Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release argo-cd 2.9.3 #34

Merged
merged 29 commits into from
Dec 8, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
d170cdb
fix(argo-workflows): Fix outdated URL in values.yaml comments (#2328)
cloudymax Nov 3, 2023
a98dd96
chore(argo-workflows): Upgrade Argo Workflows to v3.5.1 (#2329)
yu-croco Nov 4, 2023
16f4c26
chore(deps): bump amannn/action-semantic-pull-request from 5.3.0 to 5…
dependabot[bot] Nov 4, 2023
9f8f483
chore(deps): bump helm/chart-releaser-action from 1.5.0 to 1.6.0 (#2331)
dependabot[bot] Nov 4, 2023
8b17cdf
chore(deps): bump helm/chart-testing-action from 2.6.0 to 2.6.1 (#2332)
dependabot[bot] Nov 4, 2023
f634cf6
feat(argo-cd): Upgrade Argo CD to 2.9.0 (#2318)
pdrastil Nov 6, 2023
622aee3
chore(github): Updated security documentation and CLOMonitor exemptio…
eddie-knight Nov 6, 2023
9840ebe
fix(argo-workflows): Accept multi auth mode for server (#2336)
yu-croco Nov 8, 2023
d3d9e7d
chore(github): Add yu-cruco to * in CODEOWNERS (#2338)
jmeridth Nov 8, 2023
3f2654d
fix(argo-cd): Add permission for Applications in any namespace (#2341)
yu-croco Nov 10, 2023
84c4339
chore(argo-cd): Upgrade Argo CD to v2.9.1 (#2344)
yu-croco Nov 15, 2023
a29d216
chore(argo-rollouts): Bump rollouts to 1.6.1 (#2345)
DrFaust92 Nov 15, 2023
d987472
chore(argo-rollouts): Bump rollouts to 1.6.2 (#2347)
DrFaust92 Nov 15, 2023
737b972
fix(argo-workflows): Add parameters for tuning revisionHistoryLimit a…
bodgit Nov 15, 2023
9496f2f
fix(argo-workflows): Align version label (#2342)
yu-croco Nov 15, 2023
4c25634
docs(github): typo fix in security.md (#2343)
Kripu77 Nov 15, 2023
a785560
chore(argo-workflows): Remove xip url from test to avoid confusion (#…
tico24 Nov 16, 2023
14887dd
chore(argo-cd): Replace non-existing examples with official example d…
mkilchhofer Nov 19, 2023
c183652
chore(argo-cd): Upgrade Argo CD to v2.9.2 (#2353)
yu-croco Nov 20, 2023
7f95a5f
chore(github): Update SECURITY-INSIGHTS.yml to include security-conta…
mkilchhofer Nov 27, 2023
7261dec
feat(argo-workflows): Make workflow controller ConfigMap optional (#2…
qa-florian-wende Nov 27, 2023
cabe63d
chore(argo-workflows): Upgrade Argo Workflows to v3.5.2 (#2357)
yu-croco Nov 27, 2023
f5201e7
fix(argo-rollouts): Update all rollout CRDs to match upstream (#2361)
abdolence Nov 29, 2023
f4eb968
docs(argo-cd): Add migration guide to README for Config Management Pl…
kzap Nov 29, 2023
d62aafd
docs(github): remove unnecessary qualifier in README (#2364)
crenshaw-dev Nov 30, 2023
152c04f
chore(argo-cd): Upgrade Argo CD to v2.9.3 (#2365)
yu-croco Dec 2, 2023
106404b
merge upstream argo-cd-5.51.6
yaroslav-codefresh Dec 6, 2023
287ef8f
change to fork version
yaroslav-codefresh Dec 6, 2023
01e06af
fix releaser
yaroslav-codefresh Dec 8, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions .clomonitor.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,12 @@ exemptions:
reason: "Helm deps are not currently scanned. Maintainers are watching developments to dependabot-core #2237" # Justification of this exemption (mandatory, it will be displayed on the UI)
- check: sbom
reason: "Tracking Helm dependencies is not yet a stable practice."
- check: self_assessment
reason: "Refer to self assessments supplied by the codebases Argo Helm supports."
- check: signed_releases
reason: "Argo Helm releases are made via Artifact Hub, where they are signed. The unsigned GitHub releases are for reference only."
- check: license_scanning
reason: "Temporary exemption: pending response from CNCF Service Desk"

# TODO:
# License scanning information
Expand Down
10 changes: 1 addition & 9 deletions CODEOWNERS → .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -1,14 +1,6 @@
# All
* @mkilchhofer @jmeridth
* @mkilchhofer @jmeridth @yu-croco

# Argo Workflows
/charts/argo-workflows/ @vladlosev @jmeridth @yu-croco @tico24

# Argo CD
/charts/argo-cd/ @mbevc1 @mkilchhofer @yu-croco @jmeridth @pdrastil @tico24

# Argo Events
/charts/argo-events/ @pdrastil @jmeridth @tico24

# Argo Rollouts
/charts/argo-rollouts/ @jmeridth
2 changes: 1 addition & 1 deletion .github/workflows/lint-and-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:

- name: Setup Chart Linting
id: lint
uses: helm/chart-testing-action@b43128a8b25298e1e7b043b78ea6613844e079b1 # v2.6.0
uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
with:
# Note: Also update in scripts/lint.sh
version: v3.10.0
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pr-title.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ jobs:
name: Validate PR title
runs-on: ubuntu-latest
steps:
- uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0
- uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,8 @@ jobs:
PGP_PASSPHRASE: "${{ secrets.PGP_PASSPHRASE }}"

- name: Run chart-releaser
# todo: change later to v1.6.0 (also in agro-rollouts chart)
# issue: https://github.com/helm/chart-releaser-action/issues/171
uses: helm/chart-releaser-action@be16258da8010256c6e82849661221415f031968 # v1.5.0
with:
config: "./.github/configs/cr.yaml"
Expand Down
2 changes: 2 additions & 0 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ Any breaking changes to a chart (backwards incompatible) require:

### New Application Versions

Helm charts are intended to be created for all non-patched releases of Argo CD, Workflows, Rollouts, and Events. Associated dependencies, such as Redis, will use the version recommended by the associated release.

When selecting new application versions ensure you make the following changes:

* `values.yaml`: Bump all instances of the container image version
Expand Down
3 changes: 2 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
[![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/argo)](https://artifacthub.io/packages/search?repo=argo)
[![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/argo/badge)](https://clomonitor.io/projects/cncf/argo)
[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm/badge)](https://api.securityscorecards.dev/projects/github.com/argoproj/argo-helm)
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7942/badge)](https://www.bestpractices.dev/projects/7942)

Argo Helm is a collection of **community maintained** charts for [https://argoproj.github.io](https://argoproj.github.io) projects. The charts can be added using following command:

Expand All @@ -23,7 +24,7 @@ Some users would prefer to install the CRDs _outside_ of the chart. You can disa

Helm cannot upgrade custom resource definitions in the `<chart>/crds` folder [by design](https://helm.sh/docs/chart_best_practices/custom_resource_definitions/#some-caveats-and-explanations). Our CRDs have been moved to `<chart>/templates` to address this design decision.

If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo Workflows CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:
If you are using versions of a chart that have the CRDs in the root of the chart or have elected to manage the Argo CRDs outside of the chart, please use `kubectl` to upgrade CRDs manually from [templates/crds](templates/crds/) folder or via the manifests from the upstream project repo:

Example:

Expand Down
38 changes: 38 additions & 0 deletions SECURITY-INSIGHTS.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
header:
schema-version: '1.0.0'
expiration-date: '2024-11-04T10:00:00.000Z'
project-url: https://github.com/argoproj/argo-helm
project-lifecycle:
status: active
bug-fixes-only: false
core-maintainers:
- https://github.com/mkilchhofer
- https://github.com/jmeridth
contribution-policy:
accepts-pull-requests: true
accepts-automated-pull-requests: true
automated-tools-list:
- automated-tool: dependabot
action: allowed
path:
- /
contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md
code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md
distribution-points:
- https://argoproj.github.io/argo-helm
- https://artifacthub.io/packages/search?org=argoproj&repo=argo
security-contacts:
- type: website
value: https://github.com/argoproj/argo-helm/security/advisories/new
primary: true
vulnerability-reporting:
accepts-vulnerability-reports: true
email-contact: [email protected]
security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md
comment: |
Our preferred contact method related to vulnerabilities is the Security tab on GitHub.
Click the button "Report a vulnerability" to open the advisory form.
Please refer to the security policy for reporting information prior to using the email contact.
dependencies:
env-dependencies-policy:
policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions
2 changes: 1 addition & 1 deletion SECURITY.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## Supported Versions and Upstream Reporting

Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy docueent to find out how to report the security issue.
Each helm chart currently supports the designated application version in the Chart.yaml. There is a chance a security issue you've discovered may not be with the helm chart but with the upstream application. Please visit that application's Security policy document to find out how to report the security issue.

* [Security Policy for Argo Workflows](https://github.com/argoproj/argo-workflows/blob/master/SECURITY.md)
* [Security Policy for Argo Events](https://github.com/argoproj/argo-events/blob/master/SECURITY.md)
Expand Down
12 changes: 4 additions & 8 deletions charts/argo-cd/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
apiVersion: v2
appVersion: v2.8.1-cap-CR-create-apps-with-err
appVersion: v2.9-2023.12.06-e6258156d
kubeVersion: ">=1.23.0-0"
description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes.
name: argo-cd
version: 5.50.1-2-cap-CR-create-apps-with-err
version: 5.51.6-1-cap-2.9-2023.12.06-e6258156d
home: https://github.com/argoproj/argo-helm
icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png
sources:
Expand All @@ -26,9 +26,5 @@ annotations:
fingerprint: 2B8F22F57260EFA67BE1C5824B11F800CD9D2252
url: https://argoproj.github.io/argo-helm/pgp_keys.asc
artifacthub.io/changes: |
- kind: added
description: Add priority queue to reporter
- kind: fixed
description: Fix bug with skip-current-step
- kind: fixed
description: Support creation of apps with empty dir in reporter
- kind: changed
description: Upgrade Argo CD to v2.9-2023.12.06-e6258156d
14 changes: 12 additions & 2 deletions charts/argo-cd/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -115,14 +115,22 @@ The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint
This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later.
In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start.

### 5.26.0

This version adds support for Config Management Plugins using the sidecar model and configured in a ConfigMap named `argocd-cmp-cm`.
Users will need to migrate from the previous `argocd-cm` ConfigMap method to using the sidecar method before Argo CD v2.8. See the [Argo CD CMP migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) for more specifics.

To migrate your plugins, you can now set the `configs.cmp.create` to `true` and move your plugins from `configs.cm` to `configs.cmp.plugins`.
You will also need to configure the sidecar containers under `repoServer.extraContainers` and ensure you are mounting any custom volumes you need from `repoServer.volumes` into here also.

### 5.24.0

This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
This version adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
Default `global.affinity` rules can be disabled when `none` value is used for the preset.

### 5.22.0

This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.
This version adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.

### 5.19.0

Expand Down Expand Up @@ -523,6 +531,7 @@ NAME: my-release
| configs.credentialTemplatesAnnotations | object | `{}` | Annotations to be added to `configs.credentialTemplates` Secret |
| configs.gpg.annotations | object | `{}` | Annotations to be added to argocd-gpg-keys-cm configmap |
| configs.gpg.keys | object | `{}` (See [values.yaml]) | [GnuPG] public keys to add to the keyring |
| configs.params."application.namespaces" | string | `""` | Enables [Applications in any namespace] |
| configs.params."applicationsetcontroller.enable.progressive.syncs" | bool | `false` | Enables use of the Progressive Syncs capability |
| configs.params."applicationsetcontroller.policy" | string | `"sync"` | Modify how application is synced between the generator and the cluster. One of: `sync`, `create-only`, `create-update`, `create-delete` |
| configs.params."controller.operation.processors" | int | `10` | Number of application operation processors |
Expand Down Expand Up @@ -1327,3 +1336,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[tini]: https://github.com/argoproj/argo-cd/pull/12707
[EKS EoL]: https://endoflife.date/amazon-eks
[Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions
[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace
13 changes: 11 additions & 2 deletions charts/argo-cd/README.md.gotmpl
Original file line number Diff line number Diff line change
Expand Up @@ -115,14 +115,22 @@ The manifests are now using [`tini` as entrypoint][tini], instead of `entrypoint
This means that the deployment manifests have to be updated after upgrading to Argo CD v2.7, and before upgrading to Argo CD v2.8 later.
In case the manifests are updated before moving to Argo CD v2.8, the containers will not be able to start.

### 5.26.0

This version adds support for Config Management Plugins using the sidecar model and configured in a ConfigMap named `argocd-cmp-cm`.
Users will need to migrate from the previous `argocd-cm` ConfigMap method to using the sidecar method before Argo CD v2.8. See the [Argo CD CMP migration guide](https://argo-cd.readthedocs.io/en/stable/operator-manual/config-management-plugins/#migrating-from-argocd-cm-plugins) for more specifics.

To migrate your plugins, you can now set the `configs.cmp.create` to `true` and move your plugins from `configs.cm` to `configs.cmp.plugins`.
You will also need to configure the sidecar containers under `repoServer.extraContainers` and ensure you are mounting any custom volumes you need from `repoServer.volumes` into here also.

### 5.24.0

This versions adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
This version adds additional global parameters for scheduling (`nodeSelector`, `tolerations`, `topologySpreadConstraints`).
Default `global.affinity` rules can be disabled when `none` value is used for the preset.

### 5.22.0

This versions adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.
This version adds `global.affinity` options that are used as a presets. Override on component level works as before and replaces the default preset completely.

### 5.19.0

Expand Down Expand Up @@ -562,3 +570,4 @@ Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/
[tini]: https://github.com/argoproj/argo-cd/pull/12707
[EKS EoL]: https://endoflife.date/amazon-eks
[Kubernetes Compatibility Matrix]: https://argo-cd.readthedocs.io/en/stable/operator-manual/installation/#supported-versions
[Applications in any namespace]: https://argo-cd.readthedocs.io/en/stable/operator-manual/app-any-namespace/#applications-in-any-namespace
12 changes: 12 additions & 0 deletions charts/argo-cd/templates/argocd-applicationset/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,18 @@ spec:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_ANNOTATIONS
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.global.preserved.annotations
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_GLOBAL_PRESERVED_LABELS
valueFrom:
configMapKeyRef:
key: applicationsetcontroller.global.preserved.labels
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_APPLICATIONSET_CONTROLLER_ENABLE_LEADER_ELECTION
valueFrom:
configMapKeyRef:
Expand Down
12 changes: 12 additions & 0 deletions charts/argo-cd/templates/argocd-repo-server/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -231,6 +231,18 @@ spec:
key: reposerver.streamed.manifest.max.extracted.size
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_HELM_MANIFEST_MAX_EXTRACTED_SIZE
valueFrom:
configMapKeyRef:
key: reposerver.helm.manifest.max.extracted.size
name: argocd-cmd-params-cm
optional: true
- name: ARGOCD_REPO_SERVER_DISABLE_HELM_MANIFEST_MAX_EXTRACTED_SIZE
valueFrom:
configMapKeyRef:
name: argocd-cmd-params-cm
key: reposerver.disable.helm.manifest.max.extracted.size
optional: true
- name: ARGOCD_GIT_MODULES_ENABLED
valueFrom:
configMapKeyRef:
Expand Down
4 changes: 4 additions & 0 deletions charts/argo-cd/templates/argocd-server/clusterrole.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@ rules:
- events
verbs:
- list
{{- if (index .Values.configs.params "application.namespaces") }}
- create
{{- end }}
- apiGroups:
- ""
resources:
Expand All @@ -40,6 +43,7 @@ rules:
- argoproj.io
resources:
- applications
- applicationsets
verbs:
- get
- list
Expand Down
Loading