Merge branch 'renovate/flux-flux' into 'master'

Update Flux Docker tags See merge request platform-one/big-bang/bigbang!1316

Merge branch 'renovate/flux-flux' into 'master'
94cc8826 · Micah Nagel · 64f68a38 · ae7c2e08 · 94cc8826 · 94cc8826
Commit 94cc8826 authored 3 years ago by Micah Nagel
--- a/base/flux/gotk-components.yaml
+++ b/base/flux/gotk-components.yaml
 ---
-# Flux version: v0.24.0
+# Flux Version: v0.26.1
-# Sourced from https://github.com/fluxcd/flux2/releases assets -> install.yaml
-# Then remove all components (including CRDs) that aren't part of the below list (should just be the image components)
 # Components: source-controller,kustomize-controller,helm-controller,notification-controller
 apiVersion: v1
 kind: Namespace
@@ -9,19 +7,21 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
+    pod-security.kubernetes.io/warn: restricted
+    pod-security.kubernetes.io/warn-version: latest
  name: flux-system
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.5.0
+    controller-gen.kubebuilder.io/version: v0.7.0
  creationTimestamp: null
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: alerts.notification.toolkit.fluxcd.io
 spec:
  group: notification.toolkit.fluxcd.io
@@ -233,7 +233,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: buckets.source.toolkit.fluxcd.io
 spec:
  group: source.toolkit.fluxcd.io
@@ -245,8 +245,8 @@ spec:
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
-    - jsonPath: .spec.url
+    - jsonPath: .spec.endpoint
-      name: URL
+      name: Endpoint
      type: string
    - jsonPath: .status.conditions[?(@.type=="Ready")].status
      name: Ready
@@ -358,6 +358,8 @@ spec:
            - interval
            type: object
          status:
+            default:
+              observedGeneration: -1
            description: BucketStatus defines the observed state of a bucket
            properties:
              artifact:
@@ -491,7 +493,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: gitrepositories.source.toolkit.fluxcd.io
 spec:
  group: source.toolkit.fluxcd.io
@@ -685,6 +687,8 @@ spec:
            - url
            type: object
          status:
+            default:
+              observedGeneration: -1
            description: GitRepositoryStatus defines the observed state of a Git repository.
            properties:
              artifact:
@@ -848,7 +852,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: helmcharts.source.toolkit.fluxcd.io
 spec:
  group: source.toolkit.fluxcd.io
@@ -998,6 +1002,8 @@ spec:
            - sourceRef
            type: object
          status:
+            default:
+              observedGeneration: -1
            description: HelmChartStatus defines the observed state of the HelmChart.
            properties:
              artifact:
@@ -1125,12 +1131,12 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.5.0
+    controller-gen.kubebuilder.io/version: v0.7.0
  creationTimestamp: null
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: helmreleases.helm.toolkit.fluxcd.io
 spec:
  group: helm.toolkit.fluxcd.io
@@ -1435,11 +1441,20 @@ spec:
                                  with an array of operation objects.
                                items:
                                  description: JSON6902 is a JSON6902 operation object.
-                                    https://tools.ietf.org/html/rfc6902#section-4
+                                    https://datatracker.ietf.org/doc/html/rfc6902#section-4
                                  properties:
                                    from:
+                                      description: From contains a JSON-pointer value
+                                        that references a location within the target
+                                        document where the operation is performed.
+                                        The meaning of the value depends on the value
+                                        of Op, and is NOT taken into account by all
+                                        operations.
                                      type: string
                                    op:
+                                      description: Op indicates the operation to perform.
+                                        Its value MUST be one of "add", "remove",
+                                        "replace", "move", "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
                                      enum:
                                      - test
                                      - remove
@@ -1449,8 +1464,17 @@ spec:
                                      - copy
                                      type: string
                                    path:
+                                      description: Path contains the JSON-pointer
+                                        value that references a location within the
+                                        target document where the operation is performed.
+                                        The meaning of the value depends on the value
+                                        of Op.
                                      type: string
                                    value:
+                                      description: Value contains a valid JSON structure.
+                                        The meaning of the value depends on the value
+                                        of Op, and is NOT taken into account by all
+                                        operations.
                                      x-kubernetes-preserve-unknown-fields: true
                                  required:
                                  - op
@@ -1890,7 +1914,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: helmrepositories.source.toolkit.fluxcd.io
 spec:
  group: source.toolkit.fluxcd.io
@@ -2003,6 +2027,8 @@ spec:
            - url
            type: object
          status:
+            default:
+              observedGeneration: -1
            description: HelmRepositoryStatus defines the observed state of the HelmRepository.
            properties:
              artifact:
@@ -2130,12 +2156,12 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.5.0
+    controller-gen.kubebuilder.io/version: v0.7.0
  creationTimestamp: null
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: kustomizations.kustomize.toolkit.fluxcd.io
 spec:
  group: kustomize.toolkit.fluxcd.io
@@ -2305,13 +2331,12 @@ spec:
                  objects, capable of targeting objects based on kind, label and annotation
                  selectors.
                items:
-                  description: Patch contains either a StrategicMerge or a JSON6902
+                  description: Patch contains an inline StrategicMerge or JSON6902
-                    patch, either a file or inline, and the target the patch should
+                    patch, and the target the patch should be applied to.
-                    be applied to.
                  properties:
                    patch:
-                      description: Patch contains the JSON6902 patch document with
+                      description: Patch contains an inline StrategicMerge patch or
-                        an array of operation objects.
+                        an inline JSON6902 patch with an array of operation objects.
                      type: string
                    target:
                      description: Target points to the resources that the patch document
@@ -2362,11 +2387,18 @@ spec:
                      description: Patch contains the JSON6902 patch document with
                        an array of operation objects.
                      items:
-                        description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4
+                        description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4
                        properties:
                          from:
+                            description: From contains a JSON-pointer value that references
+                              a location within the target document where the operation
+                              is performed. The meaning of the value depends on the
+                              value of Op, and is NOT taken into account by all operations.
                            type: string
                          op:
+                            description: Op indicates the operation to perform. Its
+                              value MUST be one of "add", "remove", "replace", "move",
+                              "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
                            enum:
                            - test
                            - remove
@@ -2376,8 +2408,15 @@ spec:
                            - copy
                            type: string
                          path:
+                            description: Path contains the JSON-pointer value that
+                              references a location within the target document where
+                              the operation is performed. The meaning of the value
+                              depends on the value of Op.
                            type: string
                          value:
+                            description: Value contains a valid JSON structure. The
+                              meaning of the value depends on the value of Op, and
+                              is NOT taken into account by all operations.
                            x-kubernetes-preserve-unknown-fields: true
                        required:
                        - op
@@ -2828,13 +2867,12 @@ spec:
                  objects, capable of targeting objects based on kind, label and annotation
                  selectors.
                items:
-                  description: Patch contains either a StrategicMerge or a JSON6902
+                  description: Patch contains an inline StrategicMerge or JSON6902
-                    patch, either a file or inline, and the target the patch should
+                    patch, and the target the patch should be applied to.
-                    be applied to.
                  properties:
                    patch:
-                      description: Patch contains the JSON6902 patch document with
+                      description: Patch contains an inline StrategicMerge patch or
-                        an array of operation objects.
+                        an inline JSON6902 patch with an array of operation objects.
                      type: string
                    target:
                      description: Target points to the resources that the patch document
@@ -2886,11 +2924,18 @@ spec:
                      description: Patch contains the JSON6902 patch document with
                        an array of operation objects.
                      items:
-                        description: JSON6902 is a JSON6902 operation object. https://tools.ietf.org/html/rfc6902#section-4
+                        description: JSON6902 is a JSON6902 operation object. https://datatracker.ietf.org/doc/html/rfc6902#section-4
                        properties:
                          from:
+                            description: From contains a JSON-pointer value that references
+                              a location within the target document where the operation
+                              is performed. The meaning of the value depends on the
+                              value of Op, and is NOT taken into account by all operations.
                            type: string
                          op:
+                            description: Op indicates the operation to perform. Its
+                              value MUST be one of "add", "remove", "replace", "move",
+                              "copy", or "test". https://datatracker.ietf.org/doc/html/rfc6902#section-4
                            enum:
                            - test
                            - remove
@@ -2900,8 +2945,15 @@ spec:
                            - copy
                            type: string
                          path:
+                            description: Path contains the JSON-pointer value that
+                              references a location within the target document where
+                              the operation is performed. The meaning of the value
+                              depends on the value of Op.
                            type: string
                          value:
+                            description: Value contains a valid JSON structure. The
+                              meaning of the value depends on the value of Op, and
+                              is NOT taken into account by all operations.
                            x-kubernetes-preserve-unknown-fields: true
                        required:
                        - op
@@ -3205,11 +3257,12 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.5.0
+    controller-gen.kubebuilder.io/version: v0.7.0
  creationTimestamp: null
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
+    app.kubernetes.io/version: v0.26.1
  name: providers.notification.toolkit.fluxcd.io
 spec:
  group: notification.toolkit.fluxcd.io
@@ -3408,12 +3461,12 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
  annotations:
-    controller-gen.kubebuilder.io/version: v0.5.0
+    controller-gen.kubebuilder.io/version: v0.7.0
  creationTimestamp: null
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: receivers.notification.toolkit.fluxcd.io
 spec:
  group: notification.toolkit.fluxcd.io
@@ -3630,7 +3683,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: helm-controller
  namespace: flux-system
 ---
@@ -3640,7 +3693,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: kustomize-controller
  namespace: flux-system
 ---
@@ -3650,7 +3703,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: notification-controller
  namespace: flux-system
 ---
@@ -3660,7 +3713,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: source-controller
  namespace: flux-system
 ---
@@ -3670,8 +3723,8 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
-  name: crd-controller
+  name: crd-controller-flux-system
 rules:
 - apiGroups:
  - source.toolkit.fluxcd.io
@@ -3751,8 +3804,8 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
-  name: cluster-reconciler
+  name: cluster-reconciler-flux-system
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
@@ -3771,12 +3824,12 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
-  name: crd-controller
+  name: crd-controller-flux-system
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
-  name: crd-controller
+  name: crd-controller-flux-system
 subjects:
 - kind: ServiceAccount
  name: kustomize-controller
@@ -3790,6 +3843,12 @@ subjects:
 - kind: ServiceAccount
  name: notification-controller
  namespace: flux-system
+- kind: ServiceAccount
+  name: image-reflector-controller
+  namespace: flux-system
+- kind: ServiceAccount
+  name: image-automation-controller
+  namespace: flux-system
 ---
 apiVersion: v1
 kind: Service
@@ -3797,7 +3856,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
    control-plane: controller
  name: notification-controller
  namespace: flux-system
@@ -3817,7 +3876,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
    control-plane: controller
  name: source-controller
  namespace: flux-system
@@ -3837,7 +3896,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
    control-plane: controller
  name: webhook-receiver
  namespace: flux-system
@@ -3857,7 +3916,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
    control-plane: controller
  name: helm-controller
  namespace: flux-system
@@ -3876,8 +3935,8 @@ spec:
    spec:
      containers:
      - args:
-        - --events-addr=http://notification-controller/
+        - --events-addr=http://notification-controller.flux-system.svc.cluster.local/
-        - --watch-all-namespaces
+        - --watch-all-namespaces=true
        - --log-level=info
        - --log-encoding=json
        - --enable-leader-election
@@ -3886,7 +3945,7 @@ spec:
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
-        image: fluxcd/helm-controller:v0.14.0
+        image: ghcr.io/fluxcd/helm-controller:v0.16.0
        imagePullPolicy: IfNotPresent
        livenessProbe:
          httpGet:
@@ -3896,6 +3955,7 @@ spec:
        ports:
        - containerPort: 8080
          name: http-prom
+          protocol: TCP
        - containerPort: 9440
          name: healthz
          protocol: TCP
@@ -3912,10 +3972,18 @@ spec:
            memory: 64Mi
        securityContext:
          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
          readOnlyRootFilesystem: true
+          runAsNonRoot: true
+          seccompProfile:
+            type: RuntimeDefault
        volumeMounts:
        - mountPath: /tmp
          name: temp
+      nodeSelector:
+        kubernetes.io/os: linux
      serviceAccountName: helm-controller
      terminationGracePeriodSeconds: 600
      volumes:
@@ -3928,7 +3996,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
    control-plane: controller
  name: kustomize-controller
  namespace: flux-system
@@ -3947,8 +4015,8 @@ spec:
    spec:
      containers:
      - args:
-        - --events-addr=http://notification-controller/
+        - --events-addr=http://notification-controller.flux-system.svc.cluster.local/
-        - --watch-all-namespaces
+        - --watch-all-namespaces=true
        - --log-level=info
        - --log-encoding=json
        - --enable-leader-election
@@ -3957,7 +4025,7 @@ spec:
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
-        image: fluxcd/kustomize-controller:v0.18.1
+        image: ghcr.io/fluxcd/kustomize-controller:v0.20.0
        imagePullPolicy: IfNotPresent
        livenessProbe:
          httpGet:
@@ -3967,6 +4035,7 @@ spec:
        ports:
        - containerPort: 8080
          name: http-prom
+          protocol: TCP
        - containerPort: 9440
          name: healthz
          protocol: TCP
@@ -3983,10 +4052,18 @@ spec:
            memory: 64Mi
        securityContext:
          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
          readOnlyRootFilesystem: true
+          runAsNonRoot: true
+          seccompProfile:
+            type: RuntimeDefault
        volumeMounts:
        - mountPath: /tmp
          name: temp
+      nodeSelector:
+        kubernetes.io/os: linux
      securityContext:
        fsGroup: 1337
      serviceAccountName: kustomize-controller
@@ -4001,7 +4078,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
    control-plane: controller
  name: notification-controller
  namespace: flux-system
@@ -4020,7 +4097,7 @@ spec:
    spec:
      containers:
      - args:
-        - --watch-all-namespaces
+        - --watch-all-namespaces=true
        - --log-level=info
        - --log-encoding=json
        - --enable-leader-election
@@ -4029,7 +4106,7 @@ spec:
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
-        image: fluxcd/notification-controller:v0.19.0
+        image: ghcr.io/fluxcd/notification-controller:v0.21.0
        imagePullPolicy: IfNotPresent
        livenessProbe:
          httpGet:
@@ -4039,10 +4116,13 @@ spec:
        ports:
        - containerPort: 9090
          name: http
+          protocol: TCP
        - containerPort: 9292
          name: http-webhook
+          protocol: TCP
        - containerPort: 8080
          name: http-prom
+          protocol: TCP
        - containerPort: 9440
          name: healthz
          protocol: TCP
@@ -4059,10 +4139,18 @@ spec:
            memory: 64Mi
        securityContext:
          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
          readOnlyRootFilesystem: true
+          runAsNonRoot: true
+          seccompProfile:
+            type: RuntimeDefault
        volumeMounts:
        - mountPath: /tmp
          name: temp
+      nodeSelector:
+        kubernetes.io/os: linux
      serviceAccountName: notification-controller
      terminationGracePeriodSeconds: 10
      volumes:
@@ -4075,7 +4163,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
    control-plane: controller
  name: source-controller
  namespace: flux-system
@@ -4096,8 +4184,8 @@ spec:
    spec:
      containers:
      - args:
-        - --events-addr=http://notification-controller/
+        - --events-addr=http://notification-controller.flux-system.svc.cluster.local/
-        - --watch-all-namespaces
+        - --watch-all-namespaces=true
        - --log-level=info
        - --log-encoding=json
        - --enable-leader-election
@@ -4108,7 +4196,7 @@ spec:
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
-        image: fluxcd/source-controller:v0.19.0
+        image: ghcr.io/fluxcd/source-controller:v0.21.1
        imagePullPolicy: IfNotPresent
        livenessProbe:
          httpGet:
@@ -4118,10 +4206,13 @@ spec:
        ports:
        - containerPort: 9090
          name: http
+          protocol: TCP
        - containerPort: 8080
          name: http-prom
+          protocol: TCP
        - containerPort: 9440
          name: healthz
+          protocol: TCP
        readinessProbe:
          httpGet:
            path: /
@@ -4135,12 +4226,20 @@ spec:
            memory: 64Mi
        securityContext:
          allowPrivilegeEscalation: false
+          capabilities:
+            drop:
+            - ALL
          readOnlyRootFilesystem: true
+          runAsNonRoot: true
+          seccompProfile:
+            type: RuntimeDefault
        volumeMounts:
        - mountPath: /data
          name: data
        - mountPath: /tmp
          name: tmp
+      nodeSelector:
+        kubernetes.io/os: linux
      securityContext:
        fsGroup: 1337
      serviceAccountName: source-controller
@@ -4157,7 +4256,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: allow-egress
  namespace: flux-system
 spec:
@@ -4177,7 +4276,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: allow-scraping
  namespace: flux-system
 spec:
@@ -4197,7 +4296,7 @@ metadata:
  labels:
    app.kubernetes.io/instance: flux-system
    app.kubernetes.io/part-of: flux
-    app.kubernetes.io/version: v0.24.0
+    app.kubernetes.io/version: v0.26.1
  name: allow-webhooks
  namespace: flux-system
 spec:
@@ -4209,4 +4308,3 @@ spec:
      app: notification-controller
  policyTypes:
  - Ingress
---
--- a/base/flux/kustomization.yaml
+++ b/base/flux/kustomization.yaml
@@ -4,18 +4,18 @@ resources:
 # update flux components to use ironbank images
 images:
- name: fluxcd/helm-controller
+- name: ghcr.io/fluxcd/helm-controller
  newName: registry1.dso.mil/ironbank/fluxcd/helm-controller
-  newTag: v0.14.0
+  newTag: v0.16.0
- name: fluxcd/kustomize-controller
+- name: ghcr.io/fluxcd/kustomize-controller
  newName: registry1.dso.mil/ironbank/fluxcd/kustomize-controller
-  newTag: v0.18.1
+  newTag: v0.20.0
- name: fluxcd/notification-controller
+- name: ghcr.io/fluxcd/notification-controller
  newName: registry1.dso.mil/ironbank/fluxcd/notification-controller
-  newTag: v0.19.0
+  newTag: v0.21.0
- name: fluxcd/source-controller
+- name: ghcr.io/fluxcd/source-controller
  newName: registry1.dso.mil/ironbank/fluxcd/source-controller
-  newTag: v0.19.1
+  newTag: v0.21.1
 patches:
  - target:

--- a/renovate.json
+++ b/renovate.json
@@ -2,7 +2,7 @@
    "baseBranches": ["master"],
    "configWarningReuseIssue": false,
    "dependencyDashboard": true,
-    "dependencyDashboardHeader": "- [ ] If there are Flux updates: Update [Flux manifests](https://repo1.dso.mil/platform-one/big-bang/bigbang/-/blob/master/base/flux/gotk-components.yaml) to latest version based off available image versions.",
+    "dependencyDashboardHeader": "- [ ] If there are Flux updates: Update your Flux CLI to the latest version possible based on available IB images, then from the root of the bigbang repository, run `flux install --components source-controller,kustomize-controller,helm-controller,notification-controller --export > base/flux/gotk-components.yaml` to generate the latest manifests",
    "dependencyDashboardTitle": "Renovate: Update Dependencies",
    "draftPR": true,
    "enabledManagers": ["helm-values","regex"],