Update dependency fluxcd/flux2 to v2.5.1 (main)

This MR contains the following updates:

Package	Update	Change
fluxcd/flux2	minor	v2.4.0 -> v2.5.1

---

Release Notes

fluxcd/flux2 (fluxcd/flux2)

v2.5.1

Compare Source

Highlights

Flux v2.5.1 is a patch release which comes with various fixes. Users are encouraged to upgrade for the best experience.

Fixes:

• Fix a bug introduced in kustomize-controller v1.5.0 that was causing spurious logging for deprecated API versions and health check failures.
• Sanitize the kustomize-controller logs when encountering errors during SOPS decryption.

Components changelog

• kustomize-controller v1.5.1

CLI Changelog

• MR #​5215 - @​matheuscscp - Update backport labels for 2.5
• MR #​5214 - @​fluxcdbot - Update kustomize-controller to v1.5.1

v2.5.0

Compare Source

Highlights

Flux v2.5.0 is a feature release. Users are encouraged to upgrade for the best experience.

For a compressive overview of new features and API changes included in this release, please refer to the Announcing Flux 2.5 GA blog post.

Overview of the new features:

• Support for GitHub App authentication (GitRepository and ImageUpdateAutomation API)
• Custom Health Checks using CEL (Kustomization API)
• Fine-grained control of garbage collection (Kustomization API)
• Enable decryption of secrets generated by Kustomize components (Kustomization API)
• Support for custom event metadata from annotations (Alert API)
• Git commit status updates for Flux Kustomizations with OCIRepository sources (Alert API)
• Resource filtering using CEL for webhook receivers (Receiver API)
• Debug commands for Flux Kustomizations and HelmReleases (Flux CLI)

❤️ Big thanks to all the Flux contributors that helped us with this release!

Kubernetes compatibility

This release is compatible with the following Kubernetes versions:

Kubernetes version	Minimum required
v1.30	>= 1.30.0
v1.31	>= 1.31.0
v1.32	>= 1.32.0

[!NOTE] Note that the Flux project offers support only for the latest three minor versions of Kubernetes. Backwards compatibility with older versions of Kubernetes and OpenShift is offered by vendors such as ControlPlane that provide enterprise support for Flux.

OpenShift compatibility

Flux can be installed on Red Hat OpenShift cluster directly from OperatorHub using Flux Operator. The operator allows the configuration of Flux multi-tenancy lockdown, network policies, persistent storage, sharding, vertical scaling and the synchronization of the cluster state from Git repositories, OCI artifacts and S3-compatible storage.

Upgrade procedure

Upgrade Flux from v2.4.0 to v2.5.0 by following the upgrade guide.

There are no new API versions in this release, so no changes are required in the YAML manifests containing Flux resources.

Components changelog

• source-controller v1.5.0
• kustomize-controller v1.5.0
• notification-controller v1.5.0
• helm-controller v1.2.0
• image-reflector-controller v0.34.0
• image-automation-controller v0.40.0

CLI Changelog

• MR #​5204 - @​stefanprodan - Update kubectl in flux-cli image
• MR #​5203 - @​stefanprodan - Update flux-cli image
• MR #​5200 - @​stefanprodan - Update Kubernetes min supported version to 1.30
• MR #​5199 - @​matheuscscp - Update integration tests dependencies for Flux 2.5
• MR #​5195 - @​fluxcdbot - Update toolkit components
• MR #​5192 - @​fluxcdbot - Update toolkit components
• MR #​5190 - @​dependabot[bot] - build(deps): bump github.com/distribution/distribution/v3 from 3.0.0-rc.2 to 3.0.0-rc.3
• MR #​5188 - @​matheuscscp - Upgrade pkg/runtime
• MR #​5187 - @​stefanprodan - Update conformance test suite
• MR #​5181 - @​dependabot[bot] - build(deps): bump the ci group across 1 directory with 13 updates
• MR #​5176 - @​YvanGuidoin - fix: align flux diff skipping with kustomize-controller
• MR #​5175 - @​stefanprodan - Update dependencies
• MR #​5151 - @​stefanprodan - [RFC-0009] Custom Health Checks using CEL expressions
• MR #​5146 - @​sjorsholtrop-ritense - Improve "flux resume" error message on non-existent object
• MR #​5142 - @​matheuscscp - Fix create command always using imageRepositoryType
• MR #​5137 - @​scottrigby - Add OpenShift 4.16 & 4.17 to conformance testing
• MR #​5117 - @​stefanprodan - Implement flux debug kustomization command
• MR #​5114 - @​stefanprodan - Update dependencies to Kubernetes 1.32.0 and Go 1.23.0
• MR #​5111 - @​stefanprodan - Run conformance tests for Kubernetes 1.32.0
• MR #​5107 - @​darkowlzz - workflows: Use setup-terraform to install latest
• MR #​5106 - @​stefanprodan - Implement flux debug helmrelease command
• MR #​5105 - @​stefanprodan - Update fluxcd/pkg dependencies
• MR #​5104 - @​dependabot[bot] - build(deps): bump the ci group across 1 directory with 11 updates
• MR #​5103 - @​dipti-pai - [RFC-007] Flux cli support for GitHub app authentication
• MR #​5099 - @​bkreitch - fix misplaced quotes
• MR #​5073 - @​mloskot - docs: Mention Flux upgrade guide in release notes
• MR #​5071 - @​milas - fix: skip remote Kustomizations on recursive diff
• MR #​5068 - @​h3nryc0ding - fix(cli): confusing error message for missing kind
• MR #​5060 - @​jdewinne - Use replicated-actions in conformance tests

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot Sylva instance.

CI configuration

Below you can choose test deployment variants to run in this MR's CI.

Click to open to CI configuration

Legend:

Icon	Meaning	Available values
☁️	Infra Provider	capd, capo, capm3
🚀	Bootstrap Provider	kubeadm (alias kadm), rke2
🐧	Node OS	ubuntu, suse
🛠️	Deployment Options	light-deploy, dev-sources, ha, misc, maxsurge-0
🎬	Pipeline Scenarios	Available scenario list and description

• 🎬 preview ☁️ capd 🚀 kadm 🐧 ubuntu

• 🎬 preview ☁️ capo 🚀 rke2 🐧 suse

• 🎬 preview ☁️ capm3 🚀 rke2 🐧 ubuntu

• ☁️ capd 🚀 kadm 🛠️ light-deploy 🐧 ubuntu

• ☁️ capd 🚀 rke2 🛠️ light-deploy 🐧 suse

• ☁️ capo 🚀 rke2 🐧 suse

• ☁️ capo 🚀 kadm 🐧 ubuntu

• ☁️ capo 🚀 rke2 🎬 rolling-update 🛠️ ha 🐧 ubuntu

• ☁️ capo 🚀 kadm 🎬 wkld-k8s-upgrade 🐧 ubuntu

• ☁️ capo 🚀 rke2 🎬 rolling-update-no-wkld 🛠️ ha,misc 🐧 suse

• ☁️ capo 🚀 rke2 🎬 sylva-upgrade-from-1.3.x 🛠️ ha,misc 🐧 ubuntu

• ☁️ capm3 🚀 rke2 🐧 suse

• ☁️ capm3 🚀 kadm 🐧 ubuntu

• ☁️ capm3 🚀 kadm 🎬 rolling-update-no-wkld 🛠️ ha,misc 🐧 ubuntu

• ☁️ capm3 🚀 rke2 🎬 wkld-k8s-upgrade 🛠️ ha 🐧 suse

• ☁️ capm3 🚀 kadm 🎬 rolling-update 🛠️ ha 🐧 ubuntu

• ☁️ capm3 🚀 rke2 🎬 sylva-upgrade-from-1.3.x 🛠️ misc,ha 🐧 suse

• ☁️ capm3 🚀 kadm 🎬 rolling-update 🛠️ ha 🐧 suse

Global config for deployment pipelines

• autorun pipelines
• allow failure on pipelines
• record sylvactl events

Notes:

• Enabling autorun will make deployment pipelines to be run automatically without human interaction
• Disabling allow failure will make deployment pipelines mandatory for pipeline success.
• if both autorun and allow failure are disabled, deployment pipelines will need manual triggering but will be blocking the pipeline

Be aware: after configuration change, pipeline is not triggered automatically. Please run it manually (by clicking the run pipeline button in Pipelines tab) or push new code.

⚙️ If no checkbox is checked, a default pipeline will be enabled (capm3, or capo if capo label is set)