Flux 1.10.0

This release adds the --registry-exclude-image flag for excluding images from scanning, allows for registries with self-signed certificates, and fixes several bugs.

Fixes

• Bumped justinbarrick/go-k8s-portforward to 1.0.2 to correctly handle multiple paths in the KUBECONFIG env variable weaveworks/flux#1658
• Improved handling of registry challenge requests (preventing memory leaks) weaveworks/flux#1672
• Altered merging strategy for image credentials, which previously could lead to Flux trying to fetch image details with credentials from a different workload weaveworks/flux#1702

Improvements

• Allow (potentially all) images to be excluded from scanning weaveworks/flux#1659
• --registry-insecure-host now first tries to skip TLS host verification before falling back to HTTP, allowing registries with self-signed certificates weaveworks/flux#1526
• Allow HOME env variable when invoking Git which allows for mounting a config file under $HOME/config/git weaveworks/flux#1644
• Several documentation improvements and clarifications weaveworks/flux{#1656, #1675, #1681}
• Removed last traces of linting weaveworks/flux#1673
• Warn users about external changes in sync tag weaveworks/flux#1695

Thanks

Lots of thanks to @2opremio, @alanjcastonguay, @bheesham, @brantb, @dananichev, @dholbach, @dmarkey, @hiddeco, @ncabatoff, @rade, @squaremo, @switchboardOp, @stefanprodan and @Timer for their contributions to this release, and anyone I've missed while writing this note.

Helm operator 0.6.0

Improvements

• Add option to limit the Helm operator to a single namespace weaveworks/flux#1664

Thanks

Without the contributions of @brandon-bethke-neudesic, @errordeveloper, @ncabatoff, @stefanprodan, @squaremo, and feedback of our #flux inhabitants this release would not have been possible -- thanks to all of you!

Helm operator 0.5.3

Improvements

• HelmRelease now has a resetValues field which when set to true resets the values to the ones built into the chart weaveworks/flux#1628
• The operator now exposes a HTTP webserver (by default on port :3030) with Prometheus metrics on /metrics and a health check endpoint on /healthz weaveworks/flux#1653

Thanks

A thousand thanks to @davidkarlsen, @hiddeco, @ncabatoff, @stefanprodan, @squaremo and others for their contributions leading to this release.

Flux 1.9.0

This release adds native support for ECR (Amazon Elastic Container Registry) authentication.

Fixes

• Make sure a /etc/hosts mounted into the fluxd container is respected weaveworks/flux#1630
• Proceed more gracefully when RBAC rules restrict access weaveworks/flux#1620
• Show more contextual information when fluxctl fails weaveworks/flux#1615

Improvements

• Authenticate to ECR using a token from AWS IAM, when possible weaveworks/flux#1619
• Make it possible, and the default for new deployments, to configure a ClusterIP for memcached (previously it was only possible to use DNS service discovery) weaveworks/flux#1618

Thanks

This release was made possible by welcome contributions from @2opremio, @agcooke, @cazzoo, @davidkarlsen, @dholbach, @dmarkey, @donifer, @ericbarch, @errordeveloper, @florianrusch, @gellweiler, @hiddeco, @isindir, @k, @marcincuber, @markbenschop, @Morriz, @rndstr, @roffe, @runningman84, @shahbour, @squaremo, @srueg, @stefanprodan, @stephenmoloney, @switchboardOp, @tobru, @tux-00, @u-phoria, @Viji-Sarathy-Bose.

Helm operator 0.5.2

Bug fixes

• Respect proxy env entries for git operations weaveworks/flux#1556
• Reimplement git timeout after accidentally removing it in 0.5.0 weaveworks/flux#1565
• Mark --git-poll-interval flag as deprecated weaveworks/flux#1565
• Only update chart dependencies if a requirements.yaml exists weaveworks/flux{#1561, #1606}

Improvements

• HelmRelease now has a timeout field (defaults to 300s), giving you control over the amount of time it may take for Helm to install or upgrade your chart weaveworks/flux#1566
• The Helm operator flag docs have been updated weaveworks/flux#1594
• Added tests to ensure Helm dependencies update behaviour is always as expected weaveworks/flux#1562

Thanks

Thanks to @stephenmoloney, @sfrique, @mgazza, @stefanprodan, @squaremo, @rade and @hiddeco for their contributions.

Flux 1.8.2

This holiday season release fixes a handful of annoyances, and adds an experimental --watch flag for following the progress of fluxctl release.

Fixes

• Respect proxy env entries for git operations weaveworks/flux#1556
• Only push the "sync tag" when the synced revision has changed, avoiding spurious notifications weaveworks/flux#1605
• Return any sync errors for workloads in the ListControllers API weaveworks/flux#1521

Improvements

• The experimental flag fluxctl release --watch shows the rollout progress of workloads in the release weaveworks/flux#1525
• The example manifests now include resource requests, to help Kubernetes with scheduling weaveworks/flux#1541
• We have a more comprehensive example git repo, which is
  mentioned consistently throughout the docs weaveworks/flux#1527 and weaveworks/flux#1540.
• Many clarifications and better structure in the docs weaveworks/flux{#1597, #1595, #1563, #1555, #1548, #1550, #1549, #1547, #1508, #1557}
• Registry scanning produces far less log spam, and abandons scans as soon as possible on being throttled weaveworks/flux#1538

Thanks

Thanks to @Alien2150, @batpok, @bboreham, @brantb, @camilb, @davidkarlsen, @dbluxo, @demikl, @dholbach, @dpgeekzero, @etos, @hiddeco, @iandotmartin, @jakubbujny, @JeremyParker, @JimPruitt,
@johnraz, @kopachevsky, @kozejonaz, @leoblanc, @marccarre, @marcincuber, @mgazza, @michalschott, @montyz, @ncabatoff, @nmaupu, @Nogbit, @pdeveltere, @rampreethethiraj, @rndstr, @samisq, @scjudd, @sfrique, @Smirl, @songsak2299, @squaremo, @stefanprodan, @stephenmoloney, @Timer, @whereismyjetpack, @willnewby for contributions in the period up to this release.

Helm operator 0.5.1

Bug fixes

• Helm releases will now stay put when an upgrade fails or the Kubernetes API connectivity is flaky, instead of getting purged weaveworks/flux#1530

Thanks

Thanks to @sfrique, @brantb and @squaremo for helping document the issues leading to this bug fix, @stefanprodan for actually squashing the bug and all others that may have gone unnoticed while writing this release note.

Flux 1.8.1

This release completes the support for HelmRelease resources as used by the Helm operator from v0.5 onwards.

Note This release bakes in kubectl v.1.11.3, while previous releases used v1.9.0. Officially, kubectl is compatible with one minor version before and one minor version after its own, i.e., now v1.10-1.12. In practice, it may work fine for most purposes in a wider range. If you run into difficulties relating to the kubectl version, contact us.

Fixes

• Deal correctly with port numbers in images, when updating (Flux)HelmRelease resources weaveworks/flux#1507
• Many corrections and updates to the documentation weaveworks/flux#1506, weaveworks/flux#1502, weaveworks/flux#1501, weaveworks/flux#1498, weaveworks/flux#1492, weaveworks/flux#1490, weaveworks/flux#1488, weaveworks/flux#1489
• The metrics exported by the Flux daemon are now listed weaveworks/flux#1483

Improvements

• HelmRelease resources are treated as workloads, so they can be automated, and updated with fluxctl release ... weaveworks/flux#1382
• Container-by-container releases, as used by fluxctl --interactive, now post detailed notifications to Weave Cloud weaveworks/flux#1472 and have better commit messages weaveworks/flux#1479
• Errors encountered when applying manifests are reported in the ListControllers API (and may appear, in the future, in the fluxctl release output) weaveworks/flux#1410

Thanks

Thanks goes to @Ashiroq, @JimPruitt, @MansM, @Morriz, @Smirl, @Timer, @aytekk, @bzon, @camilb, @claude-leveille, @demikl, @dholbach, @endrec, @foot, @hiddeco, @jrcole2884, @lelenanam, @marcusolsson, @mellena1, @montyz, @olib963, @rade, @rndstr, @sfitts, @squaremo, @stefanprodan, @whereismyjetpack for their contributions.

Helm operator 0.5.0

WARNING: this release of the Helm operator is not backward-compatible:

• It uses a new custom resource HelmRelease, and will ignore FluxHelmRelease resources
• Some command-line arguments have changed, so the deployment manifests must also be updated

To use it, you will need to migrate custom resources to the new format supported by this version. See the upgrade guide.

This version of the Helm operator supports HelmRelease custom resources, which each specify a chart and values to use in a Helm release, as in previous versions. The main improvement is that you are now able to specify charts from Helm repos, as well as from git repo, per resource (rather than a single git repo, which is supplied to the operator).

Improvements

All of these were added in weaveworks/flux#1382.

See the Helm operator guide for details.

• You can now release charts from arbitrary Helm repos
• You can now release charts from arbitrary git repos

Thanks

Thanks to @demikl, @dholbach, @hiddeco, @mellana1, @squaremo, @stefanprodan, @stephenmoloney, @whereismyjetpack and others who made suggestions, logged problems, and tried out nightly builds.

Helm operator 0.4.0

This release improves support for TLS connections to Tiller; in particular it makes it much easier to get server certificate verification (--tiller-tls-verify) to work.

It also adds the ability to supply additional values to FluxHelmRelease resources by attaching Kubernetes secrets. This helps with a few use cases:

• supplying the same default values to several releases
• providing secrets (e.g., a password) to a chart that expects them as values
• using values files without inlining them into FluxHelmReleases

NB We advise that you deploy the operator alongside Tiller v2.10 or more recent. To properly support TLS, the operator now includes code from Helm v2.10, and this may have difficulty connecting to older versions of Tiller.

Bug fixes

• Make --tiller-tls-verify work as intended, by giving better instructions, and adding the argument --tiller-tls-hostname which lets you specify the hostname that TLS should expect in the certificate weaveworks/flux#1484

Improvements

• You can now create secrets containing a values.yaml file, and attach them to a FluxHelmRelease as additional values to use weaveworks/flux#1468

Thanks

Thanks to @hiddeco, @Smirl, @stefanprodan, @arthurk, @the-fine, @wstrange, @sfitts, @squaremo, @mpareja, @stephenmoloney, @justinbarrick, @pcfens for contributions to the PRs and issues leading to this release, as well as the inhabitants of #flux for high-quality, helpful
discussion.