Merge pull request #2050 from fluxcd/do-not-edit-warn

Add `DO NOT EDIT` warn to bootstrap sync manifests

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -48,19 +48,18 @@ body:
     required: true
   attributes:
     label: Flux version
-    description: Run `flux --version` to check. If not applicable, write `N/A`.
-    placeholder: e.g. 0.16.1
+    description: Run `flux version --client`. If not applicable, write `N/A`.
+    placeholder: e.g. v0.20.1
 - type: textarea
   validations:
     required: true
   attributes:
     label: Flux check
-    description: Run `flux check` to check. If not applicable, write `N/A`.
+    description: Run `flux check`. If not applicable, write `N/A`.
     placeholder: |
       For example:
       ► checking prerequisites
-      ✔ kubectl 1.21.0 >=1.18.0-0
-      ✔ Kubernetes 1.21.1 >=1.16.0-0
+      ✔ Kubernetes 1.21.1 >=1.19.0-0
       ► checking controllers
       ✔ all checks passed
 - type: input

cmd/flux/bootstrap.go

@@ -140,7 +140,7 @@ func NewBootstrapFlags() bootstrapFlags {
 	return bootstrapFlags{
 		logLevel:           flags.LogLevel(rootArgs.defaults.LogLevel),
 		requiredComponents: []string{"source-controller", "kustomize-controller"},
-		keyAlgorithm:       flags.PublicKeyAlgorithm(sourcesecret.RSAPrivateKeyAlgorithm),
+		keyAlgorithm:       flags.PublicKeyAlgorithm(sourcesecret.ECDSAPrivateKeyAlgorithm),
 		keyRSABits:         2048,
 		keyECDSACurve:      flags.ECDSACurve{Curve: elliptic.P384()},
 	}

cmd/flux/check.go

@@ -30,6 +30,7 @@ import (
 	"github.com/fluxcd/pkg/version"
 
 	"github.com/fluxcd/flux2/internal/utils"
+	"github.com/fluxcd/flux2/pkg/manifestgen"
 	"github.com/fluxcd/flux2/pkg/manifestgen/install"
 	"github.com/fluxcd/flux2/pkg/status"
 )
@@ -191,7 +192,7 @@ func componentsCheck() bool {
 	}
 
 	ok := true
-	selector := client.MatchingLabels{"app.kubernetes.io/instance": rootArgs.namespace}
+	selector := client.MatchingLabels{manifestgen.PartOfLabelKey: manifestgen.PartOfLabelValue}
 	var list v1.DeploymentList
 	if err := kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace), selector); err == nil {
 		for _, d := range list.Items {

cmd/flux/create_secret_git.go

@@ -105,7 +105,7 @@ func init() {
 
 func NewSecretGitFlags() secretGitFlags {
 	return secretGitFlags{
-		keyAlgorithm: flags.PublicKeyAlgorithm(sourcesecret.RSAPrivateKeyAlgorithm),
+		keyAlgorithm: flags.PublicKeyAlgorithm(sourcesecret.ECDSAPrivateKeyAlgorithm),
 		rsaBits:      2048,
 		ecdsaCurve:   flags.ECDSACurve{Curve: elliptic.P384()},
 	}

cmd/flux/create_source.go

@@ -17,6 +17,8 @@ limitations under the License.
 package main
 
 import (
+	"time"
+
 	"github.com/spf13/cobra"
 )
 
@@ -26,6 +28,14 @@ var createSourceCmd = &cobra.Command{
 	Long:  "The create source sub-commands generate sources.",
 }
 
+type createSourceFlags struct {
+	fetchTimeout time.Duration
+}
+
+var createSourceArgs createSourceFlags
+
 func init() {
+	createSourceCmd.PersistentFlags().DurationVar(&createSourceArgs.fetchTimeout, "fetch-timeout", createSourceArgs.fetchTimeout,
+		"set a timeout for fetch operations performed by source-controller (e.g. 'git clone' or 'helm repo update')")
 	createCmd.AddCommand(createSourceCmd)
 }

cmd/flux/create_source_bucket.go

@@ -134,6 +134,11 @@ func createSourceBucketCmdRun(cmd *cobra.Command, args []string) error {
 			},
 		},
 	}
+
+	if createSourceArgs.fetchTimeout > 0 {
+		bucket.Spec.Timeout = &metav1.Duration{Duration: createSourceArgs.fetchTimeout}
+	}
+
 	if sourceBucketArgs.secretRef != "" {
 		bucket.Spec.SecretRef = &meta.LocalObjectReference{
 			Name: sourceBucketArgs.secretRef,

cmd/flux/create_source_git.go

@@ -143,7 +143,7 @@ func init() {
 
 func newSourceGitFlags() sourceGitFlags {
 	return sourceGitFlags{
-		keyAlgorithm:  flags.PublicKeyAlgorithm(sourcesecret.RSAPrivateKeyAlgorithm),
+		keyAlgorithm:  flags.PublicKeyAlgorithm(sourcesecret.ECDSAPrivateKeyAlgorithm),
 		keyRSABits:    2048,
 		keyECDSACurve: flags.ECDSACurve{Curve: elliptic.P384()},
 	}
@@ -206,6 +206,10 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error {
 		},
 	}
 
+	if createSourceArgs.fetchTimeout > 0 {
+		gitRepository.Spec.Timeout = &metav1.Duration{Duration: createSourceArgs.fetchTimeout}
+	}
+
 	if sourceGitArgs.gitImplementation != "" {
 		gitRepository.Spec.GitImplementation = sourceGitArgs.gitImplementation.String()
 	}

cmd/flux/create_source_helm.go

@@ -129,6 +129,10 @@ func createSourceHelmCmdRun(cmd *cobra.Command, args []string) error {
 		},
 	}
 
+	if createSourceArgs.fetchTimeout > 0 {
+		helmRepository.Spec.Timeout = &metav1.Duration{Duration: createSourceArgs.fetchTimeout}
+	}
+
 	if sourceHelmArgs.secretRef != "" {
 		helmRepository.Spec.SecretRef = &meta.LocalObjectReference{
 			Name: sourceHelmArgs.secretRef,

cmd/flux/export.go

@@ -113,8 +113,8 @@ func printExport(export interface{}) error {
 	if err != nil {
 		return err
 	}
-	fmt.Println("---")
-	fmt.Println(resourceToString(data))
+	rootCmd.Println("---")
+	rootCmd.Println(resourceToString(data))
 	return nil
 }
 

cmd/flux/export_test.go

@@ -0,0 +1,88 @@
+// +build unit
+
+package main
+
+import (
+	"testing"
+)
+
+func TestExport(t *testing.T) {
+	cases := []struct {
+		name       string
+		arg        string
+		goldenFile string
+	}{
+		{
+			"alert-provider",
+			"export alert-provider slack",
+			"testdata/export/provider.yaml",
+		},
+		{
+			"alert",
+			"export alert flux-system",
+			"testdata/export/alert.yaml",
+		},
+		{
+			"image policy",
+			"export image policy flux-system",
+			"testdata/export/image-policy.yaml",
+		},
+		{
+			"image repository",
+			"export image repository flux-system",
+			"testdata/export/image-repo.yaml",
+		},
+		{
+			"image update",
+			"export image update flux-system",
+			"testdata/export/image-update.yaml",
+		},
+		{
+			"source git",
+			"export source git flux-system",
+			"testdata/export/git-repo.yaml",
+		},
+		{
+			"source helm",
+			"export source helm flux-system",
+			"testdata/export/helm-repo.yaml",
+		},
+		{
+			"receiver",
+			"export receiver flux-system",
+			"testdata/export/receiver.yaml",
+		},
+		{
+			"kustomization",
+			"export kustomization flux-system",
+			"testdata/export/ks.yaml",
+		},
+		{
+			"helmrelease",
+			"export helmrelease flux-system",
+			"testdata/export/helm-release.yaml",
+		},
+		{
+			"bucket",
+			"export source bucket flux-system",
+			"testdata/export/bucket.yaml",
+		},
+	}
+
+	objectFile := "testdata/export/objects.yaml"
+	tmpl := map[string]string{
+		"fluxns": allocateNamespace("flux-system"),
+	}
+	testEnv.CreateObjectFile(objectFile, tmpl, t)
+
+	for _, tt := range cases {
+		t.Run(tt.name, func(t *testing.T) {
+			cmd := cmdTestCase{
+				args:   tt.arg + " -n=" + tmpl["fluxns"],
+				assert: assertGoldenTemplateFile(tt.goldenFile, tmpl),
+			}
+
+			cmd.runTestCmd(t)
+		})
+	}
+}

cmd/flux/logs.go

@@ -39,6 +39,7 @@ import (
 
 	"github.com/fluxcd/flux2/internal/flags"
 	"github.com/fluxcd/flux2/internal/utils"
+	"github.com/fluxcd/flux2/pkg/manifestgen"
 )
 
 var logsCmd = &cobra.Command{
@@ -93,7 +94,7 @@ func init() {
 }
 
 func logsCmdRun(cmd *cobra.Command, args []string) error {
-	fluxSelector := fmt.Sprintf("app.kubernetes.io/instance=%s", logsArgs.fluxNamespace)
+	fluxSelector := fmt.Sprintf("%s=%s", manifestgen.PartOfLabelKey, manifestgen.PartOfLabelValue)
 
 	ctx, cancel := context.WithTimeout(context.Background(), rootArgs.timeout)
 	defer cancel()

cmd/flux/main.go

@@ -107,7 +107,8 @@ type rootFlags struct {
 var rootArgs = NewRootFlags()
 
 func init() {
-	rootCmd.PersistentFlags().StringVarP(&rootArgs.namespace, "namespace", "n", rootArgs.defaults.Namespace, "the namespace scope for this operation")
+	rootCmd.PersistentFlags().StringVarP(&rootArgs.namespace, "namespace", "n", rootArgs.defaults.Namespace,
+		"the namespace scope for this operation, can be set with FLUX_SYSTEM_NAMESPACE env var")
 	rootCmd.RegisterFlagCompletionFunc("namespace", resourceNamesCompletionFunc(corev1.SchemeGroupVersion.WithKind("Namespace")))
 
 	rootCmd.PersistentFlags().DurationVar(&rootArgs.timeout, "timeout", 5*time.Minute, "timeout for this operation")
@@ -134,6 +135,7 @@ func NewRootFlags() rootFlags {
 func main() {
 	log.SetFlags(0)
 	configureKubeconfig()
+	configureDefaultNamespace()
 	if err := rootCmd.Execute(); err != nil {
 		logger.Failuref("%v", err)
 		os.Exit(1)
@@ -152,6 +154,13 @@ func configureKubeconfig() {
 	}
 }
 
+func configureDefaultNamespace() {
+	fromEnv := os.Getenv("FLUX_SYSTEM_NAMESPACE")
+	if fromEnv != "" && rootArgs.namespace == rootArgs.defaults.Namespace {
+		rootArgs.namespace = fromEnv
+	}
+}
+
 func homeDir() string {
 	if h := os.Getenv("HOME"); h != "" {
 		return h

cmd/flux/reconcile.go

@@ -122,7 +122,7 @@ func (reconcile reconcileCommand) run(cmd *cobra.Command, args []string) error {
 	}
 
 	if readyCond.Status != metav1.ConditionTrue {
-		return fmt.Errorf("%s reconciliation failed: ''%s", reconcile.kind, readyCond.Message)
+		return fmt.Errorf("%s reconciliation failed: '%s'", reconcile.kind, readyCond.Message)
 	}
 	logger.Successf(reconcile.object.successMessage())
 	return nil

cmd/flux/testdata/export/alert.yaml

@@ -0,0 +1,17 @@
+---
+apiVersion: notification.toolkit.fluxcd.io/v1beta1
+kind: Alert
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  eventSeverity: info
+  eventSources:
+  - kind: GitRepository
+    name: '*'
+  - kind: Kustomization
+    name: '*'
+  providerRef:
+    name: slack
+  summary: Slacktest Notification
+

cmd/flux/testdata/export/bucket.yaml

@@ -0,0 +1,14 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: Bucket
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  bucketName: podinfo
+  endpoint: s3.amazonaws.com
+  interval: 5m0s
+  provider: aws
+  region: us-east-1
+  timeout: 30s
+

cmd/flux/testdata/export/git-repo.yaml

@@ -0,0 +1,16 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  gitImplementation: go-git
+  interval: 5m0s
+  ref:
+    branch: main
+  secretRef:
+    name: flux-system
+  timeout: 20s
+  url: ssh://git@github.com/example/repo
+

cmd/flux/testdata/export/helm-release.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  chart:
+    spec:
+      chart: podinfo
+      reconcileStrategy: ChartVersion
+      sourceRef:
+        kind: HelmRepository
+        name: flux-systen
+        namespace: {{ .fluxns }}
+      version: '*'
+  interval: 5m0s
+

cmd/flux/testdata/export/helm-repo.yaml

@@ -0,0 +1,11 @@
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  interval: 5m0s
+  timeout: 1m0s
+  url: https://stefanprodan.github.io/podinfo
+

cmd/flux/testdata/export/image-policy.yaml

@@ -0,0 +1,13 @@
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta1
+kind: ImagePolicy
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  imageRepositoryRef:
+    name: flux-system
+  policy:
+    semver:
+      range: 5.0.x
+

cmd/flux/testdata/export/image-repo.yaml

@@ -0,0 +1,10 @@
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta1
+kind: ImageRepository
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  image: ghcr.io/test/podinfo
+  interval: 1m0s
+

cmd/flux/testdata/export/image-update.yaml

@@ -0,0 +1,20 @@
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta1
+kind: ImageUpdateAutomation
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  git:
+    commit:
+      author:
+        email: fluxcdbot@users.noreply.github.com
+        name: fluxcdbot
+  interval: 1m0s
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  update:
+    path: ./clusters/my-cluster
+    strategy: Setters
+

cmd/flux/testdata/export/ks.yaml

@@ -0,0 +1,14 @@
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta2
+kind: Kustomization
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  interval: 5m0s
+  path: ./infrastructure/
+  prune: true
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+

cmd/flux/testdata/export/objects.yaml

@@ -0,0 +1,153 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: {{ .fluxns }}
+---
+apiVersion: notification.toolkit.fluxcd.io/v1beta1
+kind: Provider
+metadata:
+  name: slack
+  namespace: {{ .fluxns }}
+spec:
+  type: slack
+  channel: 'A channel with spacess'
+  address: https://hooks.slack.com/services/mock
+---
+apiVersion: notification.toolkit.fluxcd.io/v1beta1
+kind: Alert
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  summary: "Slacktest Notification"
+  providerRef:
+    name: slack
+  eventSeverity: info
+  eventSources:
+    - kind: "GitRepository"
+      name: "*"
+    - kind: "Kustomization"
+      name: "*"
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta1
+kind: ImageRepository
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  image: ghcr.io/test/podinfo
+  interval: 1m0s
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta1
+kind: ImagePolicy
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  imageRepositoryRef:
+    name: flux-system
+  policy:
+    semver:
+      range: 5.0.x
+---
+apiVersion: image.toolkit.fluxcd.io/v1beta1
+kind: ImageUpdateAutomation
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  interval: 1m0s
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  git:
+    commit:
+      author:
+        email: fluxcdbot@users.noreply.github.com
+        name: fluxcdbot
+      messageTemplate: '{{range .Updated.Images}}{{println .}}{{end}}'
+  update:
+    path: ./clusters/my-cluster
+    strategy: Setters
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: GitRepository
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  ref:
+    branch: main
+  secretRef:
+    name: flux-system
+  interval: 5m
+  url: ssh://git@github.com/example/repo
+---
+apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
+kind: Kustomization
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  path: ./infrastructure/
+  sourceRef:
+    kind: GitRepository
+    name: flux-system
+  interval: 5m
+  prune: true
+---
+apiVersion: notification.toolkit.fluxcd.io/v1beta1
+kind: Receiver
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  type: github
+  events:
+    - "ping"
+    - "push"
+  secretRef:
+    name: webhook-token
+  resources:
+    - kind: GitRepository
+      name: flux-system
+      namespace: flux-system
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: HelmRepository
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  interval: 5m
+  timeout: 1m0s
+  url: https://stefanprodan.github.io/podinfo
+---
+apiVersion: helm.toolkit.fluxcd.io/v2beta1
+kind: HelmRelease
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: podinfo
+      sourceRef:
+        kind: HelmRepository
+        name: flux-systen
+        namespace: {{ .fluxns }}
+---
+apiVersion: source.toolkit.fluxcd.io/v1beta1
+kind: Bucket
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  interval: 5m
+  provider: aws
+  bucketName: podinfo
+  endpoint: s3.amazonaws.com
+  region: us-east-1
+  timeout: 30s

cmd/flux/testdata/export/provider.yaml

@@ -0,0 +1,11 @@
+---
+apiVersion: notification.toolkit.fluxcd.io/v1beta1
+kind: Provider
+metadata:
+  name: slack
+  namespace: {{ .fluxns }}
+spec:
+  address: https://hooks.slack.com/services/mock
+  channel: A channel with spacess
+  type: slack
+

cmd/flux/testdata/export/receiver.yaml

@@ -0,0 +1,18 @@
+---
+apiVersion: notification.toolkit.fluxcd.io/v1beta1
+kind: Receiver
+metadata:
+  name: flux-system
+  namespace: {{ .fluxns }}
+spec:
+  events:
+  - ping
+  - push
+  resources:
+  - kind: GitRepository
+    name: flux-system
+    namespace: flux-system
+  secretRef:
+    name: webhook-token
+  type: github
+

cmd/flux/tree_kustomization.go

@@ -50,7 +50,8 @@ var treeKsCmd = &cobra.Command{
 
   # Print the Flux resources managed by the root Kustomization
   flux tree kustomization flux-system --compact`,
-	RunE: treeKsCmdRun,
+	RunE:              treeKsCmdRun,
+	ValidArgsFunction: resourceNamesCompletionFunc(kustomizev1.GroupVersion.WithKind(kustomizev1.KustomizationKind)),
 }
 
 type TreeKsFlags struct {

cmd/flux/uninstall.go

@@ -31,6 +31,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	"github.com/fluxcd/flux2/internal/utils"
+	"github.com/fluxcd/flux2/pkg/manifestgen"
 	helmv2 "github.com/fluxcd/helm-controller/api/v2beta1"
 	kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1beta2"
 	sourcev1 "github.com/fluxcd/source-controller/api/v1beta1"
@@ -93,7 +94,7 @@ func uninstallCmdRun(cmd *cobra.Command, args []string) error {
 	uninstallFinalizers(ctx, kubeClient, uninstallArgs.dryRun)
 
 	logger.Actionf("deleting toolkit.fluxcd.io custom resource definitions")
-	uninstallCustomResourceDefinitions(ctx, kubeClient, rootArgs.namespace, uninstallArgs.dryRun)
+	uninstallCustomResourceDefinitions(ctx, kubeClient, uninstallArgs.dryRun)
 
 	if !uninstallArgs.keepNamespace {
 		uninstallNamespace(ctx, kubeClient, rootArgs.namespace, uninstallArgs.dryRun)
@@ -105,7 +106,7 @@ func uninstallCmdRun(cmd *cobra.Command, args []string) error {
 
 func uninstallComponents(ctx context.Context, kubeClient client.Client, namespace string, dryRun bool) {
 	opts, dryRunStr := getDeleteOptions(dryRun)
-	selector := client.MatchingLabels{"app.kubernetes.io/instance": namespace}
+	selector := client.MatchingLabels{manifestgen.PartOfLabelKey: manifestgen.PartOfLabelValue}
 	{
 		var list appsv1.DeploymentList
 		if err := kubeClient.List(ctx, &list, client.InNamespace(namespace), selector); err == nil {
@@ -262,9 +263,9 @@ func uninstallFinalizers(ctx context.Context, kubeClient client.Client, dryRun b
 	}
 }
 
-func uninstallCustomResourceDefinitions(ctx context.Context, kubeClient client.Client, namespace string, dryRun bool) {
+func uninstallCustomResourceDefinitions(ctx context.Context, kubeClient client.Client, dryRun bool) {
 	opts, dryRunStr := getDeleteOptions(dryRun)
-	selector := client.MatchingLabels{"app.kubernetes.io/instance": namespace}
+	selector := client.MatchingLabels{manifestgen.PartOfLabelKey: manifestgen.PartOfLabelValue}
 	{
 		var list apiextensionsv1.CustomResourceDefinitionList
 		if err := kubeClient.List(ctx, &list, selector); err == nil {

cmd/flux/version.go

@@ -28,6 +28,7 @@ import (
 	"sigs.k8s.io/yaml"
 
 	"github.com/fluxcd/flux2/internal/utils"
+	"github.com/fluxcd/flux2/pkg/manifestgen"
 )
 
 var versionCmd = &cobra.Command{
@@ -78,7 +79,7 @@ func versionCmdRun(cmd *cobra.Command, args []string) error {
 			return err
 		}
 
-		selector := client.MatchingLabels{"app.kubernetes.io/instance": rootArgs.namespace}
+		selector := client.MatchingLabels{manifestgen.PartOfLabelKey: manifestgen.PartOfLabelValue}
 		var list v1.DeploymentList
 		if err := kubeClient.List(ctx, &list, client.InNamespace(rootArgs.namespace), selector); err != nil {
 			return err

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/cyphar/filepath-securejoin v0.2.2
 	github.com/fluxcd/go-git-providers v0.1.1
 	github.com/fluxcd/helm-controller/api v0.12.1
-	github.com/fluxcd/image-automation-controller/api v0.16.0
+	github.com/fluxcd/image-automation-controller/api v0.16.1
 	github.com/fluxcd/image-reflector-controller/api v0.13.0
 	github.com/fluxcd/kustomize-controller/api v0.16.0
 	github.com/fluxcd/notification-controller/api v0.18.1
@@ -18,7 +18,7 @@ require (
 	github.com/fluxcd/pkg/ssh v0.0.5
 	github.com/fluxcd/pkg/untar v0.0.5
 	github.com/fluxcd/pkg/version v0.0.1
-	github.com/fluxcd/source-controller/api v0.17.0
+	github.com/fluxcd/source-controller/api v0.17.2
 	github.com/go-errors/errors v1.4.0 // indirect
 	github.com/go-git/go-git/v5 v5.4.2
 	github.com/google/go-cmp v0.5.6

go.sum

@@ -227,8 +227,8 @@ github.com/fluxcd/go-git-providers v0.1.1 h1:R4VafMOo1IlfEZcImApCeElge/HajhFvRzD
 github.com/fluxcd/go-git-providers v0.1.1/go.mod h1:nRgNpHZmZhrsyNSma1JcAhjUG9xrqMGJcIUr9K7M7vk=
 github.com/fluxcd/helm-controller/api v0.12.1 h1:rDyhMPvbhCxslqiNNG4nlfDCeYgrk6D+1ZKLsBS/Irs=
 github.com/fluxcd/helm-controller/api v0.12.1/go.mod h1:zWmzV0s2SU4rEIGLPTt+dsaMs40OsNQgSgOATgJmxB0=
-github.com/fluxcd/image-automation-controller/api v0.16.0 h1:pPvEdb8Q7LgNVfugF3+/z2JQdUZ4ecYWrXiezLPov0w=
-github.com/fluxcd/image-automation-controller/api v0.16.0/go.mod h1:tEQCFKGgxii7zfXti2MxixwFbxhEXnVJqLGM2x9zlGw=
+github.com/fluxcd/image-automation-controller/api v0.16.1 h1:EUiqALeUQY9zeOZNnviGZgKvbfmmhlMbaEuDath6/fc=
+github.com/fluxcd/image-automation-controller/api v0.16.1/go.mod h1:wn6XjTpUnrQ2bakHhgJNAUj53snw50J0/+36pY4zXSE=
 github.com/fluxcd/image-reflector-controller/api v0.13.0 h1:5kq0Jqh+ndZIye+4csfEbuos5GaXIiK77Gpx+ojo+f8=
 github.com/fluxcd/image-reflector-controller/api v0.13.0/go.mod h1:lgQHGFz29OHmDU5Jwg689C/M+P/f9ujt6NS0zCLT0BQ=
 github.com/fluxcd/kustomize-controller/api v0.16.0 h1:L/LRxS6oroGZe1AdElP3k1mnNIKGCpi0ntgHwJzdNYY=
@@ -250,8 +250,8 @@ github.com/fluxcd/pkg/untar v0.0.5 h1:UGI3Ch1UIEIaqQvMicmImL1s9npQa64DJ/ozqHKB7g
 github.com/fluxcd/pkg/untar v0.0.5/go.mod h1:O6V9+rtl8c1mHBafgqFlJN6zkF1HS5SSYn7RpQJ/nfw=
 github.com/fluxcd/pkg/version v0.0.1 h1:/8asQoDXSThz3csiwi4Qo8Zb6blAxLXbtxNgeMJ9bCg=
 github.com/fluxcd/pkg/version v0.0.1/go.mod h1:WAF4FEEA9xyhngF8TDxg3UPu5fA1qhEYV8Pmi2Il01Q=
-github.com/fluxcd/source-controller/api v0.17.0 h1:skXx2H5SeziUTwJrp9MPJNwTtYTctJMQ7ZIJfLmg9b0=
-github.com/fluxcd/source-controller/api v0.17.0/go.mod h1:guUCCapjzE2kocwFreQTM/IGvtAglIJc4L97mokairo=
+github.com/fluxcd/source-controller/api v0.17.2 h1:noePJGsevuvxWols6ErbowujuAHGWb/ZO8irtRHcVAc=
+github.com/fluxcd/source-controller/api v0.17.2/go.mod h1:guUCCapjzE2kocwFreQTM/IGvtAglIJc4L97mokairo=
 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
 github.com/form3tech-oss/jwt-go v3.2.3+incompatible h1:7ZaBxOI7TMoYBfyA3cQHErNNyAWIKUMIwqxEtgHOs5c=

manifests/bases/image-automation-controller/kustomization.yaml

@@ -1,8 +1,8 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-- https://github.com/fluxcd/image-automation-controller/releases/download/v0.16.0/image-automation-controller.crds.yaml
-- https://github.com/fluxcd/image-automation-controller/releases/download/v0.16.0/image-automation-controller.deployment.yaml
+- https://github.com/fluxcd/image-automation-controller/releases/download/v0.16.1/image-automation-controller.crds.yaml
+- https://github.com/fluxcd/image-automation-controller/releases/download/v0.16.1/image-automation-controller.deployment.yaml
 - account.yaml
 patchesJson6902:
 - target:

manifests/bases/source-controller/kustomization.yaml

@@ -1,8 +1,8 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-- https://github.com/fluxcd/source-controller/releases/download/v0.17.0/source-controller.crds.yaml
-- https://github.com/fluxcd/source-controller/releases/download/v0.17.0/source-controller.deployment.yaml
+- https://github.com/fluxcd/source-controller/releases/download/v0.17.2/source-controller.crds.yaml
+- https://github.com/fluxcd/source-controller/releases/download/v0.17.2/source-controller.deployment.yaml
 - account.yaml
 patchesJson6902:
 - target:

manifests/crds/kustomization.yaml

@@ -1,9 +1,9 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
-- https://github.com/fluxcd/source-controller/releases/download/v0.17.0/source-controller.crds.yaml
+- https://github.com/fluxcd/source-controller/releases/download/v0.17.2/source-controller.crds.yaml
 - https://github.com/fluxcd/kustomize-controller/releases/download/v0.16.0/kustomize-controller.crds.yaml
 - https://github.com/fluxcd/helm-controller/releases/download/v0.12.1/helm-controller.crds.yaml
 - https://github.com/fluxcd/notification-controller/releases/download/v0.18.1/notification-controller.crds.yaml
 - https://github.com/fluxcd/image-reflector-controller/releases/download/v0.13.0/image-reflector-controller.crds.yaml
-- https://github.com/fluxcd/image-automation-controller/releases/download/v0.16.0/image-automation-controller.crds.yaml
+- https://github.com/fluxcd/image-automation-controller/releases/download/v0.16.1/image-automation-controller.crds.yaml

pkg/manifestgen/install/manifests.go

@@ -65,7 +65,15 @@ func fetch(ctx context.Context, url, version, dir string) error {
 
 func generate(base string, options Options) error {
 	if containsItemString(options.Components, options.NotificationController) {
-		options.EventsAddr = fmt.Sprintf("http://%s/", options.NotificationController)
+		// We need to use full domain name here, as some users may deploy flux
+		// in environments that use http proxy.
+		//
+		// In such environments they normally add `.cluster.local` and `.local`
+		// suffixes to `no_proxy` variable in order to prevent cluster-local
+		// traffic from going through http proxy. Without fully specified
+		// domain they need to mention `notifications-controller` explicity in
+		// `no_proxy` variable after debugging http proxy logs.
+		options.EventsAddr = fmt.Sprintf("http://%s.%s.svc.%s/", options.NotificationController, options.Namespace, options.ClusterDomain)
 	}
 
 	if err := execTemplate(options, namespaceTmpl, path.Join(base, "namespace.yaml")); err != nil {

pkg/manifestgen/labels.go

@@ -0,0 +1,26 @@
+/*
+Copyright 2021 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package manifestgen
+
+// These labels can be used to track down the namespace, custom resource definitions, deployments,
+// services, network policies, service accounts, cluster roles and cluster role bindings belonging to Flux.
+const (
+	PartOfLabelKey   = "app.kubernetes.io/part-of"
+	PartOfLabelValue = "flux"
+	InstanceLabelKey = "app.kubernetes.io/instance"
+	VersionLabelKey  = "app.kubernetes.io/version"
+)

pkg/manifestgen/manifest.go

@@ -24,6 +24,8 @@ import (
 	securejoin "github.com/cyphar/filepath-securejoin"
 )
 
+const GenWarning = "# This manifest was generated by flux bootstrap. DO NOT EDIT."
+
 // Manifest holds the data of a multi-doc YAML
 type Manifest struct {
 	// Relative path to the YAML file

pkg/manifestgen/sync/sync.go

@@ -107,7 +107,7 @@ func Generate(options Options) (*manifestgen.Manifest, error) {
 
 	return &manifestgen.Manifest{
 		Path:    path.Join(options.TargetPath, options.Namespace, options.ManifestFile),
-		Content: fmt.Sprintf("---\n%s---\n%s", resourceToString(gitData), resourceToString(ksData)),
+		Content: fmt.Sprintf("%s\n---\n%s---\n%s", manifestgen.GenWarning, resourceToString(gitData), resourceToString(ksData)),
 	}, nil
 }