This release comes with ECDSA as the default SSH key algorithm used by flux bootstrap and all the other commands that generate SSH keys. This change was imposed by GitHub that is no longer accepting RSA SHA-1 SSH keys.
To rotate your SSH deploy keys for the repositories bootstrapped with Flux:
- download the Flux CLI v0.21.0 binary
- delete the deploy key secret from your cluster
kubectl -n flux-system delete secret flux-system - using the Flux CLI v0.21.0 rerun
flux bootstrap githubwith the same arguments as before - Flux will generate a
ecdsa-sha2-nistp384SSH key and will update the deploy key on GitHub
CHANGELOG
- PR #2042 - @stefanprodan - Set ECDSA as the default algorithm for
flux create source git - PR #2041 - @stefanprodan - bootstrap: Set ECDSA as the default SSH key algorithm
- PR #2036 - @stefanprodan - Switch to
app.kubernetes.io/part-oflabel selector - PR #2035 - @stefanprodan - Add fetch timeout arg to create source commands
- PR #2034 - @stefanprodan - Set default ns with
FLUX_SYSTEM_NAMESPACEenv var - PR #2033 - @stefanprodan - Add flux version to issue template
- PR #2032 - @stefanprodan - Enable completion for flux tree cmd
Docker images
docker pull fluxcd/flux-cli:v0.21.0docker pull ghcr.io/fluxcd/flux-cli:v0.21.0