This release comes with ECDSA as the default SSH key algorithm used by flux bootstrap
and all the other commands that generate SSH keys. This change was imposed by GitHub that is no longer accepting RSA SHA-1 SSH keys.
To rotate your SSH deploy keys for the repositories bootstrapped with Flux:
- download the Flux CLI v0.21.0 binary
- delete the deploy key secret from your cluster
kubectl -n flux-system delete secret flux-system
- using the Flux CLI v0.21.0 rerun
flux bootstrap github
with the same arguments as before - Flux will generate a
ecdsa-sha2-nistp384
SSH key and will update the deploy key on GitHub
CHANGELOG
- PR #2042 - @stefanprodan - Set ECDSA as the default algorithm for
flux create source git
- PR #2041 - @stefanprodan - bootstrap: Set ECDSA as the default SSH key algorithm
- PR #2036 - @stefanprodan - Switch to
app.kubernetes.io/part-of
label selector - PR #2035 - @stefanprodan - Add fetch timeout arg to create source commands
- PR #2034 - @stefanprodan - Set default ns with
FLUX_SYSTEM_NAMESPACE
env var - PR #2033 - @stefanprodan - Add flux version to issue template
- PR #2032 - @stefanprodan - Enable completion for flux tree cmd
Docker images
docker pull fluxcd/flux-cli:v0.21.0
docker pull ghcr.io/fluxcd/flux-cli:v0.21.0