Flux CD Integration - ChangeGuard

ChangeGuard watches Flux CD custom resources directly via the Kubernetes API inside the cluster — no Flux API tokens required, and it works even on clusters the ChangeGuard control plane can’t reach.

Tracked Resources

CRD	Data
`Kustomization`	Status, last applied revision, ready condition
`HelmRelease`	Chart, version, status, values drift
`GitRepository`	URL, branch, last fetched revision
`OCIRepository`	URL, tag, last fetched digest
`Bucket`	Endpoint, bucket name, status

Configuration

Enable Flux discovery on the ChangeGuardAgent resource:

spec:
  gitops:
    flux:
      enabled: true

Or set gitops.flux.enabled=true via Helm. When enabled, the collector reads Kustomizations, HelmReleases, and Sources directly and posts a GitOps snapshot that persists across backend restarts and replicas.

ArgoCD Integration Fleet Comparison

​Tracked Resources

​Configuration

Tracked Resources

Configuration