A new Terraform module (OpenTofu-compatible) bootstraps Flux Operator into Kubernetes clusters while solving key pain points of existing approaches. It implements a clean ownership handoff so Terraform only handles bootstrap mechanics while Flux takes over steady-state reconciliation. Key features include: no secret material in Terraform state (uses SHA-256 hashes and server-side apply instead), no two-phase apply or provider chicken-and-egg issues, support for platform prerequisites like CNI (Cilium) that must exist before Flux controllers can run, and co-location of Terraform and Flux manifests in the same repository. Migration guides are provided for users coming from the fluxcd/flux provider or previous flux-operator Terraform examples.
Table of contents
Ownership handoffSame GitOps repositorySame root module as the clusterPlatform prerequisites Flux depends onMigratingSort: