v0.13.0

• (github-actions[bot]) released this 2025-07-23 15:09:14 +0000 UTC*

Notable changes

• HelmOps and OCI storage receive new features and are no longer experimental
• Improved traceability for built images
• More accurate and lightweight resource status updates

Additions

• Fleet now supports a new, user-driven bundle scan method, for more flexibility. The usual scanning method is still supported (docs), by @0xavi0 in https://github.com/rancher/fleet/pull/3480
• When using SSH to point to a git repository, Fleet checks host keys by default, rejecting connection attempts to unknown hosts (docs), by @weyfonk in https://github.com/rancher/fleet/pull/3523
• Replica counts are now configurable, for controllers as well as agents (docs), by @p-se in https://github.com/rancher/fleet/pull/3457
• Fleet can now handle a separate webhook secret for each GitRepo (docs), by @0xavi0 in https://github.com/rancher/fleet/pull/3490
• Fleet charts support extra labels and annotations, propagating them to controller deployments by @0xavi0 in https://github.com/rancher/fleet/pull/3531 and by @p-se in https://github.com/rancher/fleet/pull/3664
• Agent leader election is now configurable (example), by @p-se in https://github.com/rancher/fleet/pull/3463
• The old service account migration is removed by @weyfonk in https://github.com/rancher/fleet/pull/3601
• Fleet no longer computes resource keys in bundle statuses by @manno in https://github.com/rancher/fleet/pull/3681
• Fleet supports new gitjob metrics (docs) by @p-se in https://github.com/rancher/fleet/pull/3649
• Agent management is now able to use a label to skip clusters by @manno in https://github.com/rancher/fleet/pull/3744

HelmOps

HelmOps is no longer experimental.

HelmOp resources (renamed from HelmApp) now support:

• Polling Helm repositories
• Semantic versioning constraints (with this known issue for OCI charts)
• Preventing bundle naming collision between GitOps and HelmOps bundles
• Installing Helm charts in setups with strict TLS mode enabled

Metrics and cluster statuses now include HelmOps data. See the Fleet documentation for more details.

OCI Storage

OCI storage is no longer experimental, and is enabled by default, although bundles will not use it by default. It can still be disabled by setting OCI_STORAGE=false in extraEnv when installing Fleet.

It also supports garbage collection on a best-effort basis, as well as improved traceability of secrets used in OCI storage. This includes labeling the secrets that Fleet clones to downstream clusters and generating an event if deleting an OCI artifact results in an error.

See the Fleet documentation for more details.

Traceability improvements

Provenance of Docker manifests is now attested. Patch by @thardeck in https://github.com/rancher/fleet/pull/3846

Bugfixes

• Status updates have received special attention:

  • GitRepo statuses are now more stable when multiple bundles are non-ready by @rbreddy in https://github.com/rancher/fleet/pull/3485
  • GitRepo status updates are optimised by @rbreddy in https://github.com/rancher/fleet/pull/3604
  • GitRepo status reconciliations from bundle status changes now uses a delay, to optimise performance when multiple changes happen within a short time span by @aruiz14 in https://github.com/rancher/fleet/pull/3558
  • Bundledeployment status updates are optimised by @manno in https://github.com/rancher/fleet/pull/3887
  • Drift detection no longer leads to resource updates with empty diffs by @aruiz14 in https://github.com/rancher/fleet/pull/3555
  • Fleet uses newer readiness detection fixes from Wrangler, to improve readiness detection for some resources by @weyfonk in https://github.com/rancher/fleet/pull/3853
  • Downstream agents are able to report their statuses upstream again by @manno in https://github.com/rancher/fleet/pull/3702

• And life cycles of resources have not been left behind:

  • New filters against cluster events trigger bundle deployment creation less often by @manno in https://github.com/rancher/fleet/pull/3796
  • Fleet now deletes bundle deployments which are obsolete as a result of either:
    • no longer being targeted by @0xavi0 in https://github.com/rancher/fleet/pull/3509
    • GitRepo/Bundle targets changes by @aruiz14 in https://github.com/rancher/fleet/pull/3438

• The Fleet CLI:

  • Returns more readable error messages when used in git jobs by @0xavi0 in https://github.com/rancher/fleet/pull/3559
  • Uses the controller-runtime client, patch by @0xavi0 in https://github.com/rancher/fleet/pull/3670

• Configuration is now more robust:

  • Config updates trigger cluster imports in a more selective way:
    • Only for changes to relevant fields by @weyfonk in https://github.com/rancher/fleet/pull/3551
    • Only if a valid apiServerURL is available by @aruiz14 in https://github.com/rancher/fleet/pull/3837
  • Using options.Helm could previously cause panics, fixed by @0xavi0 in https://github.com/rancher/fleet/pull/3567
  • Creating a GitRepo with an empty repo URL is no longer possible, by @weyfonk in https://github.com/rancher/fleet/pull/3582
  • Bundle deployments' and HelmOps' ignore options are now omitted when empty by @weyfonk in https://github.com/rancher/fleet/pull/3842

And also:

• Failing to download a chart returns a more informative error by @0xavi0 in https://github.com/rancher/fleet/pull/3593
• Using SSH with keys to download Helm charts should work again by @p-se in https://github.com/rancher/fleet/pull/3863

What's Changed

• The benchmark suite:

  • Outputs a report improved by @manno in https://github.com/rancher/fleet/pull/3550
  • Skips the create-150-bundle benchmark when targeting more than 1000 clusters by @manno in https://github.com/rancher/fleet/pull/3861

• Helm and OCI access secrets cloned to downstream clusters use specific secret types by @weyfonk in https://github.com/rancher/fleet/pull/3647

• Fleet uses secrets for storing OCI registry details by @0xavi0 in https://github.com/rancher/fleet/pull/3692

• When a GitRepo is deleted, so are its metrics by @p-se in https://github.com/rancher/fleet/pull/3686

• fleet apply has received a few tweaks, enabling it to scan bundles concurrently by @aruiz14 in https://github.com/rancher/fleet/pull/3721

• Fleet's rollout feature has shiny new docs, check them out!

• Rate limiting settings now use defaults from Kubernetes' client-go instead of disabling rate limiting altogether, by @manno in https://github.com/rancher/fleet/pull/3848

• This version bumps Go to 1.24.0 by @thardeck in https://github.com/rancher/fleet/pull/3679

• Fleet v0.13.0 supports Kubernetes 1.33, by @thardeck in https://github.com/rancher/fleet/pull/3734

New Contributors

• @rbreddy made their first contribution in https://github.com/rancher/fleet/pull/3485

Full Changelog: https://github.com/rancher/fleet/compare/v0.13.0-rc.3...v0.13.0

Download

• fleet-0.13.0.tgz

• fleet-agent-0.13.0.tgz

• fleet-crd-0.13.0.tgz

• fleet-benchmark-windows-amd64.exe

• fleet_0.13.0_checksums.txt

• fleet-benchmark-darwin-arm64

• fleet-benchmark-linux-arm64

• fleet-benchmark-linux-amd64

• fleet-windows-amd64.exe

• fleetagent-linux-amd64

• fleet-linux-arm64

• fleetcontroller-linux-arm64

• fleet-darwin-arm64

• fleetagent-windows-amd64.exe

• fleet-linux-amd64

• fleetagent-linux-arm64

• fleetcontroller-linux-amd64

Information retrieved from here