feat(container): update flux-operator group#262
Merged
Conversation
Contributor
--- HelmRelease: flux-system/flux-instance FluxInstance: flux-system/flux
+++ HelmRelease: flux-system/flux-instance FluxInstance: flux-system/flux
@@ -9,13 +9,13 @@
app.kubernetes.io/instance: flux-instance
app.kubernetes.io/managed-by: Helm
spec:
distribution:
version: 2.x
registry: ghcr.io/fluxcd
- artifact: oci://ghcr.io/controlplaneio-fluxcd/flux-operator-manifests:v0.46.0
+ artifact: oci://ghcr.io/controlplaneio-fluxcd/flux-operator-manifests:v0.48.0
components:
- source-controller
- kustomize-controller
- helm-controller
- notification-controller
cluster:
--- HelmRelease: flux-system/flux-operator Deployment: flux-system/flux-operator
+++ HelmRelease: flux-system/flux-operator Deployment: flux-system/flux-operator
@@ -44,13 +44,13 @@
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
- image: ghcr.io/controlplaneio-fluxcd/flux-operator:v0.46.0
+ image: ghcr.io/controlplaneio-fluxcd/flux-operator:v0.48.0
imagePullPolicy: IfNotPresent
ports:
- name: http-metrics
containerPort: 8080
protocol: TCP
- name: http |
Contributor
--- kubernetes/apps/flux-system/flux-operator/app Kustomization: flux-system/flux-operator OCIRepository: flux-system/flux-operator
+++ kubernetes/apps/flux-system/flux-operator/app Kustomization: flux-system/flux-operator OCIRepository: flux-system/flux-operator
@@ -10,9 +10,9 @@
spec:
interval: 15m
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
- tag: 0.46.0
+ tag: 0.48.0
url: oci://ghcr.io/controlplaneio-fluxcd/charts/flux-operator
--- kubernetes/apps/flux-system/flux-instance/app Kustomization: flux-system/flux-instance HelmRelease: flux-system/flux-instance
+++ kubernetes/apps/flux-system/flux-instance/app Kustomization: flux-system/flux-instance HelmRelease: flux-system/flux-instance
@@ -37,13 +37,13 @@
components:
- source-controller
- kustomize-controller
- helm-controller
- notification-controller
distribution:
- artifact: oci://ghcr.io/controlplaneio-fluxcd/flux-operator-manifests:v0.46.0
+ artifact: oci://ghcr.io/controlplaneio-fluxcd/flux-operator-manifests:v0.48.0
version: 2.x
kustomize:
patches:
- patch: |
- op: add
path: /spec/template/spec/containers/0/args/-
--- kubernetes/apps/flux-system/flux-instance/app Kustomization: flux-system/flux-instance OCIRepository: flux-system/flux-instance
+++ kubernetes/apps/flux-system/flux-instance/app Kustomization: flux-system/flux-instance OCIRepository: flux-system/flux-instance
@@ -10,9 +10,9 @@
spec:
interval: 15m
layerSelector:
mediaType: application/vnd.cncf.helm.chart.content.v1.tar+gzip
operation: copy
ref:
- tag: 0.46.0
+ tag: 0.48.0
url: oci://ghcr.io/controlplaneio-fluxcd/charts/flux-instance
|
renovate
Bot
force-pushed
the
renovate/flux-operator
branch
2 times, most recently
from
9af15ad to
5d13ab6
Compare
renovate
Bot
force-pushed
the
renovate/flux-operator
branch
from
5d13ab6 to
8d92815
Compare
wcygan
added a commit
that referenced
this pull request
May 4, 2026
After the 2026-05-01 Talos v1.13.0 / Kubernetes v1.36.0 upgrade, flux-operator entered a perma-crashloop: pod boots, FluxInstance reconciles in 3s, then kubelet kills it ~60s later for /healthz failing 3× at the inherited 1s timeout. Other Flux controllers on the same node are healthy on default probes; only flux-operator's cache-sync path trips the 1s ceiling here. Bumping the chart group 0.46.0 → 0.48.0 (PR #262) did not fix it — the v0.48.0 pod started crashlooping with the same signature within 2m of rollout. Override the probes in the HelmRelease values.
wcygan
added a commit
that referenced
this pull request
May 4, 2026
After the 2026-05-01 Talos v1.13.0 / Kubernetes v1.36.0 upgrade, the chart's `flux-operator-web` NetworkPolicy started blocking kubelet probes to port 8081 (/healthz, /readyz), sending flux-operator into a 1450+ restart CrashLoopBackOff. The policy only allows ingress to ports 8080 (metrics) and 9080 (web UI) — port 8081 has no matching allow rule. Pre-upgrade, Cilium's kubelet-probe path apparently bypassed NP enforcement; post-upgrade it doesn't. Tried bumping chart 0.46.0 → 0.48.0 (PR #262) and raising probe timeoutSeconds 1s → 5s — neither fixed it because /healthz was network-blocked, not slow. flux-system has no default-deny NP, so disabling the chart's NP is safe; other Flux controllers don't ship their own NP and have always been reachable.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.46.0→0.48.00.46.0→0.48.0v0.46.0→v0.48.0Release Notes
controlplaneio-fluxcd/flux-operator (ghcr.io/controlplaneio-fluxcd/charts/flux-instance)
v0.48.0Compare Source
What's Changed
checksumFromby @matheuscscp in #826checksumFromfor triggering rollout restarts by @stefanprodan in #825convertKubeConfigFromSecrets by @matheuscscp in #827includeEmptyProvidersoption toPermuteinputStrategyby @jtyr in #828New Contributors
Full Changelog: controlplaneio-fluxcd/flux-operator@v0.47.0...v0.48.0
v0.47.0Compare Source
What's Changed
Full Changelog: controlplaneio-fluxcd/flux-operator@v0.46.0...v0.47.0
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.