Bump github.com/fluxcd/image-reflector-controller/api from 0.35.2 to 1.0.0

[dependabot]

Bumps github.com/fluxcd/image-reflector-controller/api from 0.35.2 to 1.0.0.

Release notes

Sourced from github.com/fluxcd/image-reflector-controller/api's releases.

v1.0.0

Changelog

v1.0.0 changelog

Container images

• docker.io/fluxcd/image-reflector-controller:v1.0.0
• ghcr.io/fluxcd/image-reflector-controller:v1.0.0

Supported architectures: linux/amd64, linux/arm64 and linux/arm/v7.

The container images are built on GitHub hosted runners and are signed with cosign and GitHub OIDC. To verify the images and their provenance (SLSA level 3), please see the security documentation.

Changelog

Sourced from github.com/fluxcd/image-reflector-controller/api's changelog.

1.0.0

Release date: 2025-09-15

This is the first GA release of the image-reflector-controller. It comes with various bug fixes and improvements.

⚠️ The v1beta1 APIs were removed. Before upgrading the CRDs, Flux users must run flux migrate to migrate the cluster storage off v1beta1. After the upgrade, all manifests in Git which contain ImagePolicy, ImageRepository and ImageUpdateAutomation definitions must be updated to:

apiVersion: image.toolkit.fluxcd.io/v1

ImageRepository

The ImageRepository API has been promoted to v1 (GA) status. The v1 API is backwards compatible with v1beta2.

ImagePolicy

The ImagePolicy API has been promoted to v1 (GA) status. The v1 API is backwards compatible with v1beta2.

The ImagePolicy now supports the .spec.suspend field and includes .status.lastHandledReconcileAt for better reconciliation tracking. Deprecated status fields have been removed from the ImagePolicy status to clean up the API surface.

General updates

The controller now supports system certificate pools for improved CA compatibility, and TLS ServerName pinning has been removed from TLS configuration for better flexibility. A --default-service-account=<sa name> flag was introduced for workload identity multi-tenancy lockdown. The auto-login flags for cloud providers have been removed; users should now specify the .spec.provider field in ImageRepository resources for contextual authentication.

In addition, the Kubernetes dependencies have been updated to v1.34, BadgerDB has been updated to v4.8 and various other controller dependencies have been updated to their latest version. The controller is now built with Go 1.25.

Fixes:

• Fix missing TLS ServerName in ImageRepository #797

Improvements:

• Promote ImagePolicy and ImageRepository APIs to v1 (GA) #818
• Add .spec.suspend and .status.lastHandledReconcileAt for ImagePolicy #799
• Add default-service-account flag for lockdown #807
• Remove TLS ServerName pinning in TLS config creation #806
• Remove deprecated APIs in group image.toolkit.fluxcd.io/v1beta1 #805
• Remove deprecated ImagePolicy status fields #803
• Add WithSystemCertPool for CA compatibility #801

... (truncated)

Commits

• 30288d8 Merge pull request #819 from fluxcd/release-v1.0.0
• 56f9fb7 Release v1.0.0
• c87d43e Add changelog entry for v1.0.0
• 157c5be Merge pull request #818 from fluxcd/image-ga
• e5ddb53 Promote ImagePolicy and ImageRepository APIs to v1 (GA)
• 45b73c9 Merge pull request #816 from fluxcd/badger-v4
• b162d0f Upgrade badger to v4.8.0
• 07d1819 Handle controller-runtime failing to add BadgerGC
• b5a31b9 Merge pull request #815 from adri1197/update-otel
• 6eb125f Update otel packages to v1.38.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)