string
+ optional:
+ default: false
+ description: Optional indicates whether the referenced resource
+ must exist, or whether to tolerate its absence. If true
+ and the referenced resource is absent, proceed as if the
+ resource was present but empty, without any variables
+ defined.
+ type: boolean
required:
- kind
- name
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: providers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
- matrix
- opsgenie
- alertmanager
+ - grafana
type: string
username:
description: Bot username for this provider
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: receivers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
- ImagePolicy
- ImageUpdateAutomation
type: string
+ matchLabels:
+ additionalProperties:
+ type: string
+ description: MatchLabels is a map of {key,value} pairs. A single
+ {key,value} in the matchLabels map is equivalent to an element
+ of matchExpressions, whose key field is "key", the operator
+ is "In", and the values array contains only "value". The requirements
+ are ANDed.
+ type: object
name:
description: Name of the referent
maxLength: 53
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: helm-controller
namespace: flux-system
---
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: kustomize-controller
namespace: flux-system
---
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: notification-controller
namespace: flux-system
---
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: source-controller
namespace: flux-system
---
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: crd-controller-flux-system
rules:
- apiGroups:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: cluster-reconciler-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: crd-controller-flux-system
roleRef:
apiGroup: rbac.authorization.k8s.io
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
control-plane: controller
name: notification-controller
namespace: flux-system
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
control-plane: controller
name: source-controller
namespace: flux-system
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
control-plane: controller
name: webhook-receiver
namespace: flux-system
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
control-plane: controller
name: helm-controller
namespace: flux-system
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/helm-controller:v0.15.0
+ image: ghcr.io/fluxcd/helm-controller:v0.17.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
ports:
- containerPort: 8080
name: http-prom
+ protocol: TCP
- containerPort: 9440
name: healthz
protocol: TCP
memory: 64Mi
securityContext:
allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ seccompProfile:
+ type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: temp
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
control-plane: controller
name: kustomize-controller
namespace: flux-system
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/kustomize-controller:v0.19.1
+ image: ghcr.io/fluxcd/kustomize-controller:v0.21.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
ports:
- containerPort: 8080
name: http-prom
+ protocol: TCP
- containerPort: 9440
name: healthz
protocol: TCP
memory: 64Mi
securityContext:
allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ seccompProfile:
+ type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: temp
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
control-plane: controller
name: notification-controller
namespace: flux-system
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/notification-controller:v0.20.1
+ image: ghcr.io/fluxcd/notification-controller:v0.22.0
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
ports:
- containerPort: 9090
name: http
+ protocol: TCP
- containerPort: 9292
name: http-webhook
+ protocol: TCP
- containerPort: 8080
name: http-prom
+ protocol: TCP
- containerPort: 9440
name: healthz
protocol: TCP
memory: 64Mi
securityContext:
allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ seccompProfile:
+ type: RuntimeDefault
volumeMounts:
- mountPath: /tmp
name: temp
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
control-plane: controller
name: source-controller
namespace: flux-system
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- image: ghcr.io/fluxcd/source-controller:v0.20.1
+ image: ghcr.io/fluxcd/source-controller:v0.21.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
ports:
- containerPort: 9090
name: http
+ protocol: TCP
- containerPort: 8080
name: http-prom
+ protocol: TCP
- containerPort: 9440
name: healthz
+ protocol: TCP
readinessProbe:
httpGet:
path: /
memory: 64Mi
securityContext:
allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
readOnlyRootFilesystem: true
+ runAsNonRoot: true
+ seccompProfile:
+ type: RuntimeDefault
volumeMounts:
- mountPath: /data
name: data
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: allow-egress
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: allow-scraping
namespace: flux-system
spec:
labels:
app.kubernetes.io/instance: flux-system
app.kubernetes.io/part-of: flux
- app.kubernetes.io/version: v0.25.3
+ app.kubernetes.io/version: v0.27.0
name: allow-webhooks
namespace: flux-system
spec:
Code Review / icn.git / blobdiff