Skip to content

Latest commit

 

History

History
2293 lines (1905 loc) · 105 KB

CHANGELOG.md

File metadata and controls

2293 lines (1905 loc) · 105 KB

1.20.0 (2020-07-08)

This minor version release updates dependencies, and includes some quality of life improvements, such as having a cooldown for rate limiting.

Fixes

Enhancements

Maintenance and documentation

Thanks

Thanks to @BitProcessor, @Frizlab, @GregoireW, @alex-shpak, @bboreham, @billyshambrook, @bpinter, @christiangda, @circa10a, @colinrymer, @cpressland, @dholbach, @edernucci, @faweis, @hiddeco, @jaydeland, @jpreese, @marratj, @michaelbeaumont, @nipponilyal, @ordovicia, @rndstr, @sayboras, @schnatterer, @squaremo, @stefanprodan, @stephenshaw-felfel, @tux-00, @victorsalaun and @vyckou for their contributions to this release.

1.19.0 (2020-04-02)

This minor version release is a bumper edition with many contributions, including (to pick a handful):

  • more flexibility with GPG signature verification
  • the ability to disable garbage collection for individual resources
  • users of .flux.yaml "patchUpdated" should see an improvement to automated updates, with fluxcd/flux#2805.
  • people who want to tightly control which images are scanned by fluxd will appreciate fluxcd/flux#2850

Enhancements

Fixes

Maintenance and documentation

Thanks

Thanks to @2opremio, @ArchiFleKs, @alaa, @alesgurd, @borancar, @dholbach, @edwardyoung, @hiddeco, @infa-bsurber, @jimangel, @jstevans, @kharf, @mattfarina, @morremeyer, @ogerbron, @pchico83, @phillebaba, @shibumi, @squaremo, @stefanprodan, @stevenpall, @sysdevguru, @trevrosen, @yasserisa and @yiannistri for their contributions to this release.

1.18.0 (2020-02-06)

This is a feature release with quite a few new features and fixes.

It includes new flags for fluxd and fluxctl; namely, it includes a new flag to disable registry scanning completely (--registry-disable-scanning) which allows deploying Flux without Memcached.

There is a new .flux.yaml variant (scanForFiles) which allows telling Flux to scan the local files, which is useful when mixing --manifest-generation with raw manifests.

This release also includes a few bugfixes. Namely, it comes with a fix for a filesystem leak in which git clone mirrors weren't being removed.

Enhancements

  • Disable Image Scanning with --registry-disable-scanning fluxcd/flux{#2745, #2753 #2798, #2813}
  • Add scanForFiles variant of .flux.yaml to scan current directory for manifests instead of generating them fluxcd/flux#2638
  • Honor KUBECONFIG env variable in fluxd fluxcd/flux{#2741, #2760}
  • Make Kubernetes resource-exclusion configurable through --k8s-unsafe-exclude-resource fluxcd/flux{#2749, #2754}
  • Add detailed error message in fluxctl sync fluxcd/flux#2765
  • Add --context flag to fluxctl fluxcd/flux#2715
  • Add --containerflag to fluxctl list-workloads to filter by container name fluxcd/flux#2766
  • Add --no-headers to fluxctl list-images and fluxctl list-workloads fluxcd/flux#2767
  • Add nodeSelector to deployment templates for mixed-OS clusters fluxcd/flux#2692
  • Distinguish cached registry errors from live ones fluxcd/flux#2782
  • Update kustomize to v3.5.4 fluxcd/flux#2751
  • Update kubectl to 1.15 and base image to Alpine to 3.11 fluxcd/flux#2781

Fixes

Maintenance and Documentation

Thanks

Thanks to @2opremio, @Ant59, @dholbach, @dinosk, @fliphess, @hiddeco, @jurruh, @krymzonn, @mcfearsome, @michaelbeaumont, @nabadger, @ogerbron, @patrickwall57, @prometherion, @roffe, @rparsonsbb, @sa-spag, @squaremo and @stefanprodan for their contributions to this release.

1.17.1 (2020-01-13)

This is a security patch release fixing a problem with the scoping of imagePullSecrets and removing git-URL HTTPS credentials server-side.

Fixes

Thanks

Thanks to @2opremio, @hiddeco and @bootc for contributing to this release.

1.17.0 (2019-12-16)

This feature release adds support for encrypted manifests with SOPS and includes the sops binary in the Flux container.

When supplying the --sops flag to fluxd, it will decrypt SOPS-encrypted manifest files before syncing them. Provide decryption keys in the same way as providing them for sops the binary, for example with --git-gpg-key-import. The full description of how to supply sops with a key can be found in the SOPS documentation. Be aware that manifests generated with .flux.yaml files are not decrypted. Instead, make sure to output cleartext manifests by explicitly invoking the sops binary included in the Flux container.

This release also adds the new fluxd flag --k8s-default-namespace which overrides the namespace used for manifests which omit it.

Enhancements

Fixes

  • Avoid collisions when checking whether the Git repo can be written to fluxcd/flux#2684

Maintenance and Documentation

Thanks

Thanks to @2opremio, @Crevil, @PaulFarver, @aackerman, @aaparmeggiani, @adusumillipraveen, @alastairs, @dholbach, @groodt, @gtseres-workable, @hiddeco, @kaspernissen, @moshloop, @squaremo and @stefansedich for their contributions to this release.

1.16.0 (2019-11-22)

This is a feature release with minor new features. New flags --manifest-generation and --read-only have been added to fluxctl install.

This release also incorporates a few fixes and enhacements. Namely:

  • The pressure on the Kubernetes API server has been reduced when Flux operates in all namespaces.
  • The error handling of manifest generation has been improved.

Additionally, the end-to-end testing infrastructure has been rewritten and numerous new end-to-end tests have been added.

Fixes

Enhancements

  • Improve experience with .flux.yaml files fluxcd/flux#{2565, 2603, 2604}
  • Performance: Reduce pressure on Kubernetes' API server when Flux operates on all namespaces fluxcd/flux#{2520, 2539, 2622}
  • Add manifest generation flag to fluctl install command fluxcd/flux#2583
  • Add a read-only flag to fluxctl install command fluxcd/flux#2530
  • Create Prometheus metric for flux manifest errors fluxcd/flux#2535

Maintenance and Documentation

Thanks

Thanks to @2opremio, @at-ishikawa, @bboreham, @beautytiger, @carnott-snap, @denysvitali, @ducksecops, @erdii, @eriadam, @gsf, @hiddeco, @idobry, @jmymy, @mbellgb, @mosesyou, @mpashka, @palemtnrider, @sebikul, @squaremo, @srueg, @stefanprodan, @translucens, @vic3lord and @waseem-h for their contributions to this release!

1.15.0 (2019-10-02)

This feature release adds secure support for Git over HTTPS, updates kubectl and kustomize, and does a lot of internal rewiring without changing user-visible functions or the public APIs. From this release forward, garbage collection, namespace scoping, and manifest generation are no longer considered experimental.

Fixes

  • Reinstate git-secret support after accidentally breaking it during a refactor that landed in 1.14.0 fluxcd/flux#2429
  • Fix error handling in splitConfigFilesAndRawManifestPaths fluxcd/flux#2455

Enhancements

  • Support secure Git over HTTPS using credentials from environment variables fluxcd/flux#2470
  • Add a flag --sync-timeout, for configuring the timeout of sync operations. This is mainly of interest to people making use of the manifest generation feature, or people who are operating exceptionally large Git repositories fluxcd/flux#2481
  • Update kubectl to 1.14.7 and kustomize to 3.2.0 fluxcd/flux#2461
  • De-experimental-ise garbage collection, namespace scoping, and manifest generation features fluxcd/flux#2485
  • Improve logged warning about unsupported automated resource kinds fluxcd/flux#2471

Maintenance and documentation

  • Build: upgrade Go to 1.13.1 fluxcd/flux#2482
  • Build: avoid spurious diffs in generated files by fixing their modtimes to Unix epoch fluxcd/flux#2473
  • Build: update Kind, used for end-to-end tests, to 0.5.1 fluxcd/flux#2461
  • Build: simplify the files included in snapcraft.yaml fluxcd/flux#2427
  • Build: stop publishing Docker images to Weaveworks' DockerHub fluxcd/flux#2491
  • Build: republish Git tag with a v prefix during release, to make it available to Go Mod fluxcd/flux#2491
  • Code: change import paths from weaveworks to fluxcd fluxcd/flux#2305
  • Code: move all packages to pkg/ fluxcd/flux#2464
  • Code: fix some typos in comments fluxcd/flux#2478
  • Documentation: update organization mentions (weaveworks -> fluxcd) fluxcd/flux#2430
  • Documentation: remove values. prefix from annotation examples fluxcd/flux#2436
  • Documentation: include installation instructions for fluxctl on Windows using Chocolatey fluxcd/flux#2457
  • Documentation: provide some additional links within the documentation to using Flux with Kustomize, Helm, or Flagger fluxcd/flux#2358
  • Documentation: reflow commit customization bits in fluxctl documentation fluxcd/flux#2459
  • Documentation: small .flux.yaml documentation improvements fluxcd/flux#{#2466, #2467}
  • Documentation: remove mention of mergePatchUpdater in .flux.yaml documentation, as it is not a thing fluxcd/flux#2469
  • Documentation: use flux as a default namespace in deploy/ examples fluxcd/flux#2475
  • Documentation: fix incorrectly documented Helm chart repository fluxcd/flux#2484
  • Documentation: update the documented fluxctl output fluxcd/flux#2489
  • Documentation: fix --git-path argument in 'get started' and 'driving Flux' tutorials fluxcd/flux#{#2423, #2424}
  • Documentation: add HMCTS and WGTwo as production users (:tada:) fluxcd/flux#{#2458, #2450}

Thanks

Tip of the hat and many thanks to @davidpristovnik, @dananichev, @Keralin, @domgoodwin @luxas, @squaremo, @stefanprodan, @hiddeco, @elzapp, @nodanero, @dholbach, @stealthybox, @arsiesys, @alexmt, @DarinDouglass, @holger-wg2, @chrisfowles, @timja, @2opremio, @adusumillipraveen for contributions to this release.

1.14.2 (2019-09-02)

This is a patch release, with some important fixes to the handling of HelmRelease resources.

Fixes

  • Correct a problem that prevented automated HelmRelease updates fluxcd/flux#2412
  • Fix a crash triggered when helm.fluxcd.io/v1 resources are present in the cluster fluxcd/flux#2404

Enhancements

  • Add a flag --k8s-verbosity, for controlling Kubernetes client logging (formerly, this was left disabled) fluxcd/flux#2410

Maintenance and documentation

Thanks

Bouquets to @HighwayofLife, @IsNull, @adeleglise, @aliartiza75, @antonosmond, @bforchhammer, @brunowego, @cartyc, @chainlink, @cristian-radu, @dholbach, @dranner-bgt, @fshot, @hiddeco, @isen-ng, @jonohill, @kingdonb, @mflendrich, @mfrister, @mgenov, @raravena80, @rndstr, @robertgates55, @sklemmer, @smartpcr, @squaremo, @stefanprodan, @stefansedich, @yellowmegaman, @ysaakpr for contributions to this release.

1.14.1 (2019-08-22)

This is a patch release.

Fixes

  • Automated updates of auto detected images in HelmRelease resources has been fixed fluxcd/flux#2400
  • fluxctl install --git-paths option has been replaced by --git-path, to match the fluxd option, the --git-paths has been deprecated but still works fluxcd/flux#2392
  • fluxctl port forward looks for a pod with one of the labels again, instead of stopping when the first label did not return a result fluxcd/flux#2394

Maintenance and documentation

Thanks

Thanks @aliartiza75, @ethan-daocloud, @HighwayOfLife, @stefanprodan, @2opremio, @dhbolach, @mbridgen, @hiddeco for contributing to this release.

1.14.0 (2019-08-21)

This feature release adds a read-only mode to the Flux daemon, adds support for mapping images in HelmRelease resources using YAML dot notation annotations, eases the deployment of Flux with a new fluxctl install command which generates the required YAML manifests, lots of documentation improvements, and many more.

Fixes

  • Fetch before branch check to detect upstream changes made after the initial clone fluxcd/flux#2371

Enhancements

  • With --git-readonly, fluxd can now sync a git repo without having write access to it. In this mode, fluxd will not make any commits to the repo. fluxcd/flux#1807
  • Mapping images in HelmRelease resources using YAML dot notation annotations is now supported fluxcd/flux#2249
  • fluxctl has a new install command to ease generating the YAML manifests required to deploy Flux fluxcd/flux#2287
  • Kubectl and Kustomize have been upgraded
  • The annotation domain has been changed to fluxcd.io, but backwards compatibility with the old (flux.weave.works) domain is maintained fluxcd/flux#2219
  • The number of sorts done by ListImagesWithOptions has been reduced fluxcd/flux#2338
  • fluxctl will only look for running fluxcd pods while attempting to setup a port forward fluxcd/flux#2283
  • --registry-poll-interval has been renamed to --automation-interval to better reflect what it controls; the interval at which automated workloads are checked for updates, and updated. fluxcd/flux#2284
  • fluxctl now has a global --timeout flag, which controls how long it waits for jobs sent to fluxd to complete fluxcd/flux#2056

Maintenance and documentation

Thanks

Many thanks for contributions from @2opremio, @AndriiOmelianenko, @GODBS, @JDavis10213, @MehrCurry, @Sleepy-GH, @adusumillipraveen, @ainmosni, @alanjcastonguay, @aliartiza75, @autarchprinceps, @benmathews, @blancsys, @carlosjgp, @cristian-radu, @cristian04, @davidkarlsen, @dcherman, @demisx, @derrickburns, @dholbach, @ethan-daocloud, @fred, @gldraphael, @hiddeco, @hlascelles, @ianmiell, @ilya-spv, @jacobsin, @judewin-alef, @jwenz723, @kaspernissen, @knackaron, @ksaritek, @larhauga, @laverya, @linuxbsdfreak, @luxas, @matthewbednarski, @mhumeSF, @mzachh, @nabadger, @obiesmans, @ogerbron, @onedr0p, @paulmil1, @primeroz, @rhockenbury, @runningman84, @rytswd, @semyonslepov, @squaremo, @stealthybox, @stefanprodan, @stefansedich, @suvl, @tjanson, @tomaszkiewicz, @tomcheah, @tschonnie, @ttarczynski, @willholley, @yellowmegaman, @zcourt.

1.13.3 (2019-07-25)

This is a patch release, mostly concerned with adapting documentation to Flux's new home in https://github.com/fluxcd/ and the CNCF sandbox.

Fixes

  • Correct the name of the --registry-require argument mentioned in a log message fluxcd/flux#2256
  • Parse Docker credentials that have a host and port, but not a scheme fluxcd/flux#2248

Maintenance and documentation

Thanks

Thanks to the following for contributions since the last release: @2opremio, @aaron-trout, @adusumillipraveen, @alexhumphreys, @aliartiza75, @ariep, @binjheBenjamin, @bricef, @caniszczyk, @carlosjgp, @carlpett, @chriscorn-takt, @cloudoutloud, @derrickburns, @dholbach, @fnmeissner, @gled4er, @hiddeco, @jmtrusona, @jowparks, @jpellizzari, @ksaritek, @ktsakalozos, @mar1n3r0, @mzachh, @primeroz, @squaremo, @stefanprodan, @sureshamk, @vyckou, @ybaruchel, @zoni.

1.13.2 (2019-07-10)

This is a patch release, including a fix for problems with using image labels as timestamps.

Fixes

  • Because image labels are inherited from base images, fluxd cannot indiscriminately use labels to determine the image created date. You must now explicitly allow that behaviour with the argument --registry-use-labels weaveworks/flux#2176
  • Image timestamps can be missing (or zero) if ordering them by semver version rather than timestamp weaveworks/flux#2175
  • Environment variables needed by the Google Cloud SDK helper are now propagated to git weaveworks/flux#2222

Maintenance and documentation

Thanks

Thanks go to the following for contributions: @2opremio, @4c74356b41, @ArchiFleKs, @adrian, @alanjcastonguay, @alexanderbuhler, @alexhumphreys, @bobbytables, @derrickburns, @dholbach, @dlespiau, @gaffneyd4, @hiddeco, @hkalsi, @hlascelles, @jaksonwkr, @jblunck, @jwenz723, @linuxbsdfreak, @luxas, @mpashka, @nlamot, @semyonslepov, @squaremo, @stefanprodan, @tegamckinney, @ysaakpr.

1.13.1 (2019-06-27)

This is a patch release.

Fixes

  • Use a context with a timeout for every request that comes through the upstream connection, so they may be abandoned if taking too long weaveworks/flux#2171
  • Initialise the high-water mark once, so it doesn't get continually reset and cause notification noise weaveworks/flux#2177
  • Force tag updates when making local clones, to account for changes in git 2.20 weaveworks/flux#2184

Thanks

Cheers to the following people for their contributions: @2opremio, @J-Lou, @aarnaud, @adrian, @airmap-madison, @alanjcastonguay, @arsiesys, @atbe-crowe, @azazel75, @bia, @carlosjgp, @chriscorn-takt, @cristian-radu, @davidkarlsen, @derrickburns, @dholbach, @dlespiau, @errordeveloper, @ewoutp, @hiddeco, @humayunjamal, @isen-ng, @judewin-alef, @kevinm444, @muhlba91, @roaddemon, @runningman84, @squaremo, @starkers, @stefanprodan, @sukrit007, @willholley.

1.13.0 (2019-06-13)

This feature release contains an experimental feature for generating manifests from the sources in git and completes the support for GPG signatures.

Fixes

Enhancements

Maintenance and documentation

Thanks

Many thanks for contributions from @2opremio, @AndriiOmelianenko, @ArchiFleKs, @RGPosadas, @RoryShively, @alanjcastonguay, @amstee, @arturo-c, @azazel75, @billimek, @brezerk, @bzon, @derrickburns, @dholbach, @dminca, @dmitri-lerko, @guzmo, @hiddeco, @imrtfm, @jan-schumacher, @jp83, @jpds, @kennethredler, @leoblanc, @marcelonaso, @marcossv9, @marklcg, @michaelgeorgeattard, @mr-karan, @nabadger, @ncabatoff, @primeroz, @rdubya16, @rjanovski, @rkouyoumjian, @rndstr, @runningman84, @squaremo, @stefanprodan, @stefansedich, @suvl, @tckb, @timja, @vovkanaz, @willholley.

1.12.3 (2019-05-22)

This is a patch release.

Fixes

Maintenance and documentation

Thanks

Thanks to @2opremio, @hiddeco, @squaremo and @xtellurian for contributions.

1.12.2 (2019-05-08)

This is a patch release.

Fixes

  • Fix error shadowing when parsing YAML manifests weaveworks/flux#1994
  • Fix 'workspace' -> 'workload' typo in deprecated controller flag weaveworks/flux#1987 weaveworks/flux#1996
  • Improve internal Kubernetes error logging, by removing the duplicate timestamp and providing a full path to the Kubernetes file emitting the error weaveworks/flux#2000
  • Improve fluxctl auto portforward connection error, by better guiding the user about what could be wrong weaveworks/flux#2001
  • Ignore discovery errors for metrics resources, to prevent syncs from failing when the metrics API is misconfigured weaveworks/flux#2009
  • Fix (Flux)HelmRelease cluster lookups, before this change, the same resource ID would be reported for all HelmReleases with e.g. fluctl list-workloads weaveworks/flux#2018

Maintenance and documentation

Thanks

Thanks to @2opremio, @cdenneen, @hiddeco, @jan-schumacher, @squaremo, @stefanprodan for contributions.

1.12.1 (2019-04-25)

This is a patch release.

Fixes

Maintenance and documentation

Thanks

Thanks to @2opremio, @UnwashedMeme, @alexanderbuhler, @aronne, @arturo-c, @autarchprinceps, @benhartley, @brantb, @brezerk, @dholbach, @dlespiau, @dvelitchkov, @dwightbiddle-ef, @gtseres, @hiddeco, @hpurmann, @ingshtrom, @isen-ng, @jimangel, @jpds, @kingdonb, @koustubh25, @koustubhg, @michaelfig, @moltar, @nabadger, @primeroz, @rdubya16, @squaremo, @stealthybox, @stefanprodan, @tycoles for contributions.

1.12.0 (2019-04-11)

This release renames some fluxctl commands and arguments while deprecating others, to better follow Kubernetes terminology. In particular, it drops the term "controller" in favour of "workload"; e.g., instead of

fluxctl list-controllers --controller=...

there is now

fluxctl list-workloads --workload=...

The old commands are deprecated but still available for now.

It also extends the namespace restriction flag (--k8s-allow-namespace, with a deprecated alias --k8s-namespace-whitelist) to cover all operations, including syncing; previously, it covered only query operations e.g., list-images etc..

Fixes

Improvements

  • Use "workload" as the term for resources that specify pods to run, in fluxctl commands and wherever else it is needed weaveworks/flux#1777
  • Make regex an alias for regexp in tag filters weaveworks/flux#1915
  • Be more sparing when logging AWS detection failures; add flag for requiring AWS authentication; observe ECR restrictions on region and account regardless of AWS detection weaveworks/flux#1863
  • Treat all *List (e.g., DeploymentList) resources as lists weaveworks/flux#1883
  • Add host key for legacy VSTS (now Azure DevOps) weaveworks/flux#1870
  • Extend namespace restriction to all operations, and change the name of the flag to --k8s-allow-namespace weaveworks/flux#1668
  • Avoid updating images when there is no record for the current image weaveworks/flux#1831
  • Include the file name in the error when kubeyaml fails to update a manifest weaveworks/flux#1815

Maintenance and documentation

Thanks

Many thanks to @2opremio, @AmberAttebery, @alanjcastonguay, @alexanderbuhler, @arturo-c, @benhartley, @cruisehall, @dholbach, @dimitropoulos, @hiddeco, @hlascelles, @ipedrazas, @jrryjcksn, @marchmallow, @mazzy89, @mulcahys, @nabadger, @pmquang, @southbanksoftwaredeveloper, @squaremo, @srueg, @stefanprodan, @stevenpall, @stillinbeta, @swade1987, @timfpark, @vanderstack for contributions.

1.11.1 (2019-04-01)

This is a bugfix release, fixing a regression introduced in 1.11.0 which caused syncs to fail when adding a CRD and instance(s) from that CRD at the same time.

Fixes

1.11.0 (2019-03-13)

This release comes with experimental garbage collection and Git commit signing:

  1. Experimental garbage collection of cluster resources. When providing the --sync-garbage-collection flag, cluster resources no longer existing in Git will be removed. Read the garbage collection documentation for further details.

  2. GPG Git commit signing, when providing --git-signing-key flag. GPG keys can be imported with --git-gpg-key-import. By default Flux will import to and use the keys in ~/.gnupg. This path can be overridden by setting the GNUPGHOME environment variable.

    Commit signature verification is in the works and will be released shortly.

Fixes

Improvements

Maintenance and documentation

Thanks

Lots of thanks to @2opremio, @Timer, @bboreham, @dholbach, @dimitropoulos, @hiddeco, @scjudd, @squaremo and @stefanprodan for their contributions to this release.

1.10.1 (2019-02-13)

This release provides a deeper integration with Azure (DevOps Git hosts and ACR) and allows configuring how fluxctl finds fluxd (useful for clusters with multiple fluxd installations).

Improvements

Thanks

Lots of thanks to @alanjcastonguay, @hiddeco, and @sarath-p for their contributions to this release.

1.10.0 (2019-02-07)

This release adds the --registry-exclude-image flag for excluding images from scanning, allows for registries with self-signed certificates, and fixes several bugs.

Fixes

  • Bumped justinbarrick/go-k8s-portforward to 1.0.2 to correctly handle multiple paths in the KUBECONFIG env variable weaveworks/flux#1658
  • Improved handling of registry challenge requests (preventing memory leaks) weaveworks/flux#1672
  • Altered merging strategy for image credentials, which previously could lead to Flux trying to fetch image details with credentials from a different workload weaveworks/flux#1702

Improvements

  • Allow (potentially all) images to be excluded from scanning weaveworks/flux#1659
  • --registry-insecure-host now first tries to skip TLS host host verification before falling back to HTTP, allowing registries with self-signed certificates weaveworks/flux#1526
  • Allow HOME env variable when invoking Git which allows for mounting a config file under $HOME/config/git weaveworks/flux#1644
  • Several documentation improvements and clarifications weaveworks/flux{#1656, #1675, #1681}
  • Removed last traces of linting weaveworks/flux#1673
  • Warn users about external changes in sync tag weaveworks/flux#1695

Thanks

Lots of thanks to @2opremio, @alanjcastonguay, @bheesham, @brantb, @dananichev, @dholbach, @dmarkey, @hiddeco, @ncabatoff, @rade, @squaremo, @switchboardOp, @stefanprodan and @Timer for their contributions to this release, and anyone I've missed while writing this note.

1.9.0 (2019-01-09)

This release adds native support for ECR (Amazon Elastic Container Registry) authentication.

Fixes

Improvements

  • Authenticate to ECR using a token from AWS IAM, when possible weaveworks/flux#1619
  • Make it possible, and the default for new deployments, to configure a ClusterIP for memcached (previously it was only possible to use DNS service discovery) weaveworks/flux#1618

Thanks

This release was made possible by welcome contributions from @2opremio, @agcooke, @cazzoo, @davidkarlsen, @dholbach, @dmarkey, @donifer, @ericbarch, @errordeveloper, @florianrusch, @gellweiler, @hiddeco, @isindir, @k, @marcincuber, @markbenschop, @Morriz, @rndstr, @roffe, @runningman84, @shahbour, @squaremo, @srueg, @stefanprodan, @stephenmoloney, @switchboardOp, @tobru, @tux-00, @u-phoria, @Viji-Sarathy-Bose.

1.8.2 (2018-12-19)

This holiday season release fixes a handful of annoyances, and adds an experimental --watch flag for following the progress of fluxctl release.

Fixes

Improvements

Thanks

Thanks to @Alien2150, @batpok, @bboreham, @brantb, @camilb, @davidkarlsen, @dbluxo, @demikl, @dholbach, @dpgeekzero, @etos, @hiddeco, @iandotmartin, @jakubbujny, @JeremyParker, @JimPruitt, @johnraz, @kopachevsky, @kozejonaz, @leoblanc, @marccarre, @marcincuber, @mgazza, @michalschott, @montyz, @ncabatoff, @nmaupu, @Nogbit, @pdeveltere, @rampreethethiraj, @rndstr, @samisq, @scjudd, @sfrique, @Smirl, @songsak2299, @squaremo, @stefanprodan, @stephenmoloney, @Timer, @whereismyjetpack, @willnewby for contributions in the period up to this release.

1.8.1 (2018-10-15)

This release completes the support for HelmRelease resources as used by the Helm operator from v0.5 onwards.

Note This release bakes in kubectl v.1.11.3, while previous releases used v1.9.0. Officially, kubectl is compatible with one minor version before and one minor version after its own, i.e., now v1.10-1.12. In practice, it may work fine for most purposes in a wider range. If you run into difficulties relating to the kubectl version, contact us.

Fixes

Improvements

  • HelmRelease resources are treated as workloads, so they can be automated, and updated with fluxctl release ... weaveworks/flux#1382
  • Container-by-container releases, as used by fluxctl --interactive, now post detailed notifications to Weave Cloud weaveworks/flux#1472 and have better commit messages weaveworks/flux#1479
  • Errors encountered when applying manifests are reported in the ListControllers API (and may appear, in the future, in the fluxctl release output) weaveworks/flux#1410

Thanks

Thanks go to @Ashiroq, @JimPruitt, @MansM, @Morriz, @Smirl, @Timer, @aytekk, @bzon, @camilb, @claude-leveille, @demikl, @dholbach, @endrec, @foot, @hiddeco, @jrcole2884, @lelenanam, @marcusolsson, @mellena1, @montyz, @olib963, @rade, @rndstr, @sfitts, @squaremo, @stefanprodan, @whereismyjetpack for their contributions.

1.8.0 (2018-10-25)

This release includes a change to how image registries are scanned for metadata, which should reduce the amount of polling, while being sensitive to image metadata that changes frequently, as well as respecting throttling.

Fixes

Improvements

  • Apply CustomResourceDefinition manifests ahead of (most) other kinds of resource, since there will likely be other things that depend on the definition (e.g., the custom resources themselves) weaveworks/flux#1429
  • Add --git-timeout flag for setting the default timeout for git operations (useful e.g., if you know git clone will take a long time) weaveworks/flux#1416
  • fluxctl list-controllers now has an alias fluxctl list-workloads weaveworks/flux#1425
  • Adapt the sampling rate for image metadata, and back off when throttled weaveworks/flux#1354
  • The detailed rollout status of workloads is now reported in the API (NB this is not yet used in the command-line tool) weaveworks/flux#1380

Thanks

A warm thank-you to @AugustasV, @MansM, @Morriz, @MrYadro, @Timer, @aaron-trout, @bhavin192, @brandon-bethke-neudesic, @brantb, @bzon, @dbluxo, @dholbach, @dlespiau, @endrec, @hiddeco, @justdavid, @justinbarrick, @kozejonaz, @lelenanam, @leoblanc, @marcemq, @marcusolsson, @mellena1, @mt-inside, @ncabatoff, @pcfens, @rade, @rndstr, @sc250024, @sfrique, @skurtzemann, @squaremo, @stefanprodan, @stephenmoloney, @timthelion, @tlvu, @whereismyjetpack, @white-hat, @wstrange for your contributions.

1.7.1 (2018-09-26)

This is a patch release, mainly to include the fix for initContainer images (#1372).

Fixes

  • Include initContainers when scanning for images to fetch metadata for, e..g, so there will be "available image" rows for the initContainer in fluxctl list-images weaveworks/flux#1372
  • Turn memcached's logging verbosity down, in the example deployment YAMLs weaveworks/flux#1369
  • Remove mention of an archaic fluxctl command from help text weaveworks/flux#1389

Thanks

Thanks for fixes go to @alanjcastonguay, @dholbach, and @squaremo.

1.7.0 (2018-09-17)

This release has a soupçon of bug fixes. It gets a minor version bump, because it introduces a new flag, --listen-metrics.

Fixes

  • Updates to workloads using initContainers can now succeed weaveworks/flux#1351
  • Port forwarding to GCP (and possibly others) works as intended weaveworks/flux#1334
  • No longer falls over if the directory given as --git-path doesn't exist weaveworks/flux#1341
  • fluxctl doesn't try to connect to the cluster when just reporting its version weaveworks/flux#1332
  • Metadata for unusable images (e.g., those for the wrong architecture) are now correctly recorded, so that they don't get fetched continually weaveworks/flux#1304

Improvements

  • Prometheus metrics can be exposed on a port different from that of the Flux API, using the flag --listen-metrics weaveworks/flux#1325

Thanks

Thank you to the following for contributions (along with anyone I've missed): @ariefrahmansyah, @brantb, @casibbald, @davidkarlsen, @dholbach, @hiddeco, @justinbarrick, @kozejonaz, @lelenanam, @petervandenabeele, @rade, @rndstr, @squaremo, @stefanprodan, @the-fine.

1.6.0 (2018-08-31)

This release improves existing features, and has some new goodies like regexp tag filtering and multiple sync paths. Have fun!

We also have a new contributing guide.

Fixes

Improvements

  • Cope with ':' characters in resource names weaveworks/flux#1282
  • Accept multiple --git-path arguments; sync (and update) files in all the paths given weaveworks/flux#1297
  • Use image pull secrets attached to service accounts, as well as those attached to workloads themselves weaveworks/flux#1291
  • You can now filter images using regular expressions (in addition to semantic version ranges, and glob patterns) weaveworks/flux#1292

Thanks

Thank you to the following for contributions: @Alien2150, @ariefrahmansyah, @brandon-bethke-neudesic, @bzon, @dholbach, @dkerwin, @hartmut-pq, @hiddeco, @justinbarrick, @petervandenabeele, @nicolerenee, @rndstr, @squaremo, @stefanprodan, @stephenmoloney.

1.5.0 (2018-08-08)

This release adds semver image filters, makes it easier to use fluxctl securely, and has an experimental interactive mode for fluxctl release. It also fixes some long-standing problems with image metadata DB, including no longer being bamboozled by Windows images.

Fixes

  • Read the fallback image credentials every time, so they can be updated. This makes it feasible to mount them from a ConfigMap, or update them with a sidecar weaveworks/flux#1230
  • Take some measures to prevent spurious image updates caused by bugs in image metadata fetching:
  • Respect 'false' value for automation annotation weaveworks/flux#1264
  • Cope with images that have a Windows (or other) flavour, by omitting the unsupported image rather than failing entirely weaveworks/flux#1265

Improvements

  • fluxctl will now transparently port-forward to the Flux pod, making it easier to connect securely to the Flux API weaveworks/flux#1212
  • fluxctl release gained an experimental flag --interactive that lets you toggle each image update on or off, then apply exactly the updates you have chosen weaveworks/flux#1231
  • Flux can now report and update initContainers, and a wider variety of Helm charts (as used in FluxHelmRelease resources) weaveworks/flux#1258
  • You can use semver (Semantic Versioning) filters for automation, rather than having to rely on glob patterns weaveworks/flux#1266

Thanks

Thanks to @ariefrahmansyah, @chy168, @cliveseldon, @davidkarlsen, @dholbach, @errordeveloper, @geofflamrock, @grantbachman, @grimesjm, @hiddeco, @jlewi, @JoeyX-u, @justinbarrick, @konfiot, @malvex, @marccampbell, @marctc, @mt-inside, @mwhittington21, @ncabatoff, @rade, @rndstr, @squaremo, @srikantheee84, @stefanprodan, @stephenmoloney, @TheJaySmith (and anyone I've missed!) for their contributions.

1.4.2 (2018-07-05)

This release includes a number of usability improvements, the majority of which were suggested or contributed by community members. Thanks everyone!

Fixes

Improvements

  • Interpret FluxHelmRelease resources that specify multiple images to use in a chart weaveworks/flux#1175 (and several PRs that can be tracked down from there)
  • Add an experimental flag for restricting the view fluxd has of the cluster, reducing Kubernetes API usage: --k8s-namespace-whitelist weaveworks/flux#1184
  • Share more image layers between quay.io/weaveworks/flux and quay.io/weaveworks/helm-operator images weaveworks/flux#1192
  • Apply resources in "dependency order" so that e.g., namespaces are created before things in the namespaces weaveworks/flux#1117

1.4.1 (2018-06-21)

This release fixes some wrinkles in the new YAML updating code, so that YAML multidocs and kubernetes List resources are fully supported.

It also introduces the fluxctl sync command, which tells Flux to update from git and apply to Kubernetes -- as requested in TGI Kubernetes!

Fixes

  • Write whole files back after updates, so that multidocs and Lists aren't overwritten. A symptom of the problem was that a release would return an error something like "Verification failed: resources {...} were present before update and not after" weaveworks/flux#1137
  • Interpret and update CronJob manifests correctly weaveworks/flux#1133

Improvements

  • Return a more helpful message when Flux can't parse YAML files weaveworks/flux#1141
  • Bake SSH config into the global location (/etc/ssh), so that it's easier to override it by mounting a ConfigMap into /root/.ssh/ weaveworks/flux#1154
  • Reduce the size of list-images API/RPC responses by sending only the image metadata that's requested weaveworks/flux#913

1.4.0 (2018-06-05)

This release includes a rewrite of the YAML updating code, removing the restrictions on using List resources and files with multiple YAML documents, as well as fixing various bugs (like being confused by the indentation of container blocks).

See https://github.com/weaveworks/flux/blob/1.4.0/site/requirements.md for remaining constraints.

The YAML parser preserves comments and literal quoting, but may reindent blocks the first time it changes a file.

Fixes

  • Correct an issue the led to Flux incorrectly reporting resources as read-only weaveworks/flux#1119
  • Some YAML update problems were fixed by the rewrite, the most egregious being:

Improvements

  • Rewrite the YAML update code to use a round-tripping parser, rather than regular expressions weaveworks/flux#976. This removes the restrictions on how YAMLs are formatted, though there are still going to be corner cases in the parser (verifying changes will mitigate those by failing updates that would corrupt files).

1.3.1 (2018-05-29)

Fixes

Improvements

  • Changes made to the git repo when releasing new images are now verified, meaning less chance of erroneous changes being committed weaveworks/flux#1094
  • The ListImages API method now accepts an argument saying which fields to include for each container. This is intended to cut down the amount of data sent over the wire, since you don't always need the full list of available images weaveworks/flux#1084
  • Add (back) the fluxd flag --docker-config so that image registry credentials can be supplied in a file mounted into the container weaveworks/flux#1065. This should make it easier to work around situations in which you don't want to use imagePullSecrets on each resource.
  • Label flux and helm-operator images with Open Containers Initiative (OCI) metadata weaveworks/flux#1075

1.3.0 (2018-04-26)

Fixes

  • Exclude no-longer relevant changes from auto-releases weaveworks/flux#1036
  • Make release and auto-release events more accurately record the affected resources, by looking at the calculated result weaveworks/flux#1050

Improvements

  • Let the Flux daemon operate without a git repo, and report cluster resources as read-only when there is no corresponding manifest weaveworks/flux#962
  • Reinstate command-line arg for setting the git polling interval --git-poll-interval weaveworks/flux#1030
  • Add --git-ci-skip (and for more fine control, --git-ci-skip-message) for customising flux's commit messages such that CI systems ignore the commits weaveworks/flux#1011
  • Log the daemon version on startup weaveworks/flux#1017

1.2.5 (2018-03-19)

Fixes

Improvements

  • Use a writable tmpfs volume for generating keys, since Kubernetes >=1.10 and GKE (as of March 13 2018) mount secrets as read-only weaveworks/flux#1007

1.2.4 (2018-03-14)

Fixes

Improvements

Experimental

1.2.3 (2018-02-07)

Fixes

1.2.2 (2018-01-31)

Fixes

Improvements

The following improvements are to help if you are running a private registry.

  • Support image registries using basic authentication (rather than token-based authentication) weaveworks/flux#915
  • Introduce the daemon argument --registry-insecure-host for marking a registry as accessible via HTTP (rather than HTTPS) weaveworks/flux#918
  • Better logging of registry fetch failures, for troubleshooting weaveworks/flux#898

1.2.1 (2018-01-15)

Fixes

  • Fix an issue that prevented fetching tags for private repositories on DockerHub (and self-hosted registries) weaveworks/flux#897

1.2.0 (2018-01-04)

Improvements

  • Releases are more responsive, because dry runs are now done without triggering a sync weaveworks/flux#862
  • Syncs are much faster, because they are now done all-in-one rather than calling kubectl for each resource weaveworks/flux#872
  • Rewrite of the image registry package to solve several problems weaveworks/flux#851

Fixes

1.1.0 (2017-11-01)

Improvements

  • Flux can now release updates to DaemonSets, StatefulSets and CronJobs in addition to Deployments. Matching Service resources are no longer required.

1.0.2 (2017-10-18)

Improvements

  • Implemented support for v2 registry manifests.

1.0.1 (2017-09-19)

Improvements

  • Flux daemon can be configured to populate the git commit author with the name of the requesting user
  • When multiple Flux daemons share the same configuration repository, each fluxd only sends Slack notifications for commits that affect its branch/path
  • When a resource is locked the invoking user is recorded, along with an optional message
  • When a new config repo is synced for the first time, don't send notifications for the entire commit history

Fixes

  • The fluxctl identity command only worked via the Weave Cloud service, and not when connecting directly to the daemon

1.0.0 (2017-08-22)

This release introduces significant changes to the way Flux works:

  • The git repository is now the system of record for your cluster state. Flux continually works to synchronise your cluster with the config repository
  • Release, automation and policy actions work by updating the config repository

See https://github.com/weaveworks/flux/releases/tag/1.0.0 for full details.

0.3.0 (2017-05-03)

Update to support newer Kubernetes (1.6.1).

Potentially breaking changes

Improvements

  • Updated the version of kubectl bundled in the Flux daemon image, to work with newer (>1.5) Kubernetes.
  • Added fluxctl save command for bootstrapping a repo from an existing cluster
  • You can now record a message and username with each release, which show up in notifications

0.2.0 (2017-03-16)

More informative and helpful UI.

Features

  • Lots more documentation
  • More informative output from fluxctl release
  • Added option in fluxctl set-config to generate a deploy key

Improvements

  • Slack notifications are tidier
  • Support for releasing to >1 service at a time
  • Better behaviour when Flux deploys itself
  • More help given for commonly encountered errors
  • Filter out Kubernetes add-ons from consideration
  • More consistent Prometheus metric labeling

See also https://github.com/weaveworks/flux/issues?&q=closed%3A"2017-01-27 .. 2017-03-15"

0.1.0 (2017-01-27)

Initial semver release.

Features

  • Validate image release requests.
  • Added version command

Improvements

  • Added rate limiting to prevent registry 500's
  • Added new release process
  • Refactored registry code and improved coverage

See https://github.com/weaveworks/flux/milestone/7?closed=1 for full details.