Bump github.com/fluxcd/kustomize-controller/api from 1.7.3 to 1.8.0

[dependabot]

Bumps github.com/fluxcd/kustomize-controller/api from 1.7.3 to 1.8.0.

Release notes

Sourced from github.com/fluxcd/kustomize-controller/api's releases.

v1.8.0

Changelog

v1.8.0 changelog

Container images

• docker.io/fluxcd/kustomize-controller:v1.8.0
• ghcr.io/fluxcd/kustomize-controller:v1.8.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

Changelog

Sourced from github.com/fluxcd/kustomize-controller/api's changelog.

1.8.0

Release date: 2026-02-17

This minor release comes with various bug fixes and improvements.

⚠️ The v1beta2 APIs were removed. Before upgrading the CRDs, Flux users must run flux migrate to migrate the cluster storage off v1beta2.

Kustomization

The controller now cancels in-progress health checks when a new reconciliation request is received, reducing the mean time to recovery (MTTR) in case of failed deployments. This is available through the CancelHealthCheckOnNewRevision feature gate, that previously worked only for new source revisions but now also works for any watch events that trigger a new reconciliation.

A custom SSA stage has been introduced, allowing Role and RoleBinding objects to be applied in the same call even when the impersonated ServiceAccount does not have a ClusterRoleBinding for cluster-admin. This can be specified with the flag --custom-apply-stage-kinds=rbac.authorization.k8s.io/Role.

Health checks now handle Jobs with TTL set to zero seconds that are deleted before or during health checking.

A DirectSourceFetch feature gate has been added to bypass cache for source objects, enabling immediate consistency for source object reads.

General updates

In addition, the Kubernetes dependencies have been updated to v1.35.0, Kustomize has been updated to v5.8.1 and the controller is now built with Go 1.26.

Fixes:

• Fix decryptor copy of auth.Option slices (avoid overrides) #1570

Improvements:

• Reduce the mean time to recovery (MTTR) in case of failed deployments #1536
• Introduce custom SSA stage #1571
• Handle Jobs with TTL in health checks #1578
• Add DirectSourceFetch feature gate to bypass cache for source objects #1586
• Remove deprecated APIs in group kustomize.toolkit.fluxcd.io/v1beta2 #1584

... (truncated)

Commits

• 40b3758 Merge pull request #1590 from fluxcd/release-v1.8.0
• 95af198 Release v1.8.0
• 51968a9 Add changelog entry for v1.8.0
• 28f721c Upgrade source-controller API to v1.8.0
• 57504a2 Merge pull request #1589 from fluxcd/update-pkg-deps/main
• 173bd8c Update fluxcd/pkg dependencies
• 0f3acff Merge pull request #1588 from fluxcd/cmd-bump
• 418da71 Introduce workflow for bumping fluxcd/pkg deps
• 4f41773 Merge pull request #1586 from dipti-pai/direct-source-fetch
• f146806 Add DirectSourceFetch feature gate to bypass cache for source objects
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)