Flux DNS lookups for Helm Releases

How to allow Helm DNS lookups

By default, the helm-controller will not perform DNS lookups when rendering Helm templates in clusters because of potential security implications.

To enable DNS lookups during bootstrap add the following patches to the flux-system kustomization.yaml:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  - gotk-components.yaml
  - gotk-sync.yaml
patches:
  - patch: |
      # Allow Helm DNS lookups
      - op: add
        path: /spec/template/spec/containers/0/args/-
        value: --feature-gates=AllowDNSLookups=true      
    target:
      kind: Deployment
      name: helm-controller

Last modified 2023-08-17: Add bootstrap configuration tasks (3ac6e66)