Posts in 2022
Security: More confidence through Fuzzing
2022-02-22 in Blog
tl;dr: ADA Logics helped us moving to Fuzzing as part of their security audit. We finally implemented this for all Flux controllers. Learn here how this keeps you safer.
Next up in our blog series about Flux Security is how we implemented fuzzing in Flux and its controllers and how that makes things safer for you. Wikipedia explains Fuzzing like so: Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as …
Security: Image Provenance
2022-02-14 in Blog
tl;dr: Next up in our series of blog posts about Flux's security considerations. This time: image provenance - how to make it part of your workflow and how it keeps you safe.
Next up in our blog series about Flux Security is how and why we use signatures for the Flux CLI and all its controller images and what you can do to verify image provenance in your workflow. Since Flux 0.26 our Security Docs had this addition: The Flux CLI and the controllers' images are signed using Sigstore Cosign and GitHub OIDC. The container images along with their signatures are published …
Security: The Value of SBOMs
2022-02-07 in Blog
tl;dr: The first in our series of blog posts about Flux's security considerations. This time: what a Software Bill of Materials can do to keep you safe.
Flux - built with security in mind You don’t get to re-architect a successful project very often, but we did about two years ago. The Flux project was already off to a great start and had many happy adopters and many of its design principles we kept at the forefront of our mind: Pull vs Push: if you haven’t read this great blog post from 2018 about why you want Pull - all it says still …
January 2022 Update
2022-01-31 in Blog
tl;dr: New Flux and Flagger releases bring more security, terraform-controller team wants feedback, Flux articles and docs, upcoming Flux events helping you get started and more.
As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities which are available for integration, and where you can get involved. Read our last update here. It’s the beginning of February 2022 and you have been waiting for a long time - let’s recap together what happened in January and December- …
Posts in 2021
December 2021 Update
2021-11-30 in Blog
tl;dr: New Flux releases bring more security, update GitHub integration, add support for BitBucket Server. We need your input on new Flux RFCs, upcoming events featuring Flux and more.
As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities which are available for integration, and where you can get involved. Read last month’s update here. Let’s recap what happened in November - there has been so much happening! News in the Flux family A flurry of Flux releases The Flux …
Flux Security Audit has concluded
2021-11-10 in Blog
tl;dr: Flux just went through a CNCF-funded Security Audit. Here we publicly release and discuss the report. We also disclose our first CVE, which was fixed in Flux v0.18.0 - please upgrade as soon as you can!
As Flux is an Incubation project within the Cloud Native Computing Foundation, we were graciously granted a sponsored audit. The primary aim was to assess Flux’s fundamental security posture and to identify next steps in its security story. The audit was commissioned by the CNCF, and facilitated by OSTIF (the Open Source Technology Improvement Fund). ADA Logics was quickly brought into the …
November 2021 update
2021-10-29 in Blog
tl;dr: New releases in the Flux family (Server-Side Apply in Flux, Flagger 1.15). Max Jonas Werner (D2IQ) and Soulé Ba + Sunny (Weaveworks) are new Flux maintainers, lots of event news, Flux and OpenShift and much much more!
As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities which are available for integration, and where you can get involved. Read last month’s update here. Let’s recap what happened in October - there has been so much happening! News in the Flux family Server side apply has landed We gave you a …
October 2021 update
2021-10-01 in Blog
tl;dr: Server-side reconciliation is coming, better transport and crypto support for libgit2, Flagger 1.14, KubeCon updates, GitOps One-Stop Shop Event to show-case Flux integrated being used in big GitOps offerings, community news!
As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities which are available for integration, and where you can get involved. Read last month’s update here. Let’s recap what happened in September - there has been so much happening! Flux Project Facts We are very proud of what we put together, …
Server-side reconciliation is coming
2021-09-28 in Blog
tl;dr: The next Flux release will bring you a new reconciler based on Kubernetes "Server-Side Apply". It will make Flux more performant, observable, less error-prone and provide a generally more delightful experience. This post informs you of the changes you need to take to be able to upgrade.
tl;dr: Server-side reconciliation will make Flux more performant, improve overall observability and going forward will allow us to add new capabilities, like being able to preview local changes to manifests without pushing to upstream. ⚠ Changes required: Due to a Kubernetes issue, we require a certain set of Kubernetes releases (starting 1.16.11 - more on this below) as a minimum. The logs, …
GitOps One-Stop Shop Event
2021-09-17 in Blog
tl;dr: Flux will be part of the GitOps Days community special event again. Learn from vendors who chose Flux for their GitOps offering: Amazon, D2IQ, Microsoft, Weaveworks.
Flux is going to be center stage at the GitOps One Stop Shop Event on Oct 20th, 2021. Our friends over at GitOps Days will be hosting a special community edition to invite major players in the cloud native space who have chosen to back their GitOps offering by Flux. We are very excited that the ecosystem around GitOps is growing and so many chose Flux to bring the goodness we believe in to their …